Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/rVlFWhN9HfuFZ6d3ttGP6QVoeJs.roa
File:                     rVlFWhN9HfuFZ6d3ttGP6QVoeJs.roa (raw, json)
Hash identifier:          xcRhvUcDzltBSUleofMdm6CI7bja3ClUHyIcfpFNCXo=
Subject key identifier:   AD:59:45:5A:13:7D:1D:FB:85:67:A7:77:B6:D1:8F:E9:05:68:78:9B
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       FA
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/rVlFWhN9HfuFZ6d3ttGP6QVoeJs.roa
Signing time:             Wed 24 May 2023 16:03:14 +0000
ROA not before:           Wed 24 May 2023 16:03:14 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.188.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 250 (0xfa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:03:14 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=AD59455A137D1DFB8567A777B6D18FE90568789B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:b4:2c:e7:a0:21:f3:0c:fb:fe:0c:11:0e:91:
                    41:2f:73:75:7f:fe:52:3e:46:f5:f9:0b:8b:6f:e9:
                    af:61:63:62:eb:d2:23:c4:ed:33:0c:13:e7:00:d9:
                    db:23:06:55:08:25:ad:4c:3e:d4:90:5b:9c:25:09:
                    1b:1d:c1:c7:bc:7b:59:27:9e:11:0a:7a:2f:43:97:
                    09:99:31:53:1d:fc:4b:88:e6:3d:32:d6:f1:60:44:
                    d2:00:7e:24:4f:6d:5a:9d:34:94:95:27:9d:dc:89:
                    12:15:cd:de:b6:ba:a3:c0:22:f6:97:c9:96:a4:6e:
                    e5:74:f5:d0:e0:cf:f0:8e:74:ab:49:0e:74:e7:26:
                    13:48:ca:ca:df:28:f2:62:9b:f0:b1:a7:f6:ff:51:
                    d7:64:6a:ac:95:7a:a1:35:48:05:f1:9c:00:c1:36:
                    51:30:71:05:15:25:f5:75:48:30:ef:d5:b9:31:fc:
                    0b:f3:ef:c3:c3:cb:63:20:0d:a6:43:43:0c:0b:c2:
                    9c:d1:61:cc:29:82:38:ec:82:6b:66:33:b0:4a:25:
                    a7:75:70:3a:42:8e:05:51:8c:0f:3d:0a:14:24:f2:
                    76:3d:b0:ef:2c:4b:99:30:99:91:6b:b2:4e:cf:87:
                    cc:63:82:b7:eb:b1:fd:46:3b:01:62:46:e6:00:15:
                    0b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:59:45:5A:13:7D:1D:FB:85:67:A7:77:B6:D1:8F:E9:05:68:78:9B
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/rVlFWhN9HfuFZ6d3ttGP6QVoeJs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:7a:91:8d:53:66:42:08:eb:6e:c0:ed:49:35:62:81:89:52:
         b6:26:7f:ec:b8:36:27:5e:e2:5c:eb:d1:8f:a3:88:e5:55:67:
         cd:71:1c:93:b7:ce:0e:25:8c:5b:0a:98:f0:69:b1:b0:e3:01:
         54:80:08:a7:8f:9d:75:64:57:b4:77:31:30:42:72:9a:53:28:
         bd:2f:fd:9f:36:df:d8:b5:b4:5d:a5:85:ce:19:b1:d9:97:bd:
         21:47:6f:84:e2:94:9c:bd:fc:9f:07:7c:83:a9:8d:aa:ef:49:
         03:4f:2c:90:03:ab:84:00:61:f7:4e:a8:83:72:22:f0:19:6a:
         06:92:0d:ad:d9:c5:52:19:d3:ec:8c:43:bc:44:6e:1a:65:39:
         50:c6:e5:9e:fc:d9:05:c1:88:6a:97:44:68:f6:c3:0b:76:f7:
         7e:f0:3a:ac:51:1c:fe:ad:62:3f:49:c3:fe:9c:12:04:5a:74:
         a7:f5:0c:12:11:6d:dc:95:01:20:2b:ed:fc:a5:5a:d3:17:77:
         9e:71:b3:48:70:35:c1:37:a0:61:66:c8:50:6b:7c:8c:83:0b:
         90:d5:ff:5a:ae:3b:f2:cb:9a:bf:c9:40:e5:c7:87:49:7a:23:
         28:4e:42:2b:0c:66:ce:70:15:32:02:a1:d0:66:3b:3e:fa:c7:
         66:53:d0:c6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjAzMTRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEFENTk0NTVBMTM3RDFE
RkI4NTY3QTc3N0I2RDE4RkU5MDU2ODc4OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHtCznoCHzDPv+DBEOkUEvc3V//lI+RvX5C4tv6a9hY2Lr0iPE
7TMME+cA2dsjBlUIJa1MPtSQW5wlCRsdwce8e1knnhEKei9DlwmZMVMd/EuI5j0y
1vFgRNIAfiRPbVqdNJSVJ53ciRIVzd62uqPAIvaXyZakbuV09dDgz/COdKtJDnTn
JhNIysrfKPJim/Cxp/b/UddkaqyVeqE1SAXxnADBNlEwcQUVJfV1SDDv1bkx/Avz
78PDy2MgDaZDQwwLwpzRYcwpgjjsgmtmM7BKJad1cDpCjgVRjA89ChQk8nY9sO8s
S5kwmZFrsk7Ph8xjgrfrsf1GOwFiRuYAFQuBAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUrVlFWhN9HfuFZ6d3ttGP6QVoeJswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3JWbEZXaE45SGZ1Rlo2ZDN0dEdQNlFWb2VKcy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYrwwDQYJKoZIhvcNAQELBQADggEBAId6kY1TZkII627A7Uk1YoGJUrYm
f+y4Nide4lzr0Y+jiOVVZ81xHJO3zg4ljFsKmPBpsbDjAVSACKePnXVkV7R3MTBC
cppTKL0v/Z8239i1tF2lhc4ZsdmXvSFHb4TilJy9/J8HfIOpjarvSQNPLJADq4QA
YfdOqINyIvAZagaSDa3ZxVIZ0+yMQ7xEbhplOVDG5Z782QXBiGqXRGj2wwt2937w
OqxRHP6tYj9Jw/6cEgRadKf1DBIRbdyVASAr7fylWtMXd55xs0hwNcE3oGFmyFBr
fIyDC5DV/1quO/LLmr/JQOXHh0l6IyhOQisMZs5wFTICodBmOz76x2ZT0MY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org