Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/gtY7Ol23hDOJQSVRLlPM_H3_OTM.roa
File:                     gtY7Ol23hDOJQSVRLlPM_H3_OTM.roa (raw, json)
Hash identifier:          c6uu+/nz19CSY3jemkIquSF+z2AdfdDjh7seEkWb8Kk=
Subject key identifier:   82:D6:3B:3A:5D:B7:84:33:89:41:25:51:2E:53:CC:FC:7D:FF:39:33
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0303
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/gtY7Ol23hDOJQSVRLlPM_H3_OTM.roa
Signing time:             Thu 01 Jun 2023 16:05:25 +0000
ROA not before:           Thu 01 Jun 2023 16:05:25 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.88.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 771 (0x303)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:05:25 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=82D63B3A5DB78433894125512E53CCFC7DFF3933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:b5:aa:04:52:ad:d5:1c:9c:70:a8:a5:a9:39:
                    83:04:8e:02:e9:0d:51:fb:d4:bb:a2:fd:3b:ed:55:
                    61:ed:5c:62:47:1b:e4:02:6a:2a:19:c2:d0:72:a5:
                    1c:6d:08:1d:6a:51:99:bf:27:ea:89:fb:af:d3:fd:
                    fb:6b:26:8e:49:34:5b:43:f5:75:9c:4b:e0:2f:46:
                    4f:02:09:e5:c3:36:aa:a7:4e:84:77:5c:2a:e6:f8:
                    e8:bc:f5:ff:2c:33:04:8f:11:e2:88:af:04:60:1d:
                    20:4f:f3:5b:27:26:cc:c6:3b:25:58:32:90:25:62:
                    be:aa:7a:57:94:08:65:bc:bf:e1:58:38:7c:cc:c4:
                    73:21:29:27:f2:58:12:a2:e1:20:1a:60:8a:f8:75:
                    5d:a8:5b:7b:7c:4d:aa:a7:f1:7e:a5:c1:2f:d1:1f:
                    ff:8d:94:4e:24:35:75:0d:23:6c:db:78:3b:37:7a:
                    da:55:15:25:06:b1:c4:68:a0:1c:55:1f:dd:03:a9:
                    77:01:6f:4a:eb:c4:45:7a:00:ba:e6:8d:c9:25:1d:
                    a1:11:d8:35:60:fa:e0:a3:c3:60:37:dd:08:56:d0:
                    e7:dc:3d:b8:5b:5e:11:26:72:a0:2f:04:12:0f:4d:
                    53:0b:11:95:24:5f:f8:0a:fe:59:5d:e0:5a:69:59:
                    16:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:D6:3B:3A:5D:B7:84:33:89:41:25:51:2E:53:CC:FC:7D:FF:39:33
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/gtY7Ol23hDOJQSVRLlPM_H3_OTM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ae:7b:9d:04:34:47:61:d2:e7:05:3f:60:6f:f8:8c:60:c6:83:
         bd:d0:bd:43:47:64:96:4e:8d:d9:1e:fc:44:36:37:f7:bc:e6:
         96:36:ad:f1:1b:e2:1b:30:cc:a8:13:d7:04:82:bd:8f:72:2a:
         12:f1:c9:6a:12:ab:a6:b3:02:21:03:ce:74:90:37:94:0e:47:
         0b:e6:d1:41:44:52:1c:88:d6:d3:2c:51:11:75:eb:d6:4f:9e:
         52:aa:18:f7:57:6d:8a:da:af:4f:c0:f1:cb:30:8d:07:40:37:
         ca:75:7e:e9:8c:99:fc:6c:f5:d0:c3:83:70:24:7f:f0:68:78:
         88:03:9b:4d:61:61:53:a3:0e:14:26:74:bc:94:e7:18:f6:13:
         4c:2e:ef:f1:26:11:66:81:c3:12:a7:bf:c6:93:db:b5:34:38:
         d9:ea:9f:ff:e0:b6:74:b6:a0:f0:9e:a5:5c:d4:05:4e:bb:52:
         aa:05:76:d8:60:c7:57:74:78:ff:3a:ad:2f:cd:9d:2a:32:17:
         5f:89:42:4b:fe:a4:45:24:ec:58:5e:22:7b:27:09:5d:49:e3:
         41:cb:48:68:10:7a:64:fc:78:97:90:97:ea:ec:aa:82:d1:73:
         1c:ac:a8:b6:0d:59:1b:3f:34:15:0f:c3:a4:d2:33:63:04:fe:
         fd:87:e6:08
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAwMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA1MjVaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDgyRDYzQjNBNURCNzg0
MzM4OTQxMjU1MTJFNTNDQ0ZDN0RGRjM5MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDptaoEUq3VHJxwqKWpOYMEjgLpDVH71Lui/TvtVWHtXGJHG+QC
aioZwtBypRxtCB1qUZm/J+qJ+6/T/ftrJo5JNFtD9XWcS+AvRk8CCeXDNqqnToR3
XCrm+Oi89f8sMwSPEeKIrwRgHSBP81snJszGOyVYMpAlYr6qeleUCGW8v+FYOHzM
xHMhKSfyWBKi4SAaYIr4dV2oW3t8Taqn8X6lwS/RH/+NlE4kNXUNI2zbeDs3etpV
FSUGscRooBxVH90DqXcBb0rrxEV6ALrmjcklHaER2DVg+uCjw2A33QhW0OfcPbhb
XhEmcqAvBBIPTVMLEZUkX/gK/lld4FppWRbfAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUgtY7Ol23hDOJQSVRLlPM/H3/OTMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2d0WTdPbDIzaERPSlFTVlJMbFBNX0gzX09UTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYlgwDQYJKoZIhvcNAQELBQADggEBAK57nQQ0R2HS5wU/YG/4jGDGg73Q
vUNHZJZOjdke/EQ2N/e85pY2rfEb4hswzKgT1wSCvY9yKhLxyWoSq6azAiEDznSQ
N5QORwvm0UFEUhyI1tMsURF169ZPnlKqGPdXbYrar0/A8cswjQdAN8p1fumMmfxs
9dDDg3Akf/BoeIgDm01hYVOjDhQmdLyU5xj2E0wu7/EmEWaBwxKnv8aT27U0ONnq
n//gtnS2oPCepVzUBU67UqoFdthgx1d0eP86rS/NnSoyF1+JQkv+pEUk7FheInsn
CV1J40HLSGgQemT8eJeQl+rsqoLRcxysqLYNWRs/NBUPw6TSM2ME/v2H5gg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org