Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/6qnX3TsiS4EDea7B89b9rcb09ME.roa
File:                     6qnX3TsiS4EDea7B89b9rcb09ME.roa (raw, json)
Hash identifier:          OTDqwhZUbWpIeF4UHlLpRi9q3b045TgVvrB0W0w7g1c=
Subject key identifier:   EA:A9:D7:DD:3B:22:4B:81:03:79:AE:C1:F3:D6:FD:AD:C6:F4:F4:C1
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       058C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/6qnX3TsiS4EDea7B89b9rcb09ME.roa
Signing time:             Thu 27 Jul 2023 16:58:15 +0000
ROA not before:           Thu 27 Jul 2023 16:58:15 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        27.230.108.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 30 Jun 2024 01:52:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1420 (0x58c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:58:15 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=EAA9D7DD3B224B810379AEC1F3D6FDADC6F4F4C1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:a7:69:96:46:c0:70:cc:7b:fa:45:fd:29:9c:
                    75:64:dd:ba:38:29:c3:17:07:9b:30:bf:be:1b:0d:
                    eb:5c:70:de:fb:76:ce:ca:f2:b6:3b:cc:a1:49:2c:
                    dd:45:f1:30:38:73:d8:51:33:dc:0b:89:d0:e9:19:
                    58:ed:ee:87:ce:28:cb:be:ac:35:73:59:ba:f7:e4:
                    23:3f:b1:19:c6:17:11:6b:65:d1:65:5d:fc:28:4d:
                    da:c4:88:0b:3b:90:19:36:c2:0d:63:33:30:e3:7d:
                    ba:d2:c3:a3:c3:84:e7:f1:60:e6:13:b9:01:ca:2f:
                    e2:05:39:59:67:ff:35:71:ea:b6:2e:1d:26:45:11:
                    cb:d5:c3:e3:ac:ea:18:c8:e2:57:9c:fe:8c:f9:07:
                    b8:08:d3:da:09:85:a2:c6:00:73:25:4b:cd:ef:55:
                    d6:47:b3:e3:4c:4c:7c:ea:80:0b:c3:48:61:58:57:
                    a1:a6:7e:20:8c:62:8a:b2:c7:9a:ba:56:98:01:7d:
                    66:72:3a:f8:fa:8b:a0:ff:b8:5a:8c:5f:5c:3b:1f:
                    a1:8c:6e:9b:9c:98:ca:b4:ec:0b:96:45:94:3f:e0:
                    f6:dd:71:d0:0b:49:d5:7f:ee:ed:27:6a:07:c6:3c:
                    5b:17:85:e0:38:3f:24:84:04:32:ae:c8:1e:f8:1b:
                    0a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:A9:D7:DD:3B:22:4B:81:03:79:AE:C1:F3:D6:FD:AD:C6:F4:F4:C1
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/6qnX3TsiS4EDea7B89b9rcb09ME.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.230.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:7a:d9:27:0b:8f:49:09:40:31:f8:c3:e7:b4:d9:c1:b9:36:
         f6:21:65:0d:30:fd:70:64:45:b8:e0:03:90:ae:db:4b:ff:7e:
         f1:eb:7e:02:d6:0a:75:a8:8e:6c:4e:3c:07:2c:93:03:8b:19:
         80:6e:48:37:a3:c9:60:40:f8:88:15:94:cd:39:8d:bb:e2:c6:
         79:80:92:bf:e8:5e:3e:8e:19:e2:a9:f5:f4:f7:e8:15:e8:e2:
         d5:83:23:8e:d0:5a:3d:e0:cf:16:57:65:2d:a8:6a:b3:95:b9:
         b9:48:18:09:19:f7:a4:43:23:8b:97:96:85:01:48:78:fb:22:
         18:a8:73:6c:b3:bc:be:d1:de:2c:2d:4f:fd:c4:00:0a:ba:9b:
         29:77:99:59:12:b0:b7:7e:f4:40:7d:ec:dd:68:76:21:6d:ab:
         9d:fb:1a:28:4b:e9:c7:11:35:ec:63:30:6d:b0:58:1b:23:4c:
         ab:1f:a9:5a:d2:67:a1:8d:47:40:d8:1f:eb:a6:6f:e3:3b:cb:
         19:15:b0:6a:d1:11:50:0e:f8:2e:f0:35:87:ed:aa:ec:e6:96:
         9f:ce:b3:04:fb:2b:71:e6:e0:df:b7:ab:cb:99:40:04:85:04:
         7e:c4:79:7d:5b:d7:fd:fc:f2:4e:33:37:35:2f:3c:47:18:ed:
         14:f1:22:38
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBYwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjU4MTVaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKEVBQTlEN0REM0IyMjRC
ODEwMzc5QUVDMUYzRDZGREFEQzZGNEY0QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUp2mWRsBwzHv6Rf0pnHVk3bo4KcMXB5swv74bDetccN77ds7K
8rY7zKFJLN1F8TA4c9hRM9wLidDpGVjt7ofOKMu+rDVzWbr35CM/sRnGFxFrZdFl
XfwoTdrEiAs7kBk2wg1jMzDjfbrSw6PDhOfxYOYTuQHKL+IFOVln/zVx6rYuHSZF
EcvVw+Os6hjI4lec/oz5B7gI09oJhaLGAHMlS83vVdZHs+NMTHzqgAvDSGFYV6Gm
fiCMYoqyx5q6VpgBfWZyOvj6i6D/uFqMX1w7H6GMbpucmMq07AuWRZQ/4PbdcdAL
SdV/7u0nagfGPFsXheA4PySEBDKuyB74GwoBAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU6qnX3TsiS4EDea7B89b9rcb09MEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzZxblgzVHNpUzRFRGVhN0I4OWI5cmNiMDlNRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIb5mwwDQYJKoZIhvcNAQELBQADggEBAFh62ScLj0kJQDH4w+e02cG5NvYh
ZQ0w/XBkRbjgA5Cu20v/fvHrfgLWCnWojmxOPAcskwOLGYBuSDejyWBA+IgVlM05
jbvixnmAkr/oXj6OGeKp9fT36BXo4tWDI47QWj3gzxZXZS2oarOVublIGAkZ96RD
I4uXloUBSHj7Ihioc2yzvL7R3iwtT/3EAAq6myl3mVkSsLd+9EB97N1odiFtq537
GihL6ccRNexjMG2wWBsjTKsfqVrSZ6GNR0DYH+umb+M7yxkVsGrREVAO+C7wNYft
quzmlp/OswT7K3Hm4N+3q8uZQASFBH7EeX1b1/388k4zNzUvPEcY7RTxIjg=
-----END CERTIFICATE-----
Generated at Sun Jun 30 04:02:47 2024 by rpki-client on console-ams.rpki-client.org