Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/M4uUqAaDDoaJxI0UIUxIWLkK_yA.roa
File:                     M4uUqAaDDoaJxI0UIUxIWLkK_yA.roa (raw, json)
Hash identifier:          zEKhf1Qp/WQkEk8Phj+HmmXoT5S3Bz4LUtA3PCkoGP0=
Subject key identifier:   33:8B:94:A8:06:83:0E:86:89:C4:8D:14:21:4C:48:58:B9:0A:FF:20
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0515
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/M4uUqAaDDoaJxI0UIUxIWLkK_yA.roa
Signing time:             Thu 27 Jul 2023 16:54:03 +0000
ROA not before:           Thu 27 Jul 2023 16:54:03 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        61.195.212.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1301 (0x515)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:54:03 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=338B94A806830E8689C48D14214C4858B90AFF20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:72:bb:df:21:27:b8:02:e7:2d:80:e7:69:df:
                    78:c0:c8:24:d5:48:7b:ff:cc:15:44:5c:67:b7:4b:
                    86:c6:fc:9a:82:27:67:b3:5c:96:05:1d:65:44:e9:
                    41:2c:ba:4a:ea:11:cc:be:5b:50:be:c2:27:e8:9f:
                    45:1b:2a:12:35:5e:7f:67:70:7d:7f:0c:c5:c9:49:
                    bd:56:13:5e:bc:e7:c2:83:14:0e:4d:da:a0:72:d2:
                    29:e1:b4:af:4b:4f:40:cf:58:c5:c6:21:0a:ab:06:
                    fd:9f:bf:b7:65:00:7c:b5:5f:de:cd:61:e7:47:d1:
                    71:d9:14:b5:1c:c4:01:ee:aa:b4:73:ab:0c:09:0d:
                    f3:fa:88:e7:47:48:8d:b9:e2:a1:83:ab:cd:14:2c:
                    e2:d7:f9:c6:ec:ec:eb:01:99:eb:f4:32:77:07:e5:
                    12:8c:95:a0:a0:73:5e:05:ec:10:50:54:c3:e7:96:
                    cb:53:7f:a2:53:9b:15:a2:1e:15:86:b1:3f:fd:75:
                    7e:54:eb:f1:0c:76:25:18:4c:1a:2b:13:81:ba:97:
                    a9:4f:8b:e9:8e:ed:d9:b1:25:e1:32:1a:09:b0:0b:
                    5a:8d:51:96:e1:0c:e7:a2:cc:c1:c6:84:ef:0e:73:
                    22:f2:09:8a:1d:ef:2a:bc:e7:72:d2:bf:91:24:6c:
                    58:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:8B:94:A8:06:83:0E:86:89:C4:8D:14:21:4C:48:58:B9:0A:FF:20
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/M4uUqAaDDoaJxI0UIUxIWLkK_yA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.195.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         78:eb:4c:d8:a6:44:72:0b:d5:93:a8:8d:f2:bc:f5:75:db:c2:
         66:00:1c:02:68:f8:07:b0:40:ab:72:ef:77:4b:d6:52:ba:0e:
         42:65:41:8d:25:d9:c2:ac:4a:96:d8:53:7d:87:9f:71:4b:27:
         c9:15:79:8e:be:ff:81:a0:a8:22:a6:35:96:42:04:05:14:8a:
         f3:2b:f9:bf:72:67:44:9a:79:3f:07:32:49:63:15:5a:ce:3e:
         31:53:ad:02:13:59:d9:97:64:81:13:de:04:4c:5a:aa:4a:18:
         a6:b2:2c:b2:21:88:a7:9c:cc:5c:86:d2:cd:e9:ab:52:69:9e:
         21:38:c0:51:00:d6:23:6c:72:cc:19:a8:a5:47:b9:00:b8:78:
         fe:02:7c:8f:ce:9f:c9:b0:e6:18:e5:3d:22:bd:8a:1c:60:96:
         dc:fb:18:da:52:db:29:c9:36:3a:b9:c0:4b:eb:ed:99:bd:d9:
         d4:78:62:75:76:16:57:8c:0f:b6:fc:1f:b6:e2:cc:3a:07:be:
         bd:2d:eb:36:6b:0a:36:0c:d2:9f:fb:9c:63:b8:b5:6b:53:9f:
         54:33:39:1e:7f:69:31:ca:c8:f0:ef:05:27:d6:1b:ca:8b:1f:
         70:b2:66:97:52:f4:e8:4d:29:0b:08:d0:e2:33:b4:5d:1d:f9:
         69:2e:bc:9e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBRUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjU0MDNaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKDMzOEI5NEE4MDY4MzBF
ODY4OUM0OEQxNDIxNEM0ODU4QjkwQUZGMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKcrvfISe4AuctgOdp33jAyCTVSHv/zBVEXGe3S4bG/JqCJ2ez
XJYFHWVE6UEsukrqEcy+W1C+wifon0UbKhI1Xn9ncH1/DMXJSb1WE16858KDFA5N
2qBy0inhtK9LT0DPWMXGIQqrBv2fv7dlAHy1X97NYedH0XHZFLUcxAHuqrRzqwwJ
DfP6iOdHSI254qGDq80ULOLX+cbs7OsBmev0MncH5RKMlaCgc14F7BBQVMPnlstT
f6JTmxWiHhWGsT/9dX5U6/EMdiUYTBorE4G6l6lPi+mO7dmxJeEyGgmwC1qNUZbh
DOeizMHGhO8OcyLyCYod7yq853LSv5EkbFg3AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUM4uUqAaDDoaJxI0UIUxIWLkK/yAwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L000dVVxQWFERG9hSnhJMFVJVXhJV0xrS195QS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI9w9QwDQYJKoZIhvcNAQELBQADggEBAHjrTNimRHIL1ZOojfK89XXbwmYA
HAJo+AewQKty73dL1lK6DkJlQY0l2cKsSpbYU32Hn3FLJ8kVeY6+/4GgqCKmNZZC
BAUUivMr+b9yZ0SaeT8HMkljFVrOPjFTrQITWdmXZIET3gRMWqpKGKayLLIhiKec
zFyG0s3pq1JpniE4wFEA1iNscswZqKVHuQC4eP4CfI/On8mw5hjlPSK9ihxgltz7
GNpS2ynJNjq5wEvr7Zm92dR4YnV2FleMD7b8H7bizDoHvr0t6zZrCjYM0p/7nGO4
tWtTn1QzOR5/aTHKyPDvBSfWG8qLH3CyZpdS9OhNKQsI0OIztF0d+WkuvJ4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:31:53 2024 by rpki-client on console-ams.rpki-client.org