Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30367/z_oSyqHZ_tolx6HqGZcYIfI19xM.roa
File:                     z_oSyqHZ_tolx6HqGZcYIfI19xM.roa (raw, json)
Hash identifier:          odl35DnbmcX+cmecXXzLT9qY2rCLBzv4fzJu3NAiNY0=
Subject key identifier:   CF:FA:12:CA:A1:D9:FE:DA:25:C7:A1:EA:19:97:18:21:F2:35:F7:13
Certificate issuer:       /CN=82E5B28A20F4C6A62A4612F6C5DFB7A3D64D9DEA
Certificate serial:       24
Authority key identifier: 82:E5:B2:8A:20:F4:C6:A6:2A:46:12:F6:C5:DF:B7:A3:D6:4D:9D:EA
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/guWyiiD0xqYqRhL2xd-3o9ZNneo.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30367/z_oSyqHZ_tolx6HqGZcYIfI19xM.roa
Signing time:             Sun 01 Oct 2023 01:30:05 +0000
ROA not before:           Sun 01 Oct 2023 01:30:05 +0000
ROA not after:            Sat 14 Sep 2024 01:30:03 +0000
asID:                     131921
IP address blocks:        2406:a1c0:200::/40 maxlen: 48

Validation:               Failed, certificate revoked on Sat 31 Aug 2024 01:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36 (0x24)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82E5B28A20F4C6A62A4612F6C5DFB7A3D64D9DEA
        Validity
            Not Before: Oct  1 01:30:05 2023 GMT
            Not After : Sep 14 01:30:03 2024 GMT
        Subject: CN=CFFA12CAA1D9FEDA25C7A1EA19971821F235F713
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b1:4d:e9:6b:43:cd:7e:d8:6a:a5:35:82:d0:
                    52:44:62:19:65:3c:11:b9:a9:68:67:b4:2c:87:ef:
                    4b:88:80:bb:b1:2e:ba:d1:8e:ed:20:6a:ab:d9:f0:
                    1a:15:3f:7d:a1:3e:e4:f8:11:c6:5d:ec:a1:c7:00:
                    39:33:4e:3a:3a:8c:bd:7a:19:bc:6c:c4:2a:de:56:
                    b6:f3:90:46:7e:9e:05:b7:98:c7:5c:31:44:8a:4d:
                    44:37:8a:41:85:f9:82:92:71:a5:41:54:83:3f:b6:
                    30:41:8b:f7:54:c0:bf:ce:32:b9:d2:cf:09:1b:b8:
                    a8:a1:b2:a5:dd:42:18:9b:59:b2:f9:8e:58:fe:16:
                    0b:d2:3a:25:b9:23:2b:4f:1f:6f:8b:fc:41:d9:56:
                    f4:da:cf:f7:17:c3:b3:30:3e:29:11:b6:fc:fb:b9:
                    da:5a:10:d3:1d:b2:a5:11:ec:d9:7a:37:73:3d:b4:
                    68:91:38:c1:44:c1:f3:35:d1:80:b5:7c:bd:93:22:
                    b3:2c:95:97:86:95:1c:0b:0b:37:1b:75:ca:34:c1:
                    52:bb:02:4c:77:60:68:34:b6:54:a0:d0:8a:0c:4a:
                    4b:c6:4a:0f:89:1a:61:0f:10:9a:4e:04:d5:5b:d8:
                    97:37:ef:1e:82:4d:f9:ad:06:db:dc:be:76:7b:3d:
                    b5:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:FA:12:CA:A1:D9:FE:DA:25:C7:A1:EA:19:97:18:21:F2:35:F7:13
            X509v3 Authority Key Identifier:
                keyid:82:E5:B2:8A:20:F4:C6:A6:2A:46:12:F6:C5:DF:B7:A3:D6:4D:9D:EA

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30367/guWyiiD0xqYqRhL2xd-3o9ZNneo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/guWyiiD0xqYqRhL2xd-3o9ZNneo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30367/z_oSyqHZ_tolx6HqGZcYIfI19xM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:a1c0:200::/40

