Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/cBSn3XVpflv8tDHE3RXQfrMveLw.roa
File:                     cBSn3XVpflv8tDHE3RXQfrMveLw.roa (raw, json)
Hash identifier:          qUzxDwwR4LQF4kM69yGVa20bT47lGEgpUQGFTOilwA0=
Subject key identifier:   70:14:A7:DD:75:69:7E:5B:FC:B4:31:C4:DD:15:D0:7E:B3:2F:78:BC
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02E7
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/cBSn3XVpflv8tDHE3RXQfrMveLw.roa
Signing time:             Thu 01 Jun 2023 16:04:33 +0000
ROA not before:           Thu 01 Jun 2023 16:04:33 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.64.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 743 (0x2e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:04:33 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=7014A7DD75697E5BFCB431C4DD15D07EB32F78BC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:6a:4c:c0:f1:44:c6:1d:31:c1:4f:f4:52:22:
                    f7:f2:f1:18:fc:a8:9c:a4:d4:ab:0b:19:ed:c9:5a:
                    b2:9d:d8:8e:8a:45:1b:3b:96:fe:9a:b1:d2:e2:26:
                    d2:dd:31:c1:12:28:ee:50:50:86:bc:0d:66:c8:b1:
                    9c:e7:ae:d3:59:27:d6:0b:ee:b8:1b:11:1f:28:8a:
                    18:b6:92:03:e4:08:44:35:63:cc:28:c1:9b:9d:a5:
                    3a:2e:4f:ef:35:97:5e:67:ba:39:3e:ec:10:90:1d:
                    dc:94:4b:7e:41:59:f0:cc:51:ee:0f:80:cd:3e:a1:
                    13:47:82:68:28:74:6a:53:6d:28:12:1b:90:e3:44:
                    f8:4d:0e:d3:91:14:4b:d1:91:5b:f2:c2:e8:70:f9:
                    8e:10:91:b3:c9:fc:e0:fd:d4:fa:b8:40:15:3a:7b:
                    fb:1c:0a:38:4d:04:7a:78:09:36:87:e6:1d:7e:bd:
                    4d:b4:2b:7c:a8:d6:63:1d:1f:39:5c:ff:ea:d0:4a:
                    c1:5f:33:bf:ca:55:9a:3f:8a:92:8a:ce:7e:e1:6f:
                    8d:ef:34:04:a0:b7:9d:a4:8b:0e:cc:41:d1:b2:f8:
                    8d:07:2f:48:81:eb:1b:fb:12:62:20:c8:15:0b:0c:
                    8f:f4:60:82:11:d5:3e:3b:19:4b:67:f7:48:a6:98:
                    23:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:14:A7:DD:75:69:7E:5B:FC:B4:31:C4:DD:15:D0:7E:B3:2F:78:BC
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/cBSn3XVpflv8tDHE3RXQfrMveLw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c9:49:b3:77:fa:20:40:8d:1b:9d:33:2f:76:24:9d:21:c8:3c:
         6d:96:75:e6:0a:62:a0:07:75:23:5c:d2:0b:4e:03:6e:f1:df:
         e8:9c:e2:39:a6:52:2e:2b:ac:94:bf:6e:65:d3:a4:4a:77:8a:
         6d:4c:7b:a1:b1:d8:73:78:36:ce:9a:fa:73:65:72:12:41:c0:
         6f:12:25:31:d8:03:d7:9a:ce:8d:4f:bc:4d:aa:27:6d:e3:02:
         40:8a:f7:d6:e4:f3:d6:3d:c4:4c:6f:e9:df:b9:d3:f6:ee:a7:
         55:13:d3:2e:b8:f5:3e:cc:66:6c:b7:b0:77:56:49:d9:f7:86:
         ca:f0:14:d9:e5:36:9d:ca:d6:1d:15:22:52:41:47:37:f1:65:
         63:09:8e:ed:11:3c:02:fd:a9:42:01:06:e1:67:f6:c2:7c:4b:
         9c:a2:0c:10:91:1b:7e:8b:98:19:bd:b8:eb:cf:d1:7b:2d:68:
         cc:95:c0:35:e2:cb:78:8b:48:ef:86:7c:e5:39:04:90:c7:a1:
         14:e4:50:4f:73:75:42:b2:2c:37:95:23:09:2b:6e:b6:57:ca:
         39:99:3c:79:f5:c9:a4:8c:9d:8b:fc:07:5a:6d:cd:06:07:de:
         6a:bc:e0:34:da:d3:c7:84:18:03:31:1c:cf:55:a0:61:dc:ca:
         b7:ec:b2:5d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAucwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA0MzNaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDcwMTRBN0RENzU2OTdF
NUJGQ0I0MzFDNEREMTVEMDdFQjMyRjc4QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSakzA8UTGHTHBT/RSIvfy8Rj8qJyk1KsLGe3JWrKd2I6KRRs7
lv6asdLiJtLdMcESKO5QUIa8DWbIsZznrtNZJ9YL7rgbER8oihi2kgPkCEQ1Y8wo
wZudpTouT+81l15nujk+7BCQHdyUS35BWfDMUe4PgM0+oRNHgmgodGpTbSgSG5Dj
RPhNDtORFEvRkVvywuhw+Y4QkbPJ/OD91Pq4QBU6e/scCjhNBHp4CTaH5h1+vU20
K3yo1mMdHzlc/+rQSsFfM7/KVZo/ipKKzn7hb43vNASgt52kiw7MQdGy+I0HL0iB
6xv7EmIgyBULDI/0YIIR1T47GUtn90immCPfAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUcBSn3XVpflv8tDHE3RXQfrMveLwwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2NCU24zWFZwZmx2OHRESEUzUlhRZnJNdmVMdy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYkAwDQYJKoZIhvcNAQELBQADggEBAMlJs3f6IECNG50zL3YknSHIPG2W
deYKYqAHdSNc0gtOA27x3+ic4jmmUi4rrJS/bmXTpEp3im1Me6Gx2HN4Ns6a+nNl
chJBwG8SJTHYA9eazo1PvE2qJ23jAkCK99bk89Y9xExv6d+50/bup1UT0y649T7M
Zmy3sHdWSdn3hsrwFNnlNp3K1h0VIlJBRzfxZWMJju0RPAL9qUIBBuFn9sJ8S5yi
DBCRG36LmBm9uOvP0XstaMyVwDXiy3iLSO+GfOU5BJDHoRTkUE9zdUKyLDeVIwkr
brZXyjmZPHn1yaSMnYv8B1ptzQYH3mq84DTa08eEGAMxHM9VoGHcyrfssl0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org