Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/1937/dJ-LXKrW9pncgJQBGYL0r21Ss9g.roa
File:                     dJ-LXKrW9pncgJQBGYL0r21Ss9g.roa (raw, json)
Hash identifier:          UUUwBRh+h3A0efSiSR8CSWyUQbkLnw0iJ+vS3+QzKZA=
Subject key identifier:   74:9F:8B:5C:AA:D6:F6:99:DC:80:94:01:19:82:F4:AF:6D:52:B3:D8
Certificate issuer:       /CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
Certificate serial:       19
Authority key identifier: 71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/dJ-LXKrW9pncgJQBGYL0r21Ss9g.roa
Signing time:             Tue 02 Apr 2024 00:05:11 +0000
ROA not before:           Tue 02 Apr 2024 00:05:11 +0000
ROA not after:            Sat 15 Mar 2025 01:30:02 +0000
asID:                     2497
IP address blocks:        157.8.58.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 19 Jul 2024 09:21:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25 (0x19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7191CB9F4C422D3B3D675371B18A8DADDAE8798D
        Validity
            Not Before: Apr  2 00:05:11 2024 GMT
            Not After : Mar 15 01:30:02 2025 GMT
        Subject: CN=749F8B5CAAD6F699DC8094011982F4AF6D52B3D8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:e4:a5:04:68:66:6b:b9:32:57:05:53:bb:29:
                    43:a4:ca:9e:c6:15:a4:2e:38:11:d3:cf:65:d3:38:
                    64:af:f7:08:cc:7e:9e:79:da:74:d6:98:94:54:49:
                    82:ed:63:d6:54:f6:97:73:9b:d2:67:45:3a:26:49:
                    5a:26:a2:da:9d:41:9f:8a:3c:17:17:8b:b0:9b:2d:
                    b2:92:77:02:8c:cb:e7:1b:bd:ce:54:6e:5f:20:2f:
                    55:a3:2d:2c:80:06:80:84:5e:ae:0d:55:cf:05:50:
                    31:af:23:06:de:be:28:18:ac:6e:d9:b4:0b:3c:6f:
                    19:81:7d:cb:97:e8:31:37:8b:1c:8a:cf:43:36:d2:
                    f2:bc:2c:9c:d6:83:09:ed:de:af:73:18:0f:71:c6:
                    5d:09:05:49:ae:cc:f5:fd:6a:bd:54:26:72:6e:ea:
                    e3:37:2e:d5:38:45:d9:e1:c7:74:9b:84:c9:36:26:
                    d2:15:a3:ce:3a:5c:43:37:00:cd:6a:7d:43:c8:77:
                    2c:a0:f8:c9:9c:3e:89:40:9b:2c:fb:9d:47:13:63:
                    d5:f2:25:30:c6:76:55:a8:31:0a:92:b0:7c:41:db:
                    ff:94:d9:9c:ff:11:09:16:f4:05:26:1c:4d:35:17:
                    21:23:ae:f5:25:e8:c7:82:eb:87:0b:f6:bf:b2:f1:
                    27:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:9F:8B:5C:AA:D6:F6:99:DC:80:94:01:19:82:F4:AF:6D:52:B3:D8
            X509v3 Authority Key Identifier:
