Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30175/39garQBcWYbqJMkKJ1121AKAA1k.roa
File:                     39garQBcWYbqJMkKJ1121AKAA1k.roa (raw, json)
Hash identifier:          EYKDyXpP5OFbIrteQnROwbtHwGsiVgmu2cpYnr4aXKs=
Subject key identifier:   DF:D8:1A:AD:00:5C:59:86:EA:24:C9:0A:27:5D:76:D4:02:80:03:59
Certificate issuer:       /CN=DFBCD3F8BCA91915C4533A2C0A69C3D35B2E688D
Certificate serial:       0E
Authority key identifier: DF:BC:D3:F8:BC:A9:19:15:C4:53:3A:2C:0A:69:C3:D3:5B:2E:68:8D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/37zT-LypGRXEUzosCmnD01suaI0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30175/39garQBcWYbqJMkKJ1121AKAA1k.roa
Signing time:             Tue 21 Nov 2023 06:44:39 +0000
ROA not before:           Tue 21 Nov 2023 06:44:39 +0000
ROA not after:            Thu 14 Nov 2024 01:30:03 +0000
asID:                     37901
IP address blocks:        240b:12::/32 maxlen: 40

Validation:               Failed, certificate revoked on Thu 31 Oct 2024 01:31:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14 (0xe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFBCD3F8BCA91915C4533A2C0A69C3D35B2E688D
        Validity
            Not Before: Nov 21 06:44:39 2023 GMT
            Not After : Nov 14 01:30:03 2024 GMT
        Subject: CN=DFD81AAD005C5986EA24C90A275D76D402800359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:d4:92:7b:96:d2:bb:9b:dd:7d:a1:df:7e:73:
                    25:96:c4:61:b9:d6:a2:51:fa:b9:7e:db:2b:13:44:
                    6b:80:6a:b5:2a:cc:c5:0a:a0:6e:c9:dd:2c:16:91:
                    87:9b:5e:1c:63:99:b8:36:ac:08:da:ab:e5:d4:77:
                    17:52:0a:dd:21:7d:04:7b:95:20:10:05:3b:f0:9d:
                    8b:4d:a1:f1:7a:2b:46:f2:77:42:5a:81:10:7f:37:
                    e5:64:fd:86:76:73:ab:ee:c3:fa:0d:d7:96:cc:2e:
                    ac:8e:7d:38:cf:77:cd:76:9a:62:c6:56:09:84:0e:
                    8f:5e:e8:c3:6d:09:cc:49:85:e2:45:e1:33:0d:3f:
                    71:8f:3e:98:61:97:d4:d6:2d:41:47:c8:70:1f:cb:
                    fa:a7:54:fc:16:8c:dd:ec:99:6d:af:be:f7:db:95:
                    ff:27:a4:1c:94:ac:39:a7:62:61:ad:40:74:f9:4a:
                    8c:f5:10:d9:f3:34:bf:83:7d:4c:4b:c7:70:06:d4:
                    98:b7:9f:d2:9c:65:d5:92:4e:7d:94:90:be:b2:09:
                    19:98:c4:a3:1c:98:32:72:61:eb:6a:f0:6f:c3:8b:
                    30:63:7c:a0:42:1a:5b:f5:44:a5:18:93:7f:24:dc:
                    bf:81:10:58:68:b6:e8:aa:3c:ed:67:01:41:3f:be:
                    04:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:D8:1A:AD:00:5C:59:86:EA:24:C9:0A:27:5D:76:D4:02:80:03:59
            X509v3 Authority Key Identifier:
