Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/2251/3ZL1NKitkMwXolwiYIMC2D4BCp4.roa
File:                     3ZL1NKitkMwXolwiYIMC2D4BCp4.roa (raw, json)
Hash identifier:          7DuJpK9xB1fsAhf41RMx/fFf5uAWqbB3rzlF/cS8me8=
Subject key identifier:   DD:92:F5:34:A8:AD:90:CC:17:A2:5C:22:60:83:02:D8:3E:01:0A:9E
Certificate issuer:       /CN=9E1460D2688F6D1068B97C1F914040434B8F0324
Certificate serial:       2B
Authority key identifier: 9E:14:60:D2:68:8F:6D:10:68:B9:7C:1F:91:40:40:43:4B:8F:03:24
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/nhRg0miPbRBouXwfkUBAQ0uPAyQ.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2251/3ZL1NKitkMwXolwiYIMC2D4BCp4.roa
Signing time:             Sat 01 Jul 2023 01:28:39 +0000
ROA not before:           Sat 01 Jul 2023 01:28:39 +0000
ROA not after:            Fri 14 Jun 2024 01:30:02 +0000
asID:                     2518
IP address blocks:        192.47.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 31 May 2024 01:32:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43 (0x2b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E1460D2688F6D1068B97C1F914040434B8F0324
        Validity
            Not Before: Jul  1 01:28:39 2023 GMT
            Not After : Jun 14 01:30:02 2024 GMT
        Subject: CN=DD92F534A8AD90CC17A25C22608302D83E010A9E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a5:3c:72:f0:8f:64:92:de:aa:04:f1:96:47:
                    0a:a0:a8:b8:fe:e5:5c:c4:1a:81:d4:bf:c5:bd:1b:
                    56:eb:cd:b4:1d:56:be:83:b5:4e:00:df:f3:00:ef:
                    24:3e:4b:5c:cb:63:ff:63:a9:53:02:c3:57:a5:0f:
                    74:68:52:7c:e2:13:42:ce:a9:67:6e:cf:61:a5:8b:
                    43:7c:62:39:46:15:43:e8:86:bc:99:fc:56:8a:74:
                    62:69:ea:97:a5:80:8b:f6:6f:5e:57:f1:7a:af:69:
                    3c:fe:fb:4f:88:ab:35:1f:e2:99:ca:89:ee:17:68:
                    9d:e4:dc:d4:66:8d:b5:48:fe:07:db:d2:36:1f:75:
                    fa:02:aa:f8:39:29:db:14:af:e2:b6:6e:e8:bb:a4:
                    a2:24:02:96:fa:b8:4e:d6:9b:0c:67:17:96:51:63:
                    55:c7:e6:9f:25:3d:a7:0f:85:fd:7b:87:ed:6a:57:
                    c6:e9:ca:50:da:18:f1:c5:37:04:39:36:d1:99:b5:
                    e0:e0:2e:e4:4b:7d:07:72:36:9b:90:1f:06:61:47:
                    cc:1d:ad:0e:56:fe:fa:22:26:c5:f0:81:49:fa:75:
                    33:9d:27:30:e6:88:d3:c8:f6:9a:f3:e2:11:bf:42:
                    0b:c6:b7:70:ba:56:58:5a:08:55:b3:97:85:86:df:
                    c0:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:92:F5:34:A8:AD:90:CC:17:A2:5C:22:60:83:02:D8:3E:01:0A:9E
            X509v3 Authority Key Identifier:
                keyid:9E:14:60:D2:68:8F:6D:10:68:B9:7C:1F:91:40:40:43:4B:8F:03:24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2251/nhRg0miPbRBouXwfkUBAQ0uPAyQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/nhRg0miPbRBouXwfkUBAQ0uPAyQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2251/3ZL1NKitkMwXolwiYIMC2D4BCp4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.47.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:66:b7:0a:6e:50:89:1f:75:46:8a:28:69:a3:5f:1b:8a:47:
         f7:f8:ad:9a:f0:92:f3:2d:43:b1:a5:48:8d:ce:99:0e:e0:12:
         96:7d:6e:6b:19:72:06:7a:8b:f7:c9:70:7f:8d:6b:84:2e:19:
         08:98:cb:c4:bd:51:92:bc:bf:30:31:59:e1:80:ba:f5:82:d4:
         12:b4:2e:49:5a:3d:9f:ea:09:76:65:a4:f2:11:a0:58:15:a2:
         1c:bc:9d:62:25:fb:96:2b:e3:73:a8:2f:3d:13:c5:41:5d:eb:
         52:0c:98:be:47:e1:c4:a6:6a:7f:d4:ee:d2:54:eb:d9:0c:a3:
         a1:0c:fe:9c:f0:7a:14:c7:fd:48:41:1b:8c:05:cf:b3:bd:01:
         4a:95:bf:36:2a:a1:4a:2a:64:5b:a9:00:74:b0:a9:ab:4a:d7:
         a1:8c:c2:e3:05:db:8e:c9:7e:7c:b0:60:37:25:d2:c8:2e:e0:
         b0:f6:19:30:4f:2d:20:f6:21:77:ef:0d:0c:8a:ef:59:0c:f2:
         e8:23:80:c6:98:56:86:df:41:8c:9f:ce:fb:5b:08:20:76:3e:
         27:c1:b4:c9:1b:d6:36:3e:4c:75:93:29:95:40:4a:57:46:ee:
         71:0d:16:ae:f1:b7:66:30:58:45:2b:7e:a8:78:2e:c7:eb:fd:
         d5:8f:7d:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5RTE0
NjBEMjY4OEY2RDEwNjhCOTdDMUY5MTQwNDA0MzRCOEYwMzI0MB4XDTIzMDcwMTAx
MjgzOVoXDTI0MDYxNDAxMzAwMlowMzExMC8GA1UEAxMoREQ5MkY1MzRBOEFEOTBD
QzE3QTI1QzIyNjA4MzAyRDgzRTAxMEE5RTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL2lPHLwj2SS3qoE8ZZHCqCouP7lXMQagdS/xb0bVuvNtB1WvoO1
TgDf8wDvJD5LXMtj/2OpUwLDV6UPdGhSfOITQs6pZ27PYaWLQ3xiOUYVQ+iGvJn8
Vop0Ymnql6WAi/ZvXlfxeq9pPP77T4irNR/imcqJ7hdoneTc1GaNtUj+B9vSNh91
+gKq+Dkp2xSv4rZu6LukoiQClvq4TtabDGcXllFjVcfmnyU9pw+F/XuH7WpXxunK
UNoY8cU3BDk20Zm14OAu5Et9B3I2m5AfBmFHzB2tDlb++iImxfCBSfp1M50nMOaI
08j2mvPiEb9CC8a3cLpWWFoIVbOXhYbfwF0CAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBTdkvU0qK2QzBeiXCJggwLYPgEKnjAfBgNVHSMEGDAWgBSeFGDSaI9tEGi5fB+R
QEBDS48DJDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjI1MS9uaFJnMG1pUGJSQm91WHdma1VCQVEwdVBBeVEuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9uaFJnMG1pUGJSQm91WHdma1VCQVEw
dVBBeVEuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMjI1MS8zWkwxTktpdGtNd1hvbHdpWUlNQzJENEJDcDQucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAwC91MA0GCSqGSIb3DQEBCwUAA4IBAQBbZrcKblCJH3VGiihpo18bikf3
+K2a8JLzLUOxpUiNzpkO4BKWfW5rGXIGeov3yXB/jWuELhkImMvEvVGSvL8wMVnh
gLr1gtQStC5JWj2f6gl2ZaTyEaBYFaIcvJ1iJfuWK+NzqC89E8VBXetSDJi+R+HE
pmp/1O7SVOvZDKOhDP6c8HoUx/1IQRuMBc+zvQFKlb82KqFKKmRbqQB0sKmrSteh
jMLjBduOyX58sGA3JdLILuCw9hkwTy0g9iF37w0Miu9ZDPLoI4DGmFaG30GMn877
Wwggdj4nwbTJG9Y2Pkx1kymVQEpXRu5xDRau8bdmMFhFK36oeC7H6/3Vj33X
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:49 2024 by rpki-client on console-fra.rpki-client.org