                keyid:71:91:CB:9F:4C:42:2D:3B:3D:67:53:71:B1:8A:8D:AD:DA:E8:79:8D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/cZHLn0xCLTs9Z1NxsYqNrdroeY0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cZHLn0xCLTs9Z1NxsYqNrdroeY0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1937/dJ-LXKrW9pncgJQBGYL0r21Ss9g.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.8.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:5d:ba:eb:20:94:af:33:fb:06:01:1e:b6:a0:ce:4a:c1:ea:
         98:5d:30:e1:31:8f:cb:b7:3e:e1:85:9a:f1:34:f7:2a:6d:d3:
         4e:1f:7e:b9:67:e9:43:35:63:ad:59:c2:66:19:d5:d8:19:8e:
         04:6c:c5:a8:84:da:a6:8a:fa:08:1d:e1:14:e9:63:b3:8f:ea:
         f2:0f:5d:34:5b:df:36:8e:81:e2:45:3d:e2:29:a5:76:8c:f8:
         c8:77:a9:f8:01:c5:31:05:bc:b6:d1:45:1f:f3:88:44:d0:58:
         77:e1:fb:73:65:40:52:22:50:d1:e2:6a:8c:4d:18:1c:7c:12:
         60:e9:64:ee:a4:63:33:7e:7b:d1:85:8d:2c:4b:a8:40:2e:ea:
         d5:39:85:79:84:1b:1c:a6:b7:04:9c:b0:9d:4e:4c:18:b7:68:
         da:42:f9:92:95:f1:7b:b6:ae:2b:4d:5b:b9:2f:ed:36:41:49:
         2a:ba:bf:40:91:63:f3:89:2f:c4:1a:12:a4:54:a2:eb:d1:93:
         ee:fa:9d:84:3c:a2:0e:d3:28:d7:9a:c2:da:e5:ab:22:03:83:
         bc:63:73:8d:b8:02:b5:11:e4:1e:c8:a7:a0:eb:d5:ba:ca:14:
         f3:11:f7:c3:24:37:2a:01:9e:03:4b:54:db:86:ca:76:01:a0:
         0d:03:83:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MTkx
Q0I5RjRDNDIyRDNCM0Q2NzUzNzFCMThBOERBRERBRTg3OThEMB4XDTI0MDQwMjAw
MDUxMVoXDTI1MDMxNTAxMzAwMlowMzExMC8GA1UEAxMoNzQ5RjhCNUNBQUQ2RjY5
OURDODA5NDAxMTk4MkY0QUY2RDUyQjNEODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALTkpQRoZmu5MlcFU7spQ6TKnsYVpC44EdPPZdM4ZK/3CMx+nnna
dNaYlFRJgu1j1lT2l3Ob0mdFOiZJWiai2p1Bn4o8FxeLsJstspJ3AozL5xu9zlRu
XyAvVaMtLIAGgIRerg1VzwVQMa8jBt6+KBisbtm0CzxvGYF9y5foMTeLHIrPQzbS
8rwsnNaDCe3er3MYD3HGXQkFSa7M9f1qvVQmcm7q4zcu1ThF2eHHdJuEyTYm0hWj
zjpcQzcAzWp9Q8h3LKD4yZw+iUCbLPudRxNj1fIlMMZ2VagxCpKwfEHb/5TZnP8R
CRb0BSYcTTUXISOu9SXox4Lrhwv2v7LxJ+kCAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBR0n4tcqtb2mdyAlAEZgvSvbVKz2DAfBgNVHSMEGDAWgBRxkcufTEItOz1nU3Gx
io2t2uh5jTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTkzNy9jWkhMbjB4Q0xUczlaMU54c1lxTnJkcm9lWTAuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9jWkhMbjB4Q0xUczlaMU54c1lxTnJk
cm9lWTAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTkzNy9kSi1MWEtyVzlwbmNnSlFCR1lMMHIyMVNzOWcucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBnQg6MA0GCSqGSIb3DQEBCwUAA4IBAQBZXbrrIJSvM/sGAR62oM5KweqY
XTDhMY/Ltz7hhZrxNPcqbdNOH365Z+lDNWOtWcJmGdXYGY4EbMWohNqmivoIHeEU
6WOzj+ryD100W982joHiRT3iKaV2jPjId6n4AcUxBby20UUf84hE0Fh34ftzZUBS
IlDR4mqMTRgcfBJg6WTupGMzfnvRhY0sS6hALurVOYV5hBscprcEnLCdTkwYt2ja
QvmSlfF7tq4rTVu5L+02QUkqur9AkWPziS/EGhKkVKLr0ZPu+p2EPKIO0yjXmsLa
5asiA4O8Y3ONuAK1EeQeyKeg69W6yhTzEffDJDcqAZ4DS1Tbhsp2AaANA4O/
-----END CERTIFICATE-----
Generated at Fri Jul 19 12:04:49 2024 by rpki-client on console-ams.rpki-client.org