Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/UyXD3OEYdvsbzy2L6a-KrdfbTP4.roa
File:                     UyXD3OEYdvsbzy2L6a-KrdfbTP4.roa (raw, json)
Hash identifier:          OudzfQDF4Byp4qrhX2VMS6eRe0qFCDH0jECxJMhYHuc=
Subject key identifier:   53:25:C3:DC:E1:18:76:FB:1B:CF:2D:8B:E9:AF:8A:AD:D7:DB:4C:FE
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       3C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/UyXD3OEYdvsbzy2L6a-KrdfbTP4.roa
Signing time:             Mon 27 Mar 2023 16:02:08 +0000
ROA not before:           Mon 27 Mar 2023 16:02:08 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.28.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60 (0x3c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:02:08 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=5325C3DCE11876FB1BCF2D8BE9AF8AADD7DB4CFE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ff:51:6d:a6:c8:9d:1c:91:02:bb:00:d6:0b:
                    b7:68:71:22:79:be:81:0d:8a:48:31:95:65:8e:06:
                    e9:4a:41:ac:1e:8d:3c:36:03:d8:31:15:e0:09:d1:
                    5a:f2:c1:ed:bf:b4:40:4d:8a:72:15:39:80:57:27:
                    b8:57:cb:65:29:86:0c:07:db:da:15:82:b9:ea:5c:
                    af:fc:84:d7:69:c7:1b:ac:9c:58:4b:3c:ad:69:bb:
                    cf:b7:93:9a:42:ea:e3:be:db:04:54:46:a8:86:32:
                    37:41:6c:22:88:1c:fd:de:5c:5a:a6:c9:82:4a:00:
                    85:31:ab:c4:24:ac:ae:72:a9:77:7a:a9:c3:fa:b2:
                    32:84:64:2b:4d:6a:a3:63:1d:a8:bd:a4:bb:5e:7e:
                    4f:11:e4:14:46:e4:ad:fc:5b:03:f8:da:9d:fb:88:
                    c9:e9:32:a3:d5:81:1e:19:bb:76:7e:2b:1a:78:d4:
                    ed:a0:3d:52:fc:04:a3:13:82:2a:d8:30:91:3b:f6:
                    1b:5d:ea:f5:f3:9c:cc:15:8f:a7:9c:95:a6:84:a2:
                    f5:1a:99:7a:6a:6d:ee:a0:52:0b:16:87:21:24:34:
                    f8:42:a2:64:de:f9:07:3c:64:e3:e1:d0:6d:9a:e4:
                    06:9c:ef:ab:46:03:7b:da:be:c9:e7:6f:25:38:41:
                    76:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:25:C3:DC:E1:18:76:FB:1B:CF:2D:8B:E9:AF:8A:AD:D7:DB:4C:FE
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/UyXD3OEYdvsbzy2L6a-KrdfbTP4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:61:ea:9e:e9:cf:fc:f2:4c:86:9d:2e:16:b5:93:53:3b:be:
         23:88:7b:d8:c9:73:0b:14:52:6d:4b:c7:72:37:67:de:8a:77:
         ae:17:4e:c3:97:f3:8b:70:07:70:12:02:36:6b:3d:06:2d:b1:
         e4:a9:f8:29:33:ed:db:ce:5d:de:67:35:e2:aa:80:51:b2:8d:
         7a:87:74:43:e7:32:38:e5:2c:b2:de:02:08:0a:8c:57:c6:b1:
         9c:b0:a0:ae:07:d5:1d:ad:68:90:9e:20:b4:d9:4a:24:57:05:
         85:78:6c:89:a2:09:f4:07:da:41:25:56:27:b4:fe:d6:ec:f6:
         8b:ac:c4:4a:1f:22:27:87:a3:f4:b2:db:6c:c3:6a:3a:ba:23:
         4f:41:40:cf:54:98:e2:24:7f:03:47:dd:c4:7b:75:a7:6b:c0:
         fb:57:f9:c9:74:6f:02:78:2e:87:03:fe:d0:13:7b:c6:f7:0a:
         28:d6:d3:9e:95:cd:24:c5:f0:b1:0b:46:bb:40:22:fb:2c:1f:
         a2:1a:88:69:ef:b0:7d:ac:8a:3b:98:f8:8b:1b:9a:4e:1f:88:
         65:99:9e:97:19:a1:02:b7:91:d7:1c:74:40:ce:c5:b4:8c:e6:
         1b:f0:67:ff:dd:08:ed:75:fe:7f:56:eb:f8:ba:10:6c:67:d8:
         e2:06:6d:e2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDIwOFoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNTMyNUMzRENFMTE4NzZG
QjFCQ0YyRDhCRTlBRjhBQUREN0RCNENGRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMP/UW2myJ0ckQK7ANYLt2hxInm+gQ2KSDGVZY4G6UpBrB6NPDYD
2DEV4AnRWvLB7b+0QE2KchU5gFcnuFfLZSmGDAfb2hWCuepcr/yE12nHG6ycWEs8
rWm7z7eTmkLq477bBFRGqIYyN0FsIogc/d5cWqbJgkoAhTGrxCSsrnKpd3qpw/qy
MoRkK01qo2MdqL2ku15+TxHkFEbkrfxbA/janfuIyekyo9WBHhm7dn4rGnjU7aA9
UvwEoxOCKtgwkTv2G13q9fOczBWPp5yVpoSi9RqZempt7qBSCxaHISQ0+EKiZN75
Bzxk4+HQbZrkBpzvq0YDe9q+yedvJThBdv0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRTJcPc4Rh2+xvPLYvpr4qt19tM/jAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvVXlYRDNPRVlkdnNienkyTDZhLUtyZGZiVFA0LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEATFiHDANBgkqhkiG9w0BAQsFAAOCAQEAh2HqnunP/PJMhp0uFrWTUzu+I4h7
2MlzCxRSbUvHcjdn3op3rhdOw5fzi3AHcBICNms9Bi2x5Kn4KTPt285d3mc14qqA
UbKNeod0Q+cyOOUsst4CCAqMV8axnLCgrgfVHa1okJ4gtNlKJFcFhXhsiaIJ9Afa
QSVWJ7T+1uz2i6zESh8iJ4ej9LLbbMNqOrojT0FAz1SY4iR/A0fdxHt1p2vA+1f5
yXRvAnguhwP+0BN7xvcKKNbTnpXNJMXwsQtGu0Ai+ywfohqIae+wfayKO5j4ixua
Th+IZZmelxmhAreR1xx0QM7FtIzmG/Bn/90I7XX+f1br+LoQbGfY4gZt4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org