Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/mdBclKG3oaLQTvV0ETaKbGefe-g.roa
File:                     mdBclKG3oaLQTvV0ETaKbGefe-g.roa (raw, json)
Hash identifier:          qpA+qg4NmbHLcj5n0DMP4YsiAtNMYlW1aTdFSjWaGoI=
Subject key identifier:   99:D0:5C:94:A1:B7:A1:A2:D0:4E:F5:74:11:36:8A:6C:67:9F:7B:E8
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       5C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/mdBclKG3oaLQTvV0ETaKbGefe-g.roa
Signing time:             Mon 27 Mar 2023 16:04:31 +0000
ROA not before:           Mon 27 Mar 2023 16:04:31 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.97.104.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92 (0x5c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:04:31 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=99D05C94A1B7A1A2D04EF57411368A6C679F7BE8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:43:f7:3e:07:52:70:8c:f1:a9:38:88:cc:8a:
                    35:56:c0:29:f9:8d:5b:64:15:85:37:a3:b9:9e:09:
                    3f:05:ce:96:8a:5a:00:49:33:6c:c4:95:ce:b0:b8:
                    8f:11:63:8c:c0:a6:55:c5:62:95:3a:de:b1:81:b0:
                    43:d1:81:c5:70:d9:3e:ca:39:c0:e7:02:16:4c:33:
                    69:9d:2f:38:a3:07:20:12:c7:db:f2:8a:95:cf:ce:
                    52:6a:a2:16:15:59:5a:64:98:fd:31:5a:95:cf:7b:
                    1e:50:c0:e3:4a:5e:be:74:68:21:3d:75:2e:e5:da:
                    88:fc:40:b9:54:0e:89:0e:88:8c:0c:45:95:3f:16:
                    ba:d2:83:b8:f9:2e:94:f1:6a:04:b4:ea:98:4c:97:
                    5a:18:3a:64:b8:48:84:7a:1b:b3:ee:11:9d:e2:3a:
                    b1:a4:1e:ee:92:5c:e7:d3:21:6c:de:04:cd:3a:21:
                    e8:b0:b7:d5:f8:2b:92:73:34:6d:0a:94:8c:28:ea:
                    7e:d1:87:95:fa:cc:22:bc:10:c4:d8:75:00:3f:82:
                    7b:b3:1d:38:19:0f:4c:f5:26:91:87:a2:0e:54:01:
                    59:30:75:a2:4f:12:11:68:2b:dd:38:1b:9b:36:bb:
                    d5:55:96:25:4a:e0:2e:e2:82:01:32:e9:93:1b:a2:
                    71:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D0:5C:94:A1:B7:A1:A2:D0:4E:F5:74:11:36:8A:6C:67:9F:7B:E8
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/mdBclKG3oaLQTvV0ETaKbGefe-g.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:f5:fc:ab:e8:89:02:cb:70:78:08:a9:8d:4c:16:3b:74:5d:
         ff:81:35:23:4a:1d:3c:1c:f9:ba:3f:26:c9:72:19:64:94:09:
         d0:c3:93:6e:54:3d:2f:07:ed:f5:4a:60:e1:89:f8:87:cf:fc:
         96:3d:07:cc:3e:f8:b3:1f:99:73:37:42:e9:54:41:ec:61:f7:
         ed:a0:0e:6c:b0:60:e9:ca:6e:3c:64:21:f9:f2:6d:cb:ce:34:
         16:ae:78:10:bd:ba:e6:ab:5f:88:a0:a3:b6:15:d3:17:11:4a:
         40:cc:b5:a7:0d:bd:75:40:0a:16:1d:64:5c:96:c3:fb:1d:16:
         92:d7:cd:19:22:ce:84:4c:59:1a:96:7f:a6:88:b0:44:97:16:
         59:77:8d:4e:38:6d:07:a1:c9:19:ad:6a:26:e6:ee:6c:3a:ec:
         81:7c:49:cc:36:58:9a:e9:f1:c7:5f:f0:fe:ae:c9:a1:c8:07:
         eb:59:5e:45:81:9b:03:64:c7:5d:d9:3f:d4:fa:89:78:b9:01:
         f3:d2:f8:e8:6e:b2:3e:2c:86:8a:f4:89:0f:82:fd:79:db:4b:
         5d:e5:6e:1b:39:0c:83:0f:61:64:26:3b:a6:d5:22:ae:fd:e9:
         95:bf:22:1a:2c:01:87:89:a4:45:3b:4d:b0:da:b0:87:b6:75:
         9d:14:ad:46
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDQzMVoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoOTlEMDVDOTRBMUI3QTFB
MkQwNEVGNTc0MTEzNjhBNkM2NzlGN0JFODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJ9D9z4HUnCM8ak4iMyKNVbAKfmNW2QVhTejuZ4JPwXOlopaAEkz
bMSVzrC4jxFjjMCmVcVilTresYGwQ9GBxXDZPso5wOcCFkwzaZ0vOKMHIBLH2/KK
lc/OUmqiFhVZWmSY/TFalc97HlDA40pevnRoIT11LuXaiPxAuVQOiQ6IjAxFlT8W
utKDuPkulPFqBLTqmEyXWhg6ZLhIhHobs+4RneI6saQe7pJc59MhbN4EzToh6LC3
1fgrknM0bQqUjCjqftGHlfrMIrwQxNh1AD+Ce7MdOBkPTPUmkYeiDlQBWTB1ok8S
EWgr3Tgbmza71VWWJUrgLuKCATLpkxuicWkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSZ0FyUobehotBO9XQRNopsZ5976DAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvbWRCY2xLRzNvYUxRVHZWMEVUYUtiR2VmZS1nLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEADFhaDANBgkqhkiG9w0BAQsFAAOCAQEAHfX8q+iJAstweAipjUwWO3Rd/4E1
I0odPBz5uj8myXIZZJQJ0MOTblQ9Lwft9Upg4Yn4h8/8lj0HzD74sx+ZczdC6VRB
7GH37aAObLBg6cpuPGQh+fJty840Fq54EL265qtfiKCjthXTFxFKQMy1pw29dUAK
Fh1kXJbD+x0WktfNGSLOhExZGpZ/poiwRJcWWXeNTjhtB6HJGa1qJububDrsgXxJ
zDZYmunxx1/w/q7JocgH61leRYGbA2THXdk/1PqJeLkB89L46G6yPiyGivSJD4L9
edtLXeVuGzkMgw9hZCY7ptUirv3plb8iGiwBh4mkRTtNsNqwh7Z1nRStRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org