Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/OfZcVjV1QSPsIUqHYDxmY5efik4.roa
File:                     OfZcVjV1QSPsIUqHYDxmY5efik4.roa (raw, json)
Hash identifier:          ne33GfCcu5WdcKC4u14oqfRnkrAiw0Fwd1IKug/7BBI=
Subject key identifier:   39:F6:5C:56:35:75:41:23:EC:21:4A:87:60:3C:66:63:97:9F:8A:4E
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       E0
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OfZcVjV1QSPsIUqHYDxmY5efik4.roa
Signing time:             Wed 24 May 2023 16:03:03 +0000
ROA not before:           Wed 24 May 2023 16:03:03 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.132.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 224 (0xe0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:03:03 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=39F65C5635754123EC214A87603C6663979F8A4E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:6a:da:0a:ad:79:f4:4c:67:2f:9d:b0:d6:02:
                    5c:d3:e2:c6:ce:d3:e7:8a:90:eb:47:df:9b:08:1a:
                    ea:37:50:c7:72:87:ce:be:92:8e:60:fa:9f:55:cb:
                    c7:c2:5c:3e:5f:e9:5e:fd:4b:fc:f1:ce:d1:a0:00:
                    fd:86:f2:41:91:a6:f4:c6:a1:ba:20:6a:56:12:0b:
                    2f:c4:82:ed:e2:60:22:60:9e:89:fc:20:6a:c7:c5:
                    49:d0:06:35:9d:fc:26:f6:9b:78:09:4a:9c:ca:05:
                    a7:6f:40:3d:06:5c:02:c3:a7:55:7b:60:ae:b3:da:
                    98:e3:42:c5:d2:90:4c:98:10:77:10:8c:b5:62:86:
                    92:42:5a:a1:58:e4:0f:0b:f6:0f:e3:21:18:ed:31:
                    b6:b8:39:b6:59:51:41:3a:47:d6:12:26:29:fe:06:
                    95:05:7e:a0:55:68:27:9b:3b:ef:d9:67:94:c8:2a:
                    26:1a:bc:11:42:ed:d3:b2:e3:fd:23:b8:ba:06:31:
                    43:84:4f:00:75:cb:91:d7:05:b5:fa:af:83:b6:60:
                    39:ea:44:91:6d:ca:0c:15:da:b8:90:de:8c:9d:a8:
                    7c:c8:10:54:7c:88:28:07:5d:75:95:17:20:e9:96:
                    2d:63:a7:11:7d:d4:3c:70:ce:3b:75:1e:d0:1c:96:
                    94:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:F6:5C:56:35:75:41:23:EC:21:4A:87:60:3C:66:63:97:9F:8A:4E
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OfZcVjV1QSPsIUqHYDxmY5efik4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:98:e1:34:f1:9f:3b:e2:de:16:1c:32:66:09:41:ee:32:5c:
         1d:ea:05:cc:9a:b7:50:c0:1c:1b:10:8b:7e:78:cc:f1:47:68:
         32:e2:5e:c0:de:e9:52:9b:e4:76:64:05:c6:f4:1d:17:92:f8:
         18:0a:c7:ca:3c:1c:94:84:83:6b:ab:ad:17:80:ca:58:e2:84:
         74:1e:f8:41:03:dc:be:2a:1f:dc:d9:fb:25:cb:99:e2:93:80:
         36:1b:a8:71:47:0a:05:8a:5b:16:e6:5d:e4:1e:a7:86:01:e0:
         6a:20:a6:59:12:47:e9:15:a7:5e:2a:58:10:04:6f:0d:b7:46:
         db:64:80:8c:35:c9:5d:c5:92:43:92:7d:36:df:6e:da:c9:25:
         02:65:21:27:0b:7c:ca:f8:9b:e9:2d:07:3a:81:35:1a:06:58:
         de:ee:8a:8e:f7:6f:c0:15:a2:b4:1c:46:a0:04:92:ca:83:9d:
         58:c1:9c:a8:b4:c1:a3:cf:71:a1:dc:97:93:0b:a6:ba:ad:ce:
         82:6d:59:b7:3d:ca:6b:3f:45:af:19:64:97:4d:a7:93:d7:30:
         e8:d1:03:ca:7d:8e:96:a2:13:31:d1:8f:81:de:5f:38:ba:aa:
         4b:49:e1:23:59:8f:a9:58:f3:5d:98:99:49:28:e0:25:61:4b:
         87:c4:4a:eb
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjAzMDNaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDM5RjY1QzU2MzU3NTQx
MjNFQzIxNEE4NzYwM0M2NjYzOTc5RjhBNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGatoKrXn0TGcvnbDWAlzT4sbO0+eKkOtH35sIGuo3UMdyh86+
ko5g+p9Vy8fCXD5f6V79S/zxztGgAP2G8kGRpvTGobogalYSCy/Egu3iYCJgnon8
IGrHxUnQBjWd/Cb2m3gJSpzKBadvQD0GXALDp1V7YK6z2pjjQsXSkEyYEHcQjLVi
hpJCWqFY5A8L9g/jIRjtMba4ObZZUUE6R9YSJin+BpUFfqBVaCebO+/ZZ5TIKiYa
vBFC7dOy4/0juLoGMUOETwB1y5HXBbX6r4O2YDnqRJFtygwV2riQ3oydqHzIEFR8
iCgHXXWVFyDpli1jpxF91Dxwzjt1HtAclpRJAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUOfZcVjV1QSPsIUqHYDxmY5efik4wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L09mWmNWalYxUVNQc0lVcUhZRHhtWTVlZmlrNC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYoQwDQYJKoZIhvcNAQELBQADggEBADWY4TTxnzvi3hYcMmYJQe4yXB3q
Bcyat1DAHBsQi354zPFHaDLiXsDe6VKb5HZkBcb0HReS+BgKx8o8HJSEg2urrReA
yljihHQe+EED3L4qH9zZ+yXLmeKTgDYbqHFHCgWKWxbmXeQep4YB4GogplkSR+kV
p14qWBAEbw23RttkgIw1yV3FkkOSfTbfbtrJJQJlIScLfMr4m+ktBzqBNRoGWN7u
io73b8AVorQcRqAEksqDnVjBnKi0waPPcaHcl5MLprqtzoJtWbc9yms/Ra8ZZJdN
p5PXMOjRA8p9jpaiEzHRj4HeXzi6qktJ4SNZj6lY812YmUko4CVhS4fESus=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org