Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/iwQ-l_sFglN70gvawRk2Lzx5Uqc.roa
File:                     iwQ-l_sFglN70gvawRk2Lzx5Uqc.roa (raw, json)
Hash identifier:          nvl0dW/ehc1Vd1mLdwHSIZ5Kqhxf1/xizQ6AVYZ4Efk=
Subject key identifier:   8B:04:3E:97:FB:05:82:53:7B:D2:0B:DA:C1:19:36:2F:3C:79:52:A7
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       C2
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iwQ-l_sFglN70gvawRk2Lzx5Uqc.roa
Signing time:             Wed 29 Mar 2023 16:08:55 +0000
ROA not before:           Wed 29 Mar 2023 16:08:55 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.152.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 194 (0xc2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 29 16:08:55 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=8B043E97FB0582537BD20BDAC119362F3C7952A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c6:be:95:21:cb:bd:71:46:d0:40:90:23:fc:
                    d3:7c:64:38:f1:c7:10:2e:c6:2b:6b:e4:70:74:1f:
                    7b:48:bf:f4:42:8a:1d:be:76:ca:54:38:c9:31:e0:
                    d7:a5:ef:62:e0:90:f7:af:26:53:86:40:33:04:25:
                    15:36:d7:ca:42:6d:06:4b:b1:a6:c9:be:35:25:fc:
                    bb:5b:d8:80:18:26:c2:ed:66:b8:c7:a6:1c:ef:47:
                    51:70:d1:14:b9:49:62:f0:23:b8:eb:d5:48:88:53:
                    29:0c:2f:1e:cc:e0:e8:d8:6b:ad:60:e2:91:77:8f:
                    c2:0e:1d:f7:e4:d7:cd:59:05:00:cd:58:79:d7:6c:
                    e5:75:ed:b1:c6:11:23:d2:f4:2b:d7:84:99:c8:1e:
                    0c:31:44:78:49:a8:4d:7e:1c:cd:af:c7:07:d2:11:
                    fc:6d:2f:ad:a6:8c:0e:2b:36:69:10:a7:22:82:22:
                    6c:c1:b1:18:14:b7:cf:4d:92:39:a7:97:fc:ed:66:
                    87:f0:82:6a:36:41:1e:2c:41:8a:0f:85:58:76:99:
                    38:1f:55:d6:cc:52:36:61:d5:03:0b:62:3a:5f:06:
                    73:8f:64:48:64:92:1a:75:00:4a:04:a6:6a:5a:6e:
                    5f:4d:3d:00:a4:da:7f:ff:02:5d:57:6a:d3:aa:6a:
                    d1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:04:3E:97:FB:05:82:53:7B:D2:0B:DA:C1:19:36:2F:3C:79:52:A7
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iwQ-l_sFglN70gvawRk2Lzx5Uqc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         55:07:a2:fe:4e:f0:89:a6:ca:de:f0:e0:08:6e:26:bc:5b:85:
         26:e9:cc:ad:30:9e:18:0d:d7:4f:60:97:7c:fa:04:12:ee:1d:
         20:17:e3:84:90:8c:3b:7d:56:b3:24:8a:4e:5f:bd:7e:93:11:
         df:f5:1a:f2:3f:74:d8:39:4b:1e:f7:ba:10:10:99:08:cc:8c:
         8d:9b:34:4f:2c:bf:4f:91:8d:5a:1b:92:cf:cc:23:d0:bd:41:
         b3:c8:c6:0a:b5:e6:a3:a0:bb:11:a3:90:c3:bf:af:c3:ee:16:
         d3:d9:e5:83:99:d3:b3:60:f8:7e:6c:2b:13:e5:ec:6b:d8:27:
         8f:4b:c6:da:dc:ad:0d:07:3c:7a:49:d7:e2:4f:e9:11:db:13:
         35:17:cf:06:9f:38:cf:0d:b1:2a:be:2a:99:9a:20:7e:5e:ed:
         94:de:0a:ed:e3:d6:f2:a7:20:15:92:14:de:17:f3:3f:c8:b9:
         e1:3a:48:44:11:4c:d9:a3:81:a3:97:0a:e0:fc:29:09:ad:c1:
         68:b3:a0:a2:a7:07:af:38:48:de:69:51:31:37:3b:9a:5c:3a:
         89:a1:7c:98:5c:8b:4e:35:dd:40:b4:17:56:d8:7e:8c:99:e0:
         b8:63:54:f1:6e:a8:d6:be:32:4b:d9:8a:05:3f:c4:1f:0e:40:
         6d:95:ad:31
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzAzMjkx
NjA4NTVaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDhCMDQzRTk3RkIwNTgy
NTM3QkQyMEJEQUMxMTkzNjJGM0M3OTUyQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgxr6VIcu9cUbQQJAj/NN8ZDjxxxAuxitr5HB0H3tIv/RCih2+
dspUOMkx4Nel72LgkPevJlOGQDMEJRU218pCbQZLsabJvjUl/Ltb2IAYJsLtZrjH
phzvR1Fw0RS5SWLwI7jr1UiIUykMLx7M4OjYa61g4pF3j8IOHffk181ZBQDNWHnX
bOV17bHGESPS9CvXhJnIHgwxRHhJqE1+HM2vxwfSEfxtL62mjA4rNmkQpyKCImzB
sRgUt89Nkjmnl/ztZofwgmo2QR4sQYoPhVh2mTgfVdbMUjZh1QMLYjpfBnOPZEhk
khp1AEoEpmpabl9NPQCk2n//Al1XatOqatHnAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUiwQ+l/sFglN70gvawRk2Lzx5UqcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2l3US1sX3NGZ2xONzBndmF3UmsyTHp4NVVxYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYpgwDQYJKoZIhvcNAQELBQADggEBAFUHov5O8Immyt7w4AhuJrxbhSbp
zK0wnhgN109gl3z6BBLuHSAX44SQjDt9VrMkik5fvX6TEd/1GvI/dNg5Sx73uhAQ
mQjMjI2bNE8sv0+RjVobks/MI9C9QbPIxgq15qOguxGjkMO/r8PuFtPZ5YOZ07Ng
+H5sKxPl7GvYJ49LxtrcrQ0HPHpJ1+JP6RHbEzUXzwafOM8NsSq+KpmaIH5e7ZTe
Cu3j1vKnIBWSFN4X8z/IueE6SEQRTNmjgaOXCuD8KQmtwWizoKKnB684SN5pUTE3
O5pcOomhfJhci0413UC0F1bYfoyZ4LhjVPFuqNa+MkvZigU/xB8OQG2VrTE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org