    Signature Algorithm: sha256WithRSAEncryption
         31:2f:d2:1f:c4:08:20:03:dc:18:0b:25:65:e5:07:1b:19:31:
         ed:fc:9d:71:f6:61:23:00:9c:68:8d:64:c6:8d:01:15:22:10:
         f4:49:ff:5e:78:2c:1a:9b:cb:32:5d:2f:6f:34:21:3c:f8:42:
         5f:9d:bb:67:df:a5:9d:d1:f8:66:e3:49:2b:9a:16:d3:d7:bf:
         3e:27:30:3b:23:24:4f:f7:12:7d:d4:8a:52:ab:52:54:31:c0:
         83:ee:5d:9f:84:ee:c0:68:46:d1:f2:ec:64:51:77:39:bd:9e:
         34:f7:30:61:f3:55:58:b4:61:a7:2e:6c:6b:9f:16:c9:cb:33:
         33:f3:9f:1c:3e:50:2f:2d:de:6e:23:97:f6:fd:c0:42:86:e5:
         d6:d4:62:67:7d:5e:0a:e9:0c:ad:99:c4:ea:45:76:92:ba:8f:
         b0:e6:f3:8c:46:82:5c:8e:48:b7:81:0b:a0:ea:6d:d4:28:85:
         48:39:0c:0a:79:c8:e1:6e:a2:10:cc:35:25:b0:ff:19:e9:73:
         b6:80:37:36:e0:f1:62:be:86:c4:76:de:32:b6:e1:bd:f9:c4:
         10:70:ff:9f:a2:be:fb:b0:81:aa:45:a3:d0:67:31:58:14:3d:
         4d:5a:7b:16:a7:63:16:11:ee:7e:28:17:4f:55:bf:e9:03:42:
         50:7d:ed:24
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIBJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4MkU1
QjI4QTIwRjRDNkE2MkE0NjEyRjZDNURGQjdBM0Q2NEQ5REVBMB4XDTIzMTAwMTAx
MzAwNVoXDTI0MDkxNDAxMzAwM1owMzExMC8GA1UEAxMoQ0ZGQTEyQ0FBMUQ5RkVE
QTI1QzdBMUVBMTk5NzE4MjFGMjM1RjcxMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK+xTelrQ81+2GqlNYLQUkRiGWU8EbmpaGe0LIfvS4iAu7EuutGO
7SBqq9nwGhU/faE+5PgRxl3soccAOTNOOjqMvXoZvGzEKt5WtvOQRn6eBbeYx1wx
RIpNRDeKQYX5gpJxpUFUgz+2MEGL91TAv84yudLPCRu4qKGypd1CGJtZsvmOWP4W
C9I6JbkjK08fb4v8QdlW9NrP9xfDszA+KRG2/Pu52loQ0x2ypRHs2Xo3cz20aJE4
wUTB8zXRgLV8vZMisyyVl4aVHAsLNxt1yjTBUrsCTHdgaDS2VKDQigxKS8ZKD4ka
YQ8Qmk4E1VvYlzfvHoJN+a0G29y+dns9tSUCAwEAAaOCAiowggImMB0GA1UdDgQW
BBTP+hLKodn+2iXHoeoZlxgh8jX3EzAfBgNVHSMEGDAWgBSC5bKKIPTGpipGEvbF
37ej1k2d6jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAzNjcvZ3VXeWlpRDB4cVlxUmhMMnhkLTNvOVpObmVvLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvZ3VXeWlpRDB4cVlxUmhMMnhkLTNv
OVpObmVvLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMzY3L3pfb1N5cUhaX3RvbHg2SHFHWmNZSWZJMTl4TS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAkBqHAAjANBgkqhkiG9w0BAQsFAAOCAQEAMS/SH8QIIAPcGAslZeUH
Gxkx7fydcfZhIwCcaI1kxo0BFSIQ9En/XngsGpvLMl0vbzQhPPhCX527Z9+lndH4
ZuNJK5oW09e/PicwOyMkT/cSfdSKUqtSVDHAg+5dn4TuwGhG0fLsZFF3Ob2eNPcw
YfNVWLRhpy5sa58WycszM/OfHD5QLy3ebiOX9v3AQobl1tRiZ31eCukMrZnE6kV2
krqPsObzjEaCXI5It4ELoOpt1CiFSDkMCnnI4W6iEMw1JbD/GelztoA3NuDxYr6G
xHbeMrbhvfnEEHD/n6K++7CBqkWj0GcxWBQ9TVp7FqdjFhHufigXT1W/6QNCUH3t
JA==
-----END CERTIFICATE-----
Generated at Sat Aug 31 04:06:43 2024 by rpki-client on console-fra.rpki-client.org