Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/CNbESYI1TlqNLC_UiK0AZA-ehSQ.roa
File:                     CNbESYI1TlqNLC_UiK0AZA-ehSQ.roa (raw, json)
Hash identifier:          QYaBP32gpUy5DNaHwFB4XGmSjOkV50HmDFSXhvxXdzo=
Subject key identifier:   08:D6:C4:49:82:35:4E:5A:8D:2C:2F:D4:88:AD:00:64:0F:9E:85:24
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       044E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/CNbESYI1TlqNLC_UiK0AZA-ehSQ.roa
Signing time:             Thu 27 Jul 2023 16:43:13 +0000
ROA not before:           Thu 27 Jul 2023 16:43:13 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        220.210.88.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 30 Jun 2024 01:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1102 (0x44e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:43:13 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=08D6C44982354E5A8D2C2FD488AD00640F9E8524
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:08:b4:d9:01:be:58:ec:71:3b:2b:e7:fc:1b:
                    25:65:0c:c1:2b:84:a6:d9:ca:a4:79:61:b5:d9:2a:
                    be:3f:1b:78:c6:0f:b6:ed:9b:43:84:ae:77:74:d3:
                    3e:ec:59:0e:34:18:6c:eb:8d:b0:5d:06:d9:30:cb:
                    54:d8:68:72:0d:7a:33:26:d1:6e:b3:17:bf:d1:45:
                    a5:50:94:02:b8:c8:c4:71:78:b3:91:e7:cb:b3:93:
                    31:74:3f:b0:c2:a7:0d:24:76:87:6e:6a:f4:37:0c:
                    be:a0:52:38:f2:6f:d4:fe:03:21:9c:0c:58:23:44:
                    27:fc:d2:11:42:16:b6:e0:ea:94:71:8b:5e:7f:ff:
                    d4:f1:2a:68:5d:bb:e5:eb:8e:27:2b:c0:b0:e7:b1:
                    04:71:42:61:b1:32:71:c4:71:f5:60:b3:c0:72:a5:
                    1e:99:9e:ec:5c:78:04:83:e9:e2:b3:85:bc:78:db:
                    67:f4:b2:e0:e4:89:59:51:a3:a2:41:76:34:45:5c:
                    09:03:dc:84:47:31:f1:03:0e:74:02:9b:e6:89:86:
                    3b:75:ee:2e:58:4a:a9:70:ab:3b:ac:da:f0:f8:70:
                    47:7c:9c:f6:92:2f:af:f4:67:44:9e:8f:ee:9c:64:
                    a3:35:46:11:fc:b7:e8:62:79:97:ac:9f:0e:46:3b:
                    67:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:D6:C4:49:82:35:4E:5A:8D:2C:2F:D4:88:AD:00:64:0F:9E:85:24
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/CNbESYI1TlqNLC_UiK0AZA-ehSQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.210.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         85:57:be:9f:79:63:cd:f4:d0:e8:7e:a1:67:b5:e6:88:f5:ad:
         6f:38:8f:2a:fe:01:20:b6:2c:61:2e:5f:6f:47:6f:ee:aa:49:
         ad:43:5d:25:17:12:ec:5c:96:93:93:9d:8f:fe:cf:44:1d:5c:
         a0:1f:e6:bb:26:d5:1b:eb:32:17:d1:f4:53:15:d0:29:31:75:
         c4:e1:0e:f5:b2:0d:81:85:76:83:3c:ba:c3:70:ed:92:43:ac:
         ef:fd:05:85:46:97:16:d6:b6:33:86:4c:82:75:5f:aa:d5:61:
         6b:aa:a8:be:e9:68:22:84:5c:81:4e:cf:29:b8:06:b3:bd:e0:
         3c:4b:92:ff:26:a8:78:a8:c4:84:ea:70:e8:e3:9b:7e:47:26:
         70:bc:8a:74:03:37:93:0e:70:a7:01:98:22:5f:3f:79:7f:ea:
         48:85:c4:87:2d:f4:cd:aa:be:c2:17:24:45:14:5d:c3:f7:14:
         97:6f:c9:c0:95:c7:e6:44:53:e4:53:a7:60:a7:a4:e1:46:bc:
         70:fd:e1:a2:aa:c5:00:66:05:f3:84:aa:d9:de:69:55:8f:80:
         8c:05:7b:3c:55:7a:31:2a:93:34:14:8b:e3:3e:26:91:9f:f1:
         00:c8:5e:74:8f:16:ba:bb:1e:1d:64:e6:0e:7c:9d:e5:38:fa:
         dc:e9:38:71
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjQzMTNaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDA4RDZDNDQ5ODIzNTRF
NUE4RDJDMkZENDg4QUQwMDY0MEY5RTg1MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4CLTZAb5Y7HE7K+f8GyVlDMErhKbZyqR5YbXZKr4/G3jGD7bt
m0OErnd00z7sWQ40GGzrjbBdBtkwy1TYaHINejMm0W6zF7/RRaVQlAK4yMRxeLOR
58uzkzF0P7DCpw0kdoduavQ3DL6gUjjyb9T+AyGcDFgjRCf80hFCFrbg6pRxi15/
/9TxKmhdu+XrjicrwLDnsQRxQmGxMnHEcfVgs8BypR6ZnuxceASD6eKzhbx422f0
suDkiVlRo6JBdjRFXAkD3IRHMfEDDnQCm+aJhjt17i5YSqlwqzus2vD4cEd8nPaS
L6/0Z0Sej+6cZKM1RhH8t+hieZesnw5GO2fJAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUCNbESYI1TlqNLC/UiK0AZA+ehSQwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0NOYkVTWUkxVGxxTkxDX1VpSzBBWkEtZWhTUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALc0lgwDQYJKoZIhvcNAQELBQADggEBAIVXvp95Y8300Oh+oWe15oj1rW84
jyr+ASC2LGEuX29Hb+6qSa1DXSUXEuxclpOTnY/+z0QdXKAf5rsm1RvrMhfR9FMV
0CkxdcThDvWyDYGFdoM8usNw7ZJDrO/9BYVGlxbWtjOGTIJ1X6rVYWuqqL7paCKE
XIFOzym4BrO94DxLkv8mqHioxITqcOjjm35HJnC8inQDN5MOcKcBmCJfP3l/6kiF
xIct9M2qvsIXJEUUXcP3FJdvycCVx+ZEU+RTp2CnpOFGvHD94aKqxQBmBfOEqtne
aVWPgIwFezxVejEqkzQUi+M+JpGf8QDIXnSPFrq7Hh1k5g58neU4+tzpOHE=
-----END CERTIFICATE-----
Generated at Sun Jun 30 02:59:41 2024 by rpki-client on console-ams.rpki-client.org