Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/OwOKo8b1onHSDGqcOidqGu5WZyE.roa
File:                     OwOKo8b1onHSDGqcOidqGu5WZyE.roa (raw, json)
Hash identifier:          HrFj+Fv2Mtb3y1uEuddWFXQg/3g9Jgj33vaNL8QS0OU=
Subject key identifier:   3B:03:8A:A3:C6:F5:A2:71:D2:0C:6A:9C:3A:27:6A:1A:EE:56:67:21
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       3E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OwOKo8b1onHSDGqcOidqGu5WZyE.roa
Signing time:             Mon 27 Mar 2023 16:02:09 +0000
ROA not before:           Mon 27 Mar 2023 16:02:09 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.97.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62 (0x3e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:02:09 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=3B038AA3C6F5A271D20C6A9C3A276A1AEE566721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:1e:bc:74:c3:cc:c4:11:c9:14:34:51:73:87:
                    6a:f8:dd:ef:c6:57:c6:d5:28:c8:bf:be:46:37:91:
                    77:c2:f6:90:ef:63:4d:20:30:af:74:89:d4:ef:7e:
                    5d:a5:c9:93:cf:60:d4:2f:a6:e7:e8:be:b0:42:6d:
                    b1:4a:55:9a:3c:2e:df:2c:24:4d:2a:66:08:6b:b6:
                    cc:17:b9:b9:44:c3:9b:1c:8a:a4:40:8e:52:f6:81:
                    0a:5d:9b:eb:93:15:c4:75:51:d2:f6:17:02:7c:d0:
                    1e:f9:49:d0:80:fd:a2:e8:85:e3:81:4f:8a:0a:dc:
                    c2:f8:fb:69:ef:b2:97:c0:f8:c8:14:15:1a:cb:3b:
                    44:5f:c7:51:47:8e:d4:94:c9:3b:fe:1d:81:30:c7:
                    df:d8:8a:e4:57:79:c8:bd:97:e4:e6:c3:ec:9b:55:
                    86:68:4b:44:68:6a:b0:c2:9f:91:e4:73:b7:39:3f:
                    00:fc:e8:dd:f7:6c:59:55:94:ab:5c:b4:14:7b:95:
                    52:e0:2b:6a:72:d9:4c:a6:ed:6f:8a:fa:7e:56:ad:
                    3d:c3:44:38:9d:50:b7:34:9b:90:b7:b1:8f:2f:d8:
                    af:e7:f6:b3:18:f1:c5:a8:ca:7f:f3:a1:fa:e7:b8:
                    40:5b:70:6f:4c:ef:9a:82:d3:f7:a7:32:86:7c:9e:
                    9d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:03:8A:A3:C6:F5:A2:71:D2:0C:6A:9C:3A:27:6A:1A:EE:56:67:21
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OwOKo8b1onHSDGqcOidqGu5WZyE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:61:56:68:7e:1e:c0:c6:f0:cc:c6:29:b0:20:2d:21:c7:2a:
         7e:06:23:de:85:06:dc:3c:98:bc:e4:f5:b6:df:de:65:c5:c4:
         70:7a:b9:d8:6c:fc:e5:8f:0c:1d:0f:db:e9:bb:38:c1:d6:ea:
         62:19:b8:ae:c6:68:eb:e7:5b:3c:c4:4b:0b:2e:28:f4:5e:96:
         95:7b:1e:ed:5f:ca:e3:74:91:06:9f:04:ad:3b:4f:21:8f:33:
         52:f2:03:1e:cc:42:03:46:2b:4d:06:23:4c:11:c4:ab:71:cb:
         57:40:bb:1f:c1:f3:d3:3f:7b:28:92:7a:a9:ab:ab:a0:92:de:
         bc:d2:47:de:c9:06:17:30:93:3c:09:94:40:56:ed:44:de:f0:
         10:d1:cf:23:df:a5:79:7b:2c:21:e4:ce:50:16:d2:90:0e:9f:
         f2:2f:e4:03:7e:3c:ff:96:a2:6e:0a:c3:74:0a:af:3b:66:59:
         33:6a:da:48:0e:a7:82:74:48:0a:29:0d:23:4c:88:89:4c:d9:
         82:b6:c5:15:50:1f:24:a8:d2:a0:44:ff:41:b3:77:99:51:a1:
         4e:c3:57:93:71:b8:2a:ca:82:7f:58:60:5a:73:cf:4a:22:57:
         6e:90:5e:1a:de:05:28:8e:50:40:82:5e:bf:b7:d4:9c:0c:12:
         58:20:53:cd
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDIwOVoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoM0IwMzhBQTNDNkY1QTI3
MUQyMEM2QTlDM0EyNzZBMUFFRTU2NjcyMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANAevHTDzMQRyRQ0UXOHavjd78ZXxtUoyL++RjeRd8L2kO9jTSAw
r3SJ1O9+XaXJk89g1C+m5+i+sEJtsUpVmjwu3ywkTSpmCGu2zBe5uUTDmxyKpECO
UvaBCl2b65MVxHVR0vYXAnzQHvlJ0ID9ouiF44FPigrcwvj7ae+yl8D4yBQVGss7
RF/HUUeO1JTJO/4dgTDH39iK5Fd5yL2X5ObD7JtVhmhLRGhqsMKfkeRztzk/APzo
3fdsWVWUq1y0FHuVUuAranLZTKbtb4r6flatPcNEOJ1QtzSbkLexjy/Yr+f2sxjx
xajKf/Oh+ue4QFtwb0zvmoLT96cyhnyenZkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQ7A4qjxvWicdIMapw6J2oa7lZnITAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvT3dPS284YjFvbkhTREdxY09pZHFHdTVXWnlFLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEADFhZjANBgkqhkiG9w0BAQsFAAOCAQEAhWFWaH4ewMbwzMYpsCAtIccqfgYj
3oUG3DyYvOT1tt/eZcXEcHq52Gz85Y8MHQ/b6bs4wdbqYhm4rsZo6+dbPMRLCy4o
9F6WlXse7V/K43SRBp8ErTtPIY8zUvIDHsxCA0YrTQYjTBHEq3HLV0C7H8Hz0z97
KJJ6qauroJLevNJH3skGFzCTPAmUQFbtRN7wENHPI9+leXssIeTOUBbSkA6f8i/k
A348/5aibgrDdAqvO2ZZM2raSA6ngnRICikNI0yIiUzZgrbFFVAfJKjSoET/QbN3
mVGhTsNXk3G4KsqCf1hgWnPPSiJXbpBeGt4FKI5QQIJev7fUnAwSWCBTzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org