Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30175/CRQLbxppftaYQN-HGGzv-Io-0qk.roa
File:                     CRQLbxppftaYQN-HGGzv-Io-0qk.roa (raw, json)
Hash identifier:          NeqtoSvWUb8XNTvn6qX09CmVP8WfD+WUnGW8+lLDHKc=
Subject key identifier:   09:14:0B:6F:1A:69:7E:D6:98:40:DF:87:18:6C:EF:F8:8A:3E:D2:A9
Certificate issuer:       /CN=DFBCD3F8BCA91915C4533A2C0A69C3D35B2E688D
Certificate serial:       10
Authority key identifier: DF:BC:D3:F8:BC:A9:19:15:C4:53:3A:2C:0A:69:C3:D3:5B:2E:68:8D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/37zT-LypGRXEUzosCmnD01suaI0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30175/CRQLbxppftaYQN-HGGzv-Io-0qk.roa
Signing time:             Tue 21 Nov 2023 07:00:43 +0000
ROA not before:           Tue 21 Nov 2023 07:00:43 +0000
ROA not after:            Thu 14 Nov 2024 01:30:03 +0000
asID:                     2516
IP address blocks:        240b::/26 maxlen: 26

Validation:               Failed, certificate revoked on Thu 31 Oct 2024 01:31:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16 (0x10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFBCD3F8BCA91915C4533A2C0A69C3D35B2E688D
        Validity
            Not Before: Nov 21 07:00:43 2023 GMT
            Not After : Nov 14 01:30:03 2024 GMT
        Subject: CN=09140B6F1A697ED69840DF87186CEFF88A3ED2A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:4e:d6:fe:4f:f8:0e:24:be:7a:4a:68:54:9b:
                    3b:b0:44:77:0e:46:1e:da:5b:4b:10:3e:99:02:a7:
                    61:ed:53:c3:a8:cf:68:c7:53:d2:8a:61:1a:f2:74:
                    e3:07:0c:31:63:54:c9:3d:9a:dd:ba:bb:5b:37:76:
                    04:30:50:bc:0f:66:0e:41:1e:cf:89:11:5a:5e:88:
                    59:b4:26:78:0a:c0:a6:bd:e1:99:ae:d4:43:63:35:
                    92:23:b6:45:df:54:85:4b:8c:f2:6c:19:20:4e:a4:
                    e2:89:16:8b:2f:d8:91:bc:a2:6a:a3:c8:59:65:ce:
                    24:18:4a:9d:9a:47:2c:58:a1:d0:b3:e7:e7:92:74:
                    d6:a7:ee:44:48:41:19:ad:c7:c4:a3:eb:24:f2:ed:
                    60:3d:30:65:d6:4c:cd:39:60:f2:5a:65:1d:12:bf:
                    c4:23:c3:2e:d2:fd:55:0b:16:ce:49:c2:2b:cc:06:
                    84:bd:8b:32:bf:15:23:ea:60:e2:aa:bf:1e:e5:fd:
                    c9:9e:58:96:70:95:c5:68:a2:ee:c5:77:fb:3e:1a:
                    f0:77:d3:f6:f6:9e:a0:f8:f5:0c:36:81:27:51:8f:
                    fb:56:30:f4:02:70:2f:be:98:b5:0d:34:02:39:86:
                    ff:2f:99:c4:c2:f9:0b:e1:4c:56:9a:f3:4c:4c:72:
                    18:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:14:0B:6F:1A:69:7E:D6:98:40:DF:87:18:6C:EF:F8:8A:3E:D2:A9
            X509v3 Authority Key Identifier:
