Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/qglPr2UpSKmSYDqzhricKCBGABM.roa
File:                     qglPr2UpSKmSYDqzhricKCBGABM.roa (raw, json)
Hash identifier:          7CA3puQeNKUpIgO9AlBVYPWlqUY0tuaczAyICnVROf0=
Subject key identifier:   AA:09:4F:AF:65:29:48:A9:92:60:3A:B3:86:B8:9C:28:20:46:00:13
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       DC
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qglPr2UpSKmSYDqzhricKCBGABM.roa
Signing time:             Wed 24 May 2023 16:03:02 +0000
ROA not before:           Wed 24 May 2023 16:03:02 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.116.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 220 (0xdc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:03:02 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=AA094FAF652948A992603AB386B89C2820460013
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:61:88:7f:70:08:12:c1:58:94:41:1a:ce:86:
                    1f:b5:29:cc:4d:9f:74:11:d2:5d:ba:37:20:90:96:
                    b0:c8:c1:56:5a:17:41:69:bd:74:0f:5f:03:6e:2f:
                    d3:f5:e5:9d:04:17:ef:92:b3:97:5e:dd:21:e4:ff:
                    8f:75:51:58:70:9a:78:85:3b:bf:8b:a4:da:5b:33:
                    c9:a3:7e:fe:eb:61:da:26:95:84:68:f7:ae:34:db:
                    6f:ee:d5:7e:ab:2c:ac:3b:ef:cf:0d:8d:73:31:87:
                    18:08:31:1b:7c:00:ab:47:12:8d:5a:ac:17:09:e6:
                    1d:c1:68:18:99:99:11:8d:09:90:52:c2:cf:69:3b:
                    e8:c2:25:db:1b:70:8a:5c:b8:65:2d:e7:28:d5:a9:
                    3e:6a:26:6e:b5:1f:0a:3b:ab:42:97:64:d5:5a:e6:
                    40:c8:03:da:03:a6:68:92:78:49:8f:ae:9c:cd:f3:
                    bb:99:cc:ce:eb:50:cd:80:e1:04:c8:6c:53:dc:00:
                    e8:5d:8e:54:05:4c:63:d7:32:1b:ed:67:da:25:12:
                    2a:49:f8:33:f0:6e:c5:f8:28:11:8b:8b:f7:86:e9:
                    52:37:d9:f8:35:b8:d7:d9:af:53:81:13:dc:e6:f9:
                    da:e4:4c:d3:df:c3:48:49:01:98:51:43:f7:71:d7:
                    5a:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:09:4F:AF:65:29:48:A9:92:60:3A:B3:86:B8:9C:28:20:46:00:13
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qglPr2UpSKmSYDqzhricKCBGABM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.116.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2e:1a:e7:c4:65:d2:23:a9:0c:48:fd:5f:44:3a:23:de:c1:92:
         cf:51:1a:70:3d:37:f9:58:3b:a5:cf:6b:8a:85:84:1a:7c:5b:
         f9:3d:e2:cd:c3:a4:b4:32:d5:da:97:8f:14:4f:4d:bd:a6:c6:
         75:fb:e1:06:52:ff:52:f6:92:f7:66:56:28:26:b8:4f:47:b4:
         f7:09:b0:84:93:bd:ed:27:42:06:87:00:b3:e6:ef:50:74:0a:
         7a:80:08:31:1e:e5:ec:6f:8e:d5:b3:f4:20:1e:b0:4a:b1:65:
         a3:03:60:2e:dd:f6:76:7d:5a:66:60:dd:ab:2e:98:30:1e:05:
         25:01:0d:6a:cc:f7:4d:45:d2:ac:6b:72:bd:42:bf:bc:ad:5f:
         f0:d6:7c:1f:a4:37:88:16:85:b2:af:09:18:e2:50:fc:07:c9:
         22:31:b0:34:4d:f1:1c:c3:28:bb:6e:39:f4:47:da:67:4c:41:
         07:8d:d7:4c:e5:e8:6a:39:90:cf:68:25:35:f2:b1:39:f2:fb:
         1a:64:33:d0:8d:58:c8:ba:7b:28:c1:ff:d3:c6:a9:82:01:69:
         bf:78:04:4e:f7:ac:bb:e2:31:f8:26:28:e9:25:ce:87:d2:b0:
         c9:df:92:9a:79:54:21:4c:57:7b:c9:c6:0a:04:b0:ac:0d:c9:
         76:8a:38:60
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICANwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjAzMDJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEFBMDk0RkFGNjUyOTQ4
QTk5MjYwM0FCMzg2Qjg5QzI4MjA0NjAwMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChYYh/cAgSwViUQRrOhh+1KcxNn3QR0l26NyCQlrDIwVZaF0Fp
vXQPXwNuL9P15Z0EF++Ss5de3SHk/491UVhwmniFO7+LpNpbM8mjfv7rYdomlYRo
964022/u1X6rLKw7788NjXMxhxgIMRt8AKtHEo1arBcJ5h3BaBiZmRGNCZBSws9p
O+jCJdsbcIpcuGUt5yjVqT5qJm61Hwo7q0KXZNVa5kDIA9oDpmiSeEmPrpzN87uZ
zM7rUM2A4QTIbFPcAOhdjlQFTGPXMhvtZ9olEipJ+DPwbsX4KBGLi/eG6VI32fg1
uNfZr1OBE9zm+drkTNPfw0hJAZhRQ/dx11oJAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUqglPr2UpSKmSYDqzhricKCBGABMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3FnbFByMlVwU0ttU1lEcXpocmljS0NCR0FCTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYnQwDQYJKoZIhvcNAQELBQADggEBAC4a58Rl0iOpDEj9X0Q6I97Bks9R
GnA9N/lYO6XPa4qFhBp8W/k94s3DpLQy1dqXjxRPTb2mxnX74QZS/1L2kvdmVigm
uE9HtPcJsISTve0nQgaHALPm71B0CnqACDEe5exvjtWz9CAesEqxZaMDYC7d9nZ9
WmZg3asumDAeBSUBDWrM901F0qxrcr1Cv7ytX/DWfB+kN4gWhbKvCRjiUPwHySIx
sDRN8RzDKLtuOfRH2mdMQQeN10zl6Go5kM9oJTXysTny+xpkM9CNWMi6eyjB/9PG
qYIBab94BE73rLviMfgmKOklzofSsMnfkpp5VCFMV3vJxgoEsKwNyXaKOGA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org