Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/00z8roS-UWFFxm74w9_XJtET3kE.roa
File:                     00z8roS-UWFFxm74w9_XJtET3kE.roa (raw, json)
Hash identifier:          xcEz6zkWu33XnT/OfLN1Kt6sr6KjPgrwDdy5rfpr0iM=
Subject key identifier:   D3:4C:FC:AE:84:BE:51:61:45:C6:6E:F8:C3:DF:D7:26:D1:13:DE:41
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       049A
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/00z8roS-UWFFxm74w9_XJtET3kE.roa
Signing time:             Thu 27 Jul 2023 16:46:08 +0000
ROA not before:           Thu 27 Jul 2023 16:46:08 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        211.14.90.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sun 30 Jun 2024 01:36:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1178 (0x49a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:46:08 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=D34CFCAE84BE516145C66EF8C3DFD726D113DE41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:62:a7:71:c0:b4:ff:da:2a:82:dc:06:cd:48:
                    22:18:8d:56:fa:b0:5e:ba:ce:44:ee:3b:55:33:51:
                    64:f7:27:ba:a2:2d:ea:e5:25:a7:fb:99:79:e0:a4:
                    5b:45:58:90:7f:ce:06:df:7f:a5:28:fb:00:77:ac:
                    12:1d:cb:53:92:e6:3d:07:0d:16:f3:13:2c:c6:31:
                    5a:8f:2f:6e:61:3e:25:ab:1b:a4:8a:26:0d:71:f2:
                    54:71:b3:2f:b0:1a:ea:29:da:c3:1a:b0:7f:d5:03:
                    58:03:42:7a:f0:a4:d3:aa:3d:c1:2d:c0:ff:68:a8:
                    0b:e5:83:93:b7:d0:38:3c:55:c4:11:47:1a:9b:c7:
                    79:dd:eb:f5:fa:8b:38:d2:1b:6a:75:d9:c6:51:f7:
                    29:ab:e8:2c:98:ab:2a:4d:a3:0f:3a:af:99:11:f1:
                    26:56:da:96:fe:f2:d7:b4:d3:22:a0:32:f7:0f:fd:
                    1a:ae:2e:84:a4:be:22:09:5e:ef:d6:06:e2:f2:0a:
                    3c:48:d2:2f:56:db:35:0d:cd:87:6d:6b:50:1f:aa:
                    3b:3b:ce:b5:bb:28:59:eb:4a:e3:91:21:ab:fc:aa:
                    fd:3e:b8:69:72:c7:c6:31:5c:0d:f6:ee:f9:05:21:
                    6a:60:17:3d:34:b7:43:aa:9d:15:c8:c1:2c:31:f3:
                    d3:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:4C:FC:AE:84:BE:51:61:45:C6:6E:F8:C3:DF:D7:26:D1:13:DE:41
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/00z8roS-UWFFxm74w9_XJtET3kE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         57:0a:16:a9:50:d5:7c:b8:eb:b6:9c:2b:52:17:b8:2d:b6:3c:
         a8:01:14:47:0f:1c:21:48:23:74:8c:a7:1c:b9:ae:3a:a8:dd:
         99:99:26:fe:09:04:78:4f:ea:a0:f2:47:ac:0b:ec:66:37:14:
         65:86:cf:79:8f:5e:ad:74:65:64:3f:62:dd:72:e5:c0:73:d0:
         d7:53:fc:0e:05:39:fc:64:f9:a6:38:18:7f:f7:24:a9:6e:d2:
         35:0f:60:0d:1b:fc:a4:5d:23:2a:ad:b8:6a:2c:43:1f:a0:72:
         34:10:20:90:03:c0:de:1a:92:81:59:da:26:86:9c:01:fa:1c:
         66:29:da:16:91:4e:0a:21:48:c7:a8:3f:86:d9:9a:7b:5c:14:
         7a:e2:23:0f:74:df:d7:a3:ef:e5:c1:84:0e:db:46:56:3f:0e:
         71:2b:34:ee:9b:a3:91:b4:12:5f:e4:10:c5:2e:16:37:f2:e2:
         0d:1c:56:24:8e:ed:9d:d4:5e:71:79:85:16:3c:4f:fe:96:29:
         33:bb:7f:25:66:bd:c3:e3:49:a6:38:f0:9e:ee:31:f9:9b:34:
         99:18:e6:8e:31:20:1b:b0:74:8f:ef:e9:b2:2d:4c:90:af:45:
         18:90:cf:82:db:10:f7:34:34:09:95:ae:c9:52:6f:b6:fa:4d:
         09:d3:ff:62
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjQ2MDhaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKEQzNENGQ0FFODRCRTUx
NjE0NUM2NkVGOEMzREZENzI2RDExM0RFNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3YqdxwLT/2iqC3AbNSCIYjVb6sF66zkTuO1UzUWT3J7qiLerl
Jaf7mXngpFtFWJB/zgbff6Uo+wB3rBIdy1OS5j0HDRbzEyzGMVqPL25hPiWrG6SK
Jg1x8lRxsy+wGuop2sMasH/VA1gDQnrwpNOqPcEtwP9oqAvlg5O30Dg8VcQRRxqb
x3nd6/X6izjSG2p12cZR9ymr6CyYqypNow86r5kR8SZW2pb+8te00yKgMvcP/Rqu
LoSkviIJXu/WBuLyCjxI0i9W2zUNzYdta1Afqjs7zrW7KFnrSuORIav8qv0+uGly
x8YxXA327vkFIWpgFz00t0OqnRXIwSwx89OpAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU00z8roS+UWFFxm74w9/XJtET3kEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzAwejhyb1MtVVdGRnhtNzR3OV9YSnRFVDNrRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHTDlowDQYJKoZIhvcNAQELBQADggEBAFcKFqlQ1Xy467acK1IXuC22PKgB
FEcPHCFII3SMpxy5rjqo3ZmZJv4JBHhP6qDyR6wL7GY3FGWGz3mPXq10ZWQ/Yt1y
5cBz0NdT/A4FOfxk+aY4GH/3JKlu0jUPYA0b/KRdIyqtuGosQx+gcjQQIJADwN4a
koFZ2iaGnAH6HGYp2haRTgohSMeoP4bZmntcFHriIw9039ej7+XBhA7bRlY/DnEr
NO6bo5G0El/kEMUuFjfy4g0cViSO7Z3UXnF5hRY8T/6WKTO7fyVmvcPjSaY48J7u
MfmbNJkY5o4xIBuwdI/v6bItTJCvRRiQz4LbEPc0NAmVrslSb7b6TQnT/2I=
-----END CERTIFICATE-----
Generated at Sun Jun 30 02:59:41 2024 by rpki-client on console-ams.rpki-client.org