Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/SgJGQyn2C9SEZtIph0TT4d_5pmM.roa
File:                     SgJGQyn2C9SEZtIph0TT4d_5pmM.roa (raw, json)
Hash identifier:          yNB/0t6Sq967Ggv7WTJnf3T50zPH/9UcTmQ+p5mBjqQ=
Subject key identifier:   4A:02:46:43:29:F6:0B:D4:84:66:D2:29:87:44:D3:E1:DF:F9:A6:63
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       DE
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/SgJGQyn2C9SEZtIph0TT4d_5pmM.roa
Signing time:             Wed 24 May 2023 16:03:02 +0000
ROA not before:           Wed 24 May 2023 16:03:02 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.130.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 222 (0xde)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:03:02 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=4A02464329F60BD48466D2298744D3E1DFF9A663
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ea:4f:cb:f2:8b:5d:c4:b0:67:fb:b9:ce:c8:
                    29:1b:84:66:ec:26:1c:2b:60:47:d9:e4:8c:79:95:
                    53:0f:cb:d2:d8:63:6b:ed:ab:81:76:12:40:b8:29:
                    a5:eb:a8:3b:e7:e5:19:d1:a1:36:98:0d:9c:55:c4:
                    2b:d1:3f:98:0f:42:5f:ef:6f:aa:da:a8:2e:5b:dc:
                    d3:f7:72:d6:4c:c7:48:e6:76:06:1d:44:9a:14:2e:
                    37:61:37:7e:5d:ba:e7:75:d7:79:06:f1:16:49:e7:
                    89:96:37:34:8d:02:44:90:45:ba:37:7e:ed:89:a9:
                    58:99:86:6c:dd:30:7a:a4:34:88:3d:1a:79:6f:30:
                    27:45:1a:9b:15:96:be:ac:46:ff:b2:d7:e1:9d:8a:
                    10:02:fb:5f:a9:e6:f0:6d:f3:18:32:28:7b:d2:99:
                    c0:e4:b4:c3:da:12:10:b9:e1:28:51:e5:b4:98:26:
                    8f:22:a7:7c:a9:98:5b:6a:21:de:26:9e:62:10:89:
                    77:ba:84:ec:7b:ba:1b:88:bf:7f:17:dc:cb:ea:19:
                    78:9f:42:b8:65:dd:15:e9:e5:9c:0c:d8:cc:f7:a4:
                    26:f7:79:b9:ca:ac:58:af:4c:f5:cc:c4:36:03:66:
                    a5:cf:5c:7e:c7:2f:8b:f1:51:9a:8c:60:4c:0c:f6:
                    b2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:02:46:43:29:F6:0B:D4:84:66:D2:29:87:44:D3:E1:DF:F9:A6:63
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/SgJGQyn2C9SEZtIph0TT4d_5pmM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4e:88:a3:5c:21:b0:b5:1f:b5:d7:88:ca:60:d7:33:67:c6:6f:
         a1:27:25:6a:e6:c0:6f:7d:fe:6a:06:e2:f9:21:c9:32:28:db:
         a7:94:48:a8:11:4d:c4:12:44:20:45:3e:a8:9f:cb:18:1a:6c:
         2a:4d:de:8f:da:e1:0a:73:9d:06:64:3e:3f:35:40:20:f5:36:
         84:24:a8:2e:99:61:32:77:25:f2:8a:53:63:49:10:eb:bf:43:
         06:89:f9:b7:e2:38:89:7e:cd:f8:9c:3d:61:cf:da:c9:e0:2f:
         18:43:ef:0a:2d:40:33:87:f6:64:48:19:51:02:49:97:46:b6:
         98:84:0a:57:fe:b4:9a:df:0c:f7:03:f7:c1:f0:b7:4c:ff:f2:
         fe:c7:21:ae:d3:97:72:28:9d:9d:e1:de:11:48:08:f6:1c:7d:
         44:90:40:75:10:b6:40:f0:a3:65:f1:71:c5:eb:10:56:0f:16:
         90:7b:c7:c9:d6:98:b0:5c:d0:69:29:d9:c1:d8:7d:56:24:9c:
         aa:50:45:56:45:7b:71:d6:e0:be:71:04:b4:9a:38:53:3a:cd:
         b2:f0:66:fe:68:85:36:7d:c9:df:0a:d3:c1:7b:88:70:f0:98:
         13:bf:38:fb:26:8b:7b:0e:6e:52:29:a3:18:0d:2b:15:15:7a:
         00:e1:48:e1
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjAzMDJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDRBMDI0NjQzMjlGNjBC
RDQ4NDY2RDIyOTg3NDREM0UxREZGOUE2NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN6k/L8otdxLBn+7nOyCkbhGbsJhwrYEfZ5Ix5lVMPy9LYY2vt
q4F2EkC4KaXrqDvn5RnRoTaYDZxVxCvRP5gPQl/vb6raqC5b3NP3ctZMx0jmdgYd
RJoULjdhN35duud113kG8RZJ54mWNzSNAkSQRbo3fu2JqViZhmzdMHqkNIg9Gnlv
MCdFGpsVlr6sRv+y1+GdihAC+1+p5vBt8xgyKHvSmcDktMPaEhC54ShR5bSYJo8i
p3ypmFtqId4mnmIQiXe6hOx7uhuIv38X3MvqGXifQrhl3RXp5ZwM2Mz3pCb3ebnK
rFivTPXMxDYDZqXPXH7HL4vxUZqMYEwM9rJvAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUSgJGQyn2C9SEZtIph0TT4d/5pmMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1NnSkdReW4yQzlTRVp0SXBoMFRUNGRfNXBtTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYoIwDQYJKoZIhvcNAQELBQADggEBAE6Io1whsLUftdeIymDXM2fGb6En
JWrmwG99/moG4vkhyTIo26eUSKgRTcQSRCBFPqifyxgabCpN3o/a4QpznQZkPj81
QCD1NoQkqC6ZYTJ3JfKKU2NJEOu/QwaJ+bfiOIl+zficPWHP2sngLxhD7wotQDOH
9mRIGVECSZdGtpiEClf+tJrfDPcD98Hwt0z/8v7HIa7Tl3IonZ3h3hFICPYcfUSQ
QHUQtkDwo2XxccXrEFYPFpB7x8nWmLBc0Gkp2cHYfVYknKpQRVZFe3HW4L5xBLSa
OFM6zbLwZv5ohTZ9yd8K08F7iHDwmBO/OPsmi3sOblIpoxgNKxUVegDhSOE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org