Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20252/Gt1wz4EFqOlaLU8LnKo74-eHhRc.roa
File:                     Gt1wz4EFqOlaLU8LnKo74-eHhRc.roa (raw, json)
Hash identifier:          aGV6Fh7F/K8cMGtnLYgy/SuVjbECtPc6Y9djYzf47fI=
Subject key identifier:   1A:DD:70:CF:81:05:A8:E9:5A:2D:4F:0B:9C:AA:3B:E3:E7:87:85:17
Certificate issuer:       /CN=46C1CC2D65283BE3810719F5EA1A8790303A2279
Certificate serial:       02
Authority key identifier: 46:C1:CC:2D:65:28:3B:E3:81:07:19:F5:EA:1A:87:90:30:3A:22:79
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/RsHMLWUoO-OBBxn16hqHkDA6Ink.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20252/Gt1wz4EFqOlaLU8LnKo74-eHhRc.roa
Signing time:             Tue 05 Mar 2024 15:49:17 +0000
ROA not before:           Tue 05 Mar 2024 15:49:17 +0000
ROA not after:            Wed 05 Mar 2025 15:42:28 +0000
asID:                     151381
IP address blocks:        157.15.254.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 May 2024 17:10:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46C1CC2D65283BE3810719F5EA1A8790303A2279
        Validity
            Not Before: Mar  5 15:49:17 2024 GMT
            Not After : Mar  5 15:42:28 2025 GMT
        Subject: CN=1ADD70CF8105A8E95A2D4F0B9CAA3BE3E7878517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:cd:34:53:16:53:ed:3c:ce:3e:c3:52:b9:ef:
                    db:18:7d:f7:3e:1c:31:7b:17:cd:16:5f:2d:bc:3d:
                    4e:1b:d0:3f:00:37:d4:92:a7:c0:5a:3d:f9:57:7b:
                    5e:4f:5a:f6:bf:47:8a:65:c9:d3:a4:19:ba:a6:01:
                    69:0e:8a:a9:b4:81:fc:4c:a3:e4:ed:79:d7:c7:88:
                    42:98:ec:c8:e8:1d:1b:ab:b5:4e:22:25:0c:2c:04:
                    db:6e:3e:7e:12:f1:a5:5a:4c:5f:1f:d0:82:14:a4:
                    6d:4e:e7:a9:36:59:f4:b6:aa:c0:79:bf:b6:8b:36:
                    8c:d3:8b:20:c7:e4:66:bc:de:d5:bc:8e:22:28:f4:
                    b4:9f:a3:e4:92:7c:39:3c:1e:25:cc:db:1a:19:53:
                    96:ee:0e:63:a9:0f:dd:c9:a9:10:9d:70:d6:f2:47:
                    cb:4d:21:af:fe:31:4d:f9:2c:6a:40:a5:b7:fc:27:
                    89:ad:d8:1f:ba:f0:36:b7:2a:9a:b5:d7:a3:be:b1:
                    1d:3c:52:3c:a1:a7:c2:63:3a:c8:98:a3:9d:e1:d4:
                    c7:37:ba:9c:18:fe:2b:98:a4:65:b3:1b:bc:32:69:
                    98:80:68:0c:51:e0:59:b6:b3:50:66:de:75:fd:f6:
                    10:ca:a9:d1:3e:8a:00:64:03:26:5d:b3:6f:12:13:
                    2c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:DD:70:CF:81:05:A8:E9:5A:2D:4F:0B:9C:AA:3B:E3:E7:87:85:17
            X509v3 Authority Key Identifier:
                keyid:46:C1:CC:2D:65:28:3B:E3:81:07:19:F5:EA:1A:87:90:30:3A:22:79