                keyid:DF:BC:D3:F8:BC:A9:19:15:C4:53:3A:2C:0A:69:C3:D3:5B:2E:68:8D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30175/37zT-LypGRXEUzosCmnD01suaI0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/37zT-LypGRXEUzosCmnD01suaI0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30175/CRQLbxppftaYQN-HGGzv-Io-0qk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240b::/26

    Signature Algorithm: sha256WithRSAEncryption
         5d:df:69:ea:f8:5d:e6:81:19:62:14:04:fc:03:eb:44:5a:dd:
         86:78:c0:af:eb:16:bf:58:6d:42:dd:f7:c3:58:7b:9b:0f:e6:
         c6:da:60:c7:9d:ee:b8:b5:63:8f:2b:4e:46:ee:17:c2:8f:da:
         d5:d3:8c:d3:02:25:7a:8c:4f:43:62:09:a7:12:73:d4:28:66:
         03:86:9a:e0:b9:b5:5f:b1:d1:98:61:1d:91:c9:ea:d5:ea:5f:
         56:84:2d:db:52:f4:fa:ce:50:d4:ef:36:99:61:84:bb:66:33:
         83:68:6c:8a:4c:99:4b:4d:da:9b:67:1a:01:16:e5:13:06:d0:
         b1:1a:31:a1:c6:bf:92:a6:15:f0:04:af:bc:9a:6a:41:28:e4:
         7b:f1:4f:a3:6e:7c:65:42:6b:8a:22:bf:60:b7:b3:44:9c:aa:
         85:fd:d1:3c:59:8a:4f:0d:a8:f5:89:1c:31:58:a8:d8:f4:e7:
         3b:e0:49:9d:88:b3:b3:85:f1:63:f7:38:0d:aa:b3:1c:a3:fd:
         90:13:db:f1:bf:04:8f:cc:db:c4:f4:be:d6:ec:ad:00:ef:ed:
         a5:70:cc:50:32:75:7d:e0:46:05:9d:02:22:c8:f7:51:b4:bf:
         4f:78:12:a4:63:61:ed:0a:40:0b:fe:33:3b:7e:01:e3:4a:a7:
         0a:72:ad:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERkJD
RDNGOEJDQTkxOTE1QzQ1MzNBMkMwQTY5QzNEMzVCMkU2ODhEMB4XDTIzMTEyMTA3
MDA0M1oXDTI0MTExNDAxMzAwM1owMzExMC8GA1UEAxMoMDkxNDBCNkYxQTY5N0VE
Njk4NDBERjg3MTg2Q0VGRjg4QTNFRDJBOTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL9O1v5P+A4kvnpKaFSbO7BEdw5GHtpbSxA+mQKnYe1Tw6jPaMdT
0ophGvJ04wcMMWNUyT2a3bq7Wzd2BDBQvA9mDkEez4kRWl6IWbQmeArApr3hma7U
Q2M1kiO2Rd9UhUuM8mwZIE6k4okWiy/YkbyiaqPIWWXOJBhKnZpHLFih0LPn55J0
1qfuREhBGa3HxKPrJPLtYD0wZdZMzTlg8lplHRK/xCPDLtL9VQsWzknCK8wGhL2L
Mr8VI+pg4qq/HuX9yZ5YlnCVxWii7sV3+z4a8HfT9vaeoPj1DDaBJ1GP+1Yw9AJw
L76YtQ00AjmG/y+ZxML5C+FMVprzTExyGJ8CAwEAAaOCAikwggIlMB0GA1UdDgQW
BBQJFAtvGml+1phA34cYbO/4ij7SqTAfBgNVHSMEGDAWgBTfvNP4vKkZFcRTOiwK
acPTWy5ojTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAxNzUvMzd6VC1MeXBHUlhFVXpvc0NtbkQwMXN1YUkwLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvMzd6VC1MeXBHUlhFVXpvc0NtbkQw
MXN1YUkwLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMTc1L0NSUUxieHBwZnRhWVFOLUhHR3p2LUlvLTBxay5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQYkCwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBd32nq+F3mgRliFAT8A+tE
Wt2GeMCv6xa/WG1C3ffDWHubD+bG2mDHne64tWOPK05G7hfCj9rV04zTAiV6jE9D
YgmnEnPUKGYDhprgubVfsdGYYR2RyerV6l9WhC3bUvT6zlDU7zaZYYS7ZjODaGyK
TJlLTdqbZxoBFuUTBtCxGjGhxr+SphXwBK+8mmpBKOR78U+jbnxlQmuKIr9gt7NE
nKqF/dE8WYpPDaj1iRwxWKjY9Oc74EmdiLOzhfFj9zgNqrMco/2QE9vxvwSPzNvE
9L7W7K0A7+2lcMxQMnV94EYFnQIiyPdRtL9PeBKkY2HtCkAL/jM7fgHjSqcKcq3t
-----END CERTIFICATE-----
Generated at Thu Oct 31 05:07:19 2024 by rpki-client on console-ams.rpki-client.org