                keyid:DF:BC:D3:F8:BC:A9:19:15:C4:53:3A:2C:0A:69:C3:D3:5B:2E:68:8D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30175/37zT-LypGRXEUzosCmnD01suaI0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/37zT-LypGRXEUzosCmnD01suaI0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30175/39garQBcWYbqJMkKJ1121AKAA1k.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240b:12::/32

    Signature Algorithm: sha256WithRSAEncryption
         09:9e:45:59:ac:88:ff:e8:0c:65:a8:c5:21:34:c3:61:a0:7d:
         a7:d3:11:e2:43:a3:40:df:0e:01:9c:af:95:56:cd:db:81:26:
         0f:f8:e2:ac:49:e5:f3:85:a4:7f:09:cc:2b:75:fd:d9:c1:40:
         5c:5b:1c:a7:46:6b:2b:88:ca:05:f3:93:b5:49:c7:b4:f6:7b:
         e9:95:41:a1:3b:34:ba:ec:d8:55:58:b8:4b:6c:04:d1:51:fe:
         c6:4e:4d:db:76:be:55:b2:74:45:25:8a:ec:83:38:0b:d4:8d:
         22:fa:49:4d:bd:04:1d:ae:0b:42:dc:ca:71:66:e6:d4:6d:38:
         17:44:21:38:e8:83:c3:ea:7c:17:b2:2c:7f:9a:ee:58:b7:34:
         84:d8:91:0e:ea:e5:cc:9c:8a:f5:f8:3b:57:ae:75:85:4f:b0:
         17:83:b7:14:a9:78:3e:88:9b:78:19:a5:af:34:90:59:7f:78:
         55:49:e1:41:a3:d2:cc:94:09:d8:2d:23:02:0d:c6:e4:13:49:
         4f:fc:64:0f:3d:1f:cf:6f:a6:2a:8b:ae:56:86:4b:97:a6:03:
         b5:b8:61:66:ca:25:22:4f:81:6e:8d:43:13:4c:80:1e:2f:8c:
         ae:eb:a3:6e:eb:7f:f7:fa:01:a0:3a:13:b8:52:67:8b:43:55:
         8a:df:04:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIBDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERkJD
RDNGOEJDQTkxOTE1QzQ1MzNBMkMwQTY5QzNEMzVCMkU2ODhEMB4XDTIzMTEyMTA2
NDQzOVoXDTI0MTExNDAxMzAwM1owMzExMC8GA1UEAxMoREZEODFBQUQwMDVDNTk4
NkVBMjRDOTBBMjc1RDc2RDQwMjgwMDM1OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAO3UknuW0rub3X2h335zJZbEYbnWolH6uX7bKxNEa4BqtSrMxQqg
bsndLBaRh5teHGOZuDasCNqr5dR3F1IK3SF9BHuVIBAFO/Cdi02h8XorRvJ3QlqB
EH835WT9hnZzq+7D+g3XlswurI59OM93zXaaYsZWCYQOj17ow20JzEmF4kXhMw0/
cY8+mGGX1NYtQUfIcB/L+qdU/BaM3eyZba++99uV/yekHJSsOadiYa1AdPlKjPUQ
2fM0v4N9TEvHcAbUmLef0pxl1ZJOfZSQvrIJGZjEoxyYMnJh62rwb8OLMGN8oEIa
W/VEpRiTfyTcv4EQWGi26Ko87WcBQT++BBcCAwEAAaOCAikwggIlMB0GA1UdDgQW
BBTf2BqtAFxZhuokyQonXXbUAoADWTAfBgNVHSMEGDAWgBTfvNP4vKkZFcRTOiwK
acPTWy5ojTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAxNzUvMzd6VC1MeXBHUlhFVXpvc0NtbkQwMXN1YUkwLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvMzd6VC1MeXBHUlhFVXpvc0NtbkQw
MXN1YUkwLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMTc1LzM5Z2FyUUJjV1licUpNa0tKMTEyMUFLQUExay5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQAkCwASMA0GCSqGSIb3DQEBCwUAA4IBAQAJnkVZrIj/6AxlqMUhNMNh
oH2n0xHiQ6NA3w4BnK+VVs3bgSYP+OKsSeXzhaR/Ccwrdf3ZwUBcWxynRmsriMoF
85O1Sce09nvplUGhOzS67NhVWLhLbATRUf7GTk3bdr5VsnRFJYrsgzgL1I0i+klN
vQQdrgtC3MpxZubUbTgXRCE46IPD6nwXsix/mu5YtzSE2JEO6uXMnIr1+DtXrnWF
T7AXg7cUqXg+iJt4GaWvNJBZf3hVSeFBo9LMlAnYLSMCDcbkE0lP/GQPPR/Pb6Yq
i65WhkuXpgO1uGFmyiUiT4FujUMTTIAeL4yu66Nu63/3+gGgOhO4UmeLQ1WK3wSD
-----END CERTIFICATE-----
Generated at Thu Oct 31 03:53:34 2024 by rpki-client on console-fra.rpki-client.org