Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/sX9ddz2ovKduBV0h2HV1edKPGTc.roa
File:                     sX9ddz2ovKduBV0h2HV1edKPGTc.roa (raw, json)
Hash identifier:          hfgqRBvXYfol3Hf0bcgnarb5YrNPaakA98xtxYvETS0=
Subject key identifier:   B1:7F:5D:77:3D:A8:BC:A7:6E:05:5D:21:D8:75:75:79:D2:8F:19:37
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       F8
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/sX9ddz2ovKduBV0h2HV1edKPGTc.roa
Signing time:             Wed 24 May 2023 16:03:14 +0000
ROA not before:           Wed 24 May 2023 16:03:14 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.23.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 248 (0xf8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:03:14 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=B17F5D773DA8BCA76E055D21D8757579D28F1937
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cb:cd:8e:98:73:6b:28:8b:00:06:c8:a1:a1:
                    10:f3:6a:04:be:36:27:5c:54:e3:2e:da:98:83:a3:
                    3d:64:fd:a6:bc:87:60:f6:bd:89:9e:9b:ee:94:fa:
                    0a:ec:65:9e:05:02:16:e3:2d:8d:64:5a:68:b1:1b:
                    ec:aa:1c:f7:57:64:77:e8:47:1b:6b:ea:70:ca:ce:
                    72:e1:ab:fa:5d:b0:1c:18:3d:75:93:da:c4:80:5f:
                    6e:d2:c1:ee:5c:a5:eb:28:18:ba:20:80:7f:61:41:
                    91:d4:93:44:f3:4b:bf:63:81:c3:24:c6:bf:0c:9f:
                    81:07:8d:2a:4d:a9:7e:02:0f:5f:72:73:65:6a:5b:
                    da:ec:d2:26:2d:0b:48:e2:3a:b5:9a:b7:8e:31:55:
                    60:99:97:5a:03:9d:55:f5:2c:a0:82:27:dd:20:5b:
                    7c:a0:59:7c:3b:fb:c5:e3:d3:c5:65:e6:b8:68:f7:
                    e9:c9:db:86:15:be:23:1d:28:ce:9b:05:89:bf:e4:
                    61:7e:e4:72:c0:db:af:9e:26:12:a7:24:8f:cd:ce:
                    ce:9b:38:00:8e:99:07:e2:c2:f8:c7:d0:f0:14:a6:
                    1c:55:1b:a7:ad:60:5a:30:56:4c:c7:7e:47:b2:6f:
                    9b:17:58:0b:19:4f:25:f1:72:fa:66:69:66:8b:60:
                    9d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:7F:5D:77:3D:A8:BC:A7:6E:05:5D:21:D8:75:75:79:D2:8F:19:37
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/sX9ddz2ovKduBV0h2HV1edKPGTc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:67:0c:17:48:0b:b1:f9:cf:3d:18:fc:f4:f0:92:e4:4c:df:
         e6:d5:da:50:c6:02:9d:27:1b:83:e6:cd:cd:ca:4c:a5:93:25:
         4e:4f:5f:53:83:a4:a5:ee:ec:80:48:ee:d6:01:40:4a:66:2d:
         c9:4b:fd:28:cd:84:75:75:ad:d7:05:d1:96:34:c0:f8:57:f3:
         b0:26:51:5a:71:0e:f0:02:a4:4a:35:b7:70:b4:34:9b:db:ae:
         de:fb:6b:a4:88:d0:8d:9f:ea:50:71:c6:b9:d6:db:70:2a:c6:
         6b:e8:0e:f4:be:55:bc:b2:93:f0:71:3d:69:54:ee:5e:68:ae:
         52:7f:67:86:67:60:30:ae:ab:96:17:90:86:55:85:67:ba:73:
         a3:8d:38:16:32:96:b9:db:01:d0:9c:45:5e:8f:74:b9:4c:d9:
         30:2d:d3:64:8e:41:68:3e:2b:3a:37:42:87:a6:b4:0b:9e:cb:
         b3:f2:1f:90:80:3c:16:eb:a7:1d:d6:94:ae:ed:21:e9:df:b8:
         8a:6a:82:70:6e:78:9b:48:d9:d5:3b:dc:63:78:49:a3:c6:e2:
         b3:0c:00:2f:fd:c0:23:35:e3:5c:52:42:50:24:42:b6:be:02:
         07:97:56:25:ca:c2:d8:fc:70:36:b0:97:b0:65:13:bf:28:fb:
         53:ca:96:a3
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjAzMTRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEIxN0Y1RDc3M0RBOEJD
QTc2RTA1NUQyMUQ4NzU3NTc5RDI4RjE5MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2y82OmHNrKIsABsihoRDzagS+NidcVOMu2piDoz1k/aa8h2D2
vYmem+6U+grsZZ4FAhbjLY1kWmixG+yqHPdXZHfoRxtr6nDKznLhq/pdsBwYPXWT
2sSAX27Swe5cpesoGLoggH9hQZHUk0TzS79jgcMkxr8Mn4EHjSpNqX4CD19yc2Vq
W9rs0iYtC0jiOrWat44xVWCZl1oDnVX1LKCCJ90gW3ygWXw7+8Xj08Vl5rho9+nJ
24YVviMdKM6bBYm/5GF+5HLA26+eJhKnJI/Nzs6bOACOmQfiwvjH0PAUphxVG6et
YFowVkzHfkeyb5sXWAsZTyXxcvpmaWaLYJ2/AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUsX9ddz2ovKduBV0h2HV1edKPGTcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3NYOWRkejJvdktkdUJWMGgySFYxZWRLUEdUYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYhcwDQYJKoZIhvcNAQELBQADggEBALhnDBdIC7H5zz0Y/PTwkuRM3+bV
2lDGAp0nG4Pmzc3KTKWTJU5PX1ODpKXu7IBI7tYBQEpmLclL/SjNhHV1rdcF0ZY0
wPhX87AmUVpxDvACpEo1t3C0NJvbrt77a6SI0I2f6lBxxrnW23AqxmvoDvS+Vbyy
k/BxPWlU7l5orlJ/Z4ZnYDCuq5YXkIZVhWe6c6ONOBYylrnbAdCcRV6PdLlM2TAt
02SOQWg+Kzo3QoemtAuey7PyH5CAPBbrpx3WlK7tIenfuIpqgnBueJtI2dU73GN4
SaPG4rMMAC/9wCM141xSQlAkQra+AgeXViXKwtj8cDawl7BlE78o+1PKlqM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org