Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/RJcfyd6F8NZSfNG5yccUU1aIfro.roa
File:                     RJcfyd6F8NZSfNG5yccUU1aIfro.roa (raw, json)
Hash identifier:          s/UFuh5hS/OlHCEXsZIr7pnqei557Xpx3YN8LYVaXNo=
Subject key identifier:   44:97:1F:C9:DE:85:F0:D6:52:7C:D1:B9:C9:C7:14:53:56:88:7E:BA
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       6B
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/RJcfyd6F8NZSfNG5yccUU1aIfro.roa
Signing time:             Mon 27 Mar 2023 16:06:41 +0000
ROA not before:           Mon 27 Mar 2023 16:06:41 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.97.98.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107 (0x6b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:06:41 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=44971FC9DE85F0D6527CD1B9C9C7145356887EBA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:d1:8b:bd:7e:33:28:66:2b:d7:9c:4f:ab:44:
                    84:27:82:fc:a2:e9:96:27:b0:0e:a6:e7:67:d0:17:
                    08:0b:32:f0:fd:37:77:c5:7c:a5:2a:9a:0a:f9:ea:
                    7a:60:c7:b8:af:23:d6:48:e7:cd:73:0e:e4:6b:1c:
                    7b:05:a3:da:95:fa:2f:06:98:52:44:83:ef:cc:69:
                    71:ec:b9:4d:72:68:de:fd:8f:89:f0:22:77:01:f6:
                    3a:52:c1:64:1a:71:ca:26:e5:5c:54:32:7a:ad:3a:
                    6f:06:ca:d9:0c:a3:2d:b4:e0:c1:43:ef:85:75:78:
                    f7:c0:d6:51:85:3a:a1:e3:bf:3d:d6:04:51:06:c3:
                    34:6c:16:30:b0:6b:0d:b4:80:fd:4e:9a:a7:29:00:
                    90:8e:f6:2a:d4:b6:df:d3:e3:29:4a:04:ec:9b:99:
                    0a:21:d9:e3:0b:40:6b:10:0c:f8:41:25:24:bf:69:
                    ef:24:6e:4b:06:cb:b9:26:05:80:f4:6d:82:f5:38:
                    09:c7:5c:33:a0:1d:27:c3:63:75:17:08:bb:e9:af:
                    8b:e4:6d:cd:ae:d6:97:d2:d0:16:b9:5c:6c:50:35:
                    37:a9:1f:fe:61:72:bb:ca:78:c6:b4:41:b7:b4:89:
                    e6:4d:0b:22:b2:98:ec:d2:c6:31:76:43:2a:4a:58:
                    ce:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:97:1F:C9:DE:85:F0:D6:52:7C:D1:B9:C9:C7:14:53:56:88:7E:BA
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/RJcfyd6F8NZSfNG5yccUU1aIfro.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:48:f6:23:ae:ec:a5:10:20:e1:d1:bf:89:a3:a4:fd:c2:48:
         ac:07:ba:93:5e:df:92:4f:0b:03:19:ef:4e:92:bc:26:86:7b:
         f0:b8:93:0c:f9:cb:48:bf:79:a6:c4:ed:e9:f6:c9:85:e1:19:
         1e:03:f7:12:dc:ed:8d:76:f7:57:17:9f:bd:f0:a0:fe:bd:eb:
         a1:39:53:fb:2c:91:e4:5c:24:a9:8a:3e:25:1d:c8:92:09:a8:
         92:b9:6b:9f:2b:42:3a:d7:ed:f1:db:bc:86:c7:41:ae:17:23:
         62:f4:67:f9:9f:90:08:b0:34:97:60:2a:dd:a2:75:f7:bd:9e:
         d3:5d:9e:62:83:a4:f0:6a:58:79:de:e3:74:6b:02:b2:b3:90:
         8f:50:94:d3:b9:01:a0:e5:27:da:c1:61:10:49:6b:8b:09:69:
         38:a6:87:4c:7f:7d:77:dc:75:28:2f:fa:dd:df:05:90:86:34:
         41:8a:d7:f8:3e:b1:2a:42:ce:1c:40:71:fb:bd:ef:bd:82:f4:
         f3:b1:3a:5d:3f:a3:71:ff:05:f8:61:a0:54:5b:6f:e6:20:cc:
         73:66:92:fd:95:2f:31:8a:5f:88:1a:81:fc:9e:cc:5c:ee:05:
         75:6f:88:e2:e3:e6:75:58:38:e4:95:77:5a:45:b4:33:6e:04:
         c7:7d:23:8a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDY0MVoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNDQ5NzFGQzlERTg1RjBE
NjUyN0NEMUI5QzlDNzE0NTM1Njg4N0VCQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOHRi71+MyhmK9ecT6tEhCeC/KLpliewDqbnZ9AXCAsy8P03d8V8
pSqaCvnqemDHuK8j1kjnzXMO5GscewWj2pX6LwaYUkSD78xpcey5TXJo3v2PifAi
dwH2OlLBZBpxyiblXFQyeq06bwbK2QyjLbTgwUPvhXV498DWUYU6oeO/PdYEUQbD
NGwWMLBrDbSA/U6apykAkI72KtS239PjKUoE7JuZCiHZ4wtAaxAM+EElJL9p7yRu
SwbLuSYFgPRtgvU4CcdcM6AdJ8NjdRcIu+mvi+Rtza7Wl9LQFrlcbFA1N6kf/mFy
u8p4xrRBt7SJ5k0LIrKY7NLGMXZDKkpYzk0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRElx/J3oXw1lJ80bnJxxRTVoh+ujAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvUkpjZnlkNkY4TlpTZk5HNXljY1VVMWFJZnJvLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEADFhYjANBgkqhkiG9w0BAQsFAAOCAQEAi0j2I67spRAg4dG/iaOk/cJIrAe6
k17fkk8LAxnvTpK8JoZ78LiTDPnLSL95psTt6fbJheEZHgP3EtztjXb3VxefvfCg
/r3roTlT+yyR5FwkqYo+JR3IkgmokrlrnytCOtft8du8hsdBrhcjYvRn+Z+QCLA0
l2Aq3aJ1972e012eYoOk8GpYed7jdGsCsrOQj1CU07kBoOUn2sFhEElriwlpOKaH
TH99d9x1KC/63d8FkIY0QYrX+D6xKkLOHEBx+73vvYL087E6XT+jcf8F+GGgVFtv
5iDMc2aS/ZUvMYpfiBqB/J7MXO4FdW+I4uPmdVg45JV3WkW0M24Ex30jig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org