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20252/RsHMLWUoO-OBBxn16hqHkDA6Ink.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/RsHMLWUoO-OBBxn16hqHkDA6Ink.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20252/Gt1wz4EFqOlaLU8LnKo74-eHhRc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.15.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         54:94:15:cb:70:95:b8:79:0b:cf:d4:1f:f5:43:fc:4f:59:25:
         c9:b0:e8:a2:da:25:bc:86:95:20:62:2d:f3:08:fc:12:42:35:
         c5:08:19:20:bb:6a:fa:f9:77:5f:13:ae:69:92:f8:16:fe:42:
         ee:64:70:41:08:93:17:2e:18:21:81:24:e4:1f:ce:16:a9:04:
         80:d0:c8:d7:42:92:6c:2f:9e:77:48:ea:0e:b0:cb:e4:ba:13:
         19:d1:32:ff:f7:8a:89:c2:4a:0f:12:86:05:52:6e:95:14:de:
         17:8e:f6:0b:4b:0d:6c:7e:21:7e:b9:7e:3c:d2:f3:97:58:0a:
         bd:77:41:79:3f:4d:df:20:e0:69:9a:92:97:01:b5:e5:a5:f1:
         8a:b2:97:9a:fc:6e:a5:de:7d:54:53:cb:24:97:c2:14:b1:91:
         f0:af:4c:88:12:08:53:89:c7:48:38:96:e5:90:0e:6f:6d:66:
         79:13:7c:38:bd:cf:07:cf:27:24:2d:1f:56:fd:a9:48:29:fb:
         19:a1:1a:bf:32:62:61:b2:40:88:75:51:1c:3b:db:4c:8a:6a:
         43:64:3a:bc:93:ab:c7:52:22:d0:f2:a9:ed:4d:72:bd:3b:5b:
         01:6f:a6:43:bc:db:40:9d:f5:47:47:54:0e:79:82:c0:4d:47:
         f3:b1:bb:56
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0NkMx
Q0MyRDY1MjgzQkUzODEwNzE5RjVFQTFBODc5MDMwM0EyMjc5MB4XDTI0MDMwNTE1
NDkxN1oXDTI1MDMwNTE1NDIyOFowMzExMC8GA1UEAxMoMUFERDcwQ0Y4MTA1QThF
OTVBMkQ0RjBCOUNBQTNCRTNFNzg3ODUxNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMfNNFMWU+08zj7DUrnv2xh99z4cMXsXzRZfLbw9ThvQPwA31JKn
wFo9+Vd7Xk9a9r9HimXJ06QZuqYBaQ6KqbSB/Eyj5O1518eIQpjsyOgdG6u1TiIl
DCwE224+fhLxpVpMXx/QghSkbU7nqTZZ9LaqwHm/tos2jNOLIMfkZrze1byOIij0
tJ+j5JJ8OTweJczbGhlTlu4OY6kP3cmpEJ1w1vJHy00hr/4xTfksakClt/wnia3Y
H7rwNrcqmrXXo76xHTxSPKGnwmM6yJijneHUxze6nBj+K5ikZbMbvDJpmIBoDFHg
WbazUGbedf32EMqp0T6KAGQDJl2zbxITLLUCAwEAAaOCAigwggIkMB0GA1UdDgQW
BBQa3XDPgQWo6VotTwucqjvj54eFFzAfBgNVHSMEGDAWgBRGwcwtZSg744EHGfXq
GoeQMDoieTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjAyNTIvUnNITUxXVW9PLU9CQnhuMTZocUhrREE2SW5rLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvUnNITUxXVW9PLU9CQnhuMTZocUhr
REE2SW5rLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzIwMjUyL0d0MXd6NEVGcU9sYUxVOExuS283NC1lSGhSYy5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAGdD/4wDQYJKoZIhvcNAQELBQADggEBAFSUFctwlbh5C8/UH/VD/E9Z
Jcmw6KLaJbyGlSBiLfMI/BJCNcUIGSC7avr5d18TrmmS+Bb+Qu5kcEEIkxcuGCGB
JOQfzhapBIDQyNdCkmwvnndI6g6wy+S6ExnRMv/3ionCSg8ShgVSbpUU3heO9gtL
DWx+IX65fjzS85dYCr13QXk/Td8g4GmakpcBteWl8Yqyl5r8bqXefVRTyySXwhSx
kfCvTIgSCFOJx0g4luWQDm9tZnkTfDi9zwfPJyQtH1b9qUgp+xmhGr8yYmGyQIh1
URw720yKakNkOryTq8dSItDyqe1Ncr07WwFvpkO820Cd9UdHVA55gsBNR/Oxu1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:48 2024 by rpki-client on console-fra.rpki-client.org