Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/2xk9aauoy96XB1FSKVoWhpkioWs.roa
File:                     2xk9aauoy96XB1FSKVoWhpkioWs.roa (raw, json)
Hash identifier:          ulcUhELNgoCMbsMIcMA1u9fzDPdzn7swxLLdsl/AExA=
Subject key identifier:   DB:19:3D:69:AB:A8:CB:DE:97:07:51:52:29:5A:16:86:99:22:A1:6B
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0561
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/2xk9aauoy96XB1FSKVoWhpkioWs.roa
Signing time:             Thu 27 Jul 2023 16:56:18 +0000
ROA not before:           Thu 27 Jul 2023 16:56:18 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        211.14.88.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1377 (0x561)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:56:18 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=DB193D69ABA8CBDE97075152295A16869922A16B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e1:7c:ad:da:81:99:69:72:9e:7b:61:d5:f8:
                    27:f5:86:67:93:73:a6:b1:d0:04:ca:a9:5c:ba:f4:
                    71:0d:94:c6:3d:79:0e:40:9e:68:d9:07:b4:94:ea:
                    f9:eb:37:2b:d6:98:86:99:0e:b3:f3:b0:17:6d:cf:
                    04:85:d5:3f:17:db:78:12:02:6e:4b:1a:2c:fd:6e:
                    eb:13:a1:98:2f:98:f0:f2:a5:4b:36:cb:8b:c4:71:
                    6c:42:46:b5:eb:fe:7d:17:3e:1b:1f:04:31:c3:e1:
                    68:49:ad:d6:84:59:9e:81:d6:3d:67:bd:b3:e2:a1:
                    c8:57:b8:a9:ed:2a:14:e6:79:4d:d2:06:6e:06:7d:
                    3d:87:82:6c:6c:9e:6f:d5:79:8f:be:e2:bb:71:cb:
                    20:f7:98:db:6d:cd:ee:0c:09:c2:fd:67:3f:68:d7:
                    97:23:7f:e8:f3:51:06:ad:79:e1:26:90:96:77:9f:
                    17:5f:a4:31:66:c4:01:a0:5a:37:57:d7:d6:7d:a2:
                    96:13:c4:59:8c:68:cc:41:51:5b:d1:39:3e:33:33:
                    55:53:78:e6:30:f1:06:45:84:93:22:c6:84:f2:d7:
                    06:2b:0e:6d:27:6e:60:02:a6:80:dd:54:45:f9:3d:
                    4b:47:55:31:52:5d:75:fe:c3:de:83:a9:dd:f6:ba:
                    09:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:19:3D:69:AB:A8:CB:DE:97:07:51:52:29:5A:16:86:99:22:A1:6B
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/2xk9aauoy96XB1FSKVoWhpkioWs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d2:e3:4d:39:42:6e:b3:07:b1:c7:15:b9:80:16:c5:19:c2:d3:
         c1:0d:13:1a:76:3e:24:0a:39:2c:7c:b1:a2:6d:51:da:93:d2:
         02:cd:f3:f3:89:ed:14:54:5c:ee:e6:94:2b:58:d1:7a:c3:d4:
         8a:6e:3b:04:fe:50:3d:97:50:69:53:c1:a2:3f:37:74:8e:78:
         96:ef:24:62:57:f9:08:b6:6b:4c:2b:33:0d:e5:06:12:5e:ac:
         73:55:a4:26:21:84:be:5c:5f:72:b3:8b:81:d1:63:59:40:a9:
         05:13:ff:ee:2c:27:db:ed:81:f4:1b:12:60:27:fe:69:a4:6d:
         c8:c4:ed:99:6c:fc:e8:be:7a:45:4d:9b:61:3a:dc:43:e4:ef:
         ce:86:10:2d:06:11:18:b2:7d:85:3e:40:17:b7:ff:9b:3f:16:
         c0:d2:58:e4:ef:43:11:67:5a:6c:5d:63:24:00:90:12:d9:6e:
         9e:f9:89:4e:3a:3b:d2:17:8b:ac:a8:3a:2a:01:52:16:2e:82:
         cb:14:31:ac:55:19:14:99:2c:8e:7d:28:cf:5d:ea:4a:62:46:
         f3:22:a7:0b:12:c7:43:2b:5b:b5:f8:4c:a2:57:57:f5:84:b7:
         fa:4c:67:d7:a0:da:cb:c6:ed:66:14:ee:79:1d:e1:3e:6f:ca:
         82:19:9d:0d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjU2MThaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKERCMTkzRDY5QUJBOENC
REU5NzA3NTE1MjI5NUExNjg2OTkyMkExNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT4Xyt2oGZaXKee2HV+Cf1hmeTc6ax0ATKqVy69HENlMY9eQ5A
nmjZB7SU6vnrNyvWmIaZDrPzsBdtzwSF1T8X23gSAm5LGiz9busToZgvmPDypUs2
y4vEcWxCRrXr/n0XPhsfBDHD4WhJrdaEWZ6B1j1nvbPiochXuKntKhTmeU3SBm4G
fT2Hgmxsnm/VeY++4rtxyyD3mNttze4MCcL9Zz9o15cjf+jzUQateeEmkJZ3nxdf
pDFmxAGgWjdX19Z9opYTxFmMaMxBUVvROT4zM1VTeOYw8QZFhJMixoTy1wYrDm0n
bmACpoDdVEX5PUtHVTFSXXX+w96Dqd32ugllAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU2xk9aauoy96XB1FSKVoWhpkioWswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzJ4azlhYXVveTk2WEIxRlNLVm9XaHBraW9Xcy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHTDlgwDQYJKoZIhvcNAQELBQADggEBANLjTTlCbrMHsccVuYAWxRnC08EN
Exp2PiQKOSx8saJtUdqT0gLN8/OJ7RRUXO7mlCtY0XrD1IpuOwT+UD2XUGlTwaI/
N3SOeJbvJGJX+Qi2a0wrMw3lBhJerHNVpCYhhL5cX3Kzi4HRY1lAqQUT/+4sJ9vt
gfQbEmAn/mmkbcjE7Zls/Oi+ekVNm2E63EPk786GEC0GERiyfYU+QBe3/5s/FsDS
WOTvQxFnWmxdYyQAkBLZbp75iU46O9IXi6yoOioBUhYugssUMaxVGRSZLI59KM9d
6kpiRvMipwsSx0MrW7X4TKJXV/WEt/pMZ9eg2svG7WYU7nkd4T5vyoIZnQ0=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:51 2024 by rpki-client on console-ams.rpki-client.org