Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/s02ZmnGsL76TtwrKX8cCW9TNpiQ.roa
File:                     s02ZmnGsL76TtwrKX8cCW9TNpiQ.roa (raw, json)
Hash identifier:          bu/XxKA3RzPMYkdQGZdCaLMbdYRcFnPzVH5SpCJpc2Y=
Subject key identifier:   B3:4D:99:9A:71:AC:2F:BE:93:B7:0A:CA:5F:C7:02:5B:D4:CD:A6:24
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04E5
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/s02ZmnGsL76TtwrKX8cCW9TNpiQ.roa
Signing time:             Thu 27 Jul 2023 16:50:14 +0000
ROA not before:           Thu 27 Jul 2023 16:50:14 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        220.159.216.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 30 Jun 2024 01:42:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1253 (0x4e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:50:14 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=B34D999A71AC2FBE93B70ACA5FC7025BD4CDA624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:b5:e1:3d:83:b2:c7:b5:04:e2:1f:23:ff:e2:
                    72:0a:75:94:d7:e0:51:66:34:56:76:85:f0:53:af:
                    1a:7e:4e:61:ea:3e:4b:7e:1b:db:98:0d:7b:4d:f7:
                    8a:78:fb:93:24:73:ec:1e:fd:7e:bb:33:80:34:f9:
                    74:db:fc:63:f7:a2:a9:0b:3e:7f:03:6d:53:62:18:
                    eb:af:7e:01:45:00:7a:d6:97:0a:9f:91:5d:97:f0:
                    f3:49:c2:9e:c5:29:f9:2a:86:6d:55:80:93:a6:fa:
                    e9:cc:40:a6:c1:ee:fc:7e:fe:95:a3:bc:ca:88:c4:
                    33:14:28:c1:8b:a7:b0:98:c9:b1:91:39:e1:36:dc:
                    92:f6:a0:32:fa:b9:a1:eb:f5:d7:a2:05:41:57:21:
                    bc:ac:6e:e2:00:f1:da:3c:34:3c:b7:b9:c9:a1:d7:
                    a6:0d:79:ff:29:75:71:70:27:1c:74:28:cb:0d:49:
                    83:c4:49:00:68:b8:66:3d:81:ad:1e:e4:97:c8:6b:
                    d0:f6:f8:08:1f:af:2c:65:ff:f3:6f:ff:91:8a:de:
                    43:d7:a7:0f:c0:cc:71:8e:97:52:9c:d6:02:75:b0:
                    4a:b7:a0:c8:fd:7a:80:b8:52:fc:51:88:5e:0b:a3:
                    22:66:34:cc:42:21:5a:a7:70:3f:d3:22:b7:b8:62:
                    88:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:4D:99:9A:71:AC:2F:BE:93:B7:0A:CA:5F:C7:02:5B:D4:CD:A6:24
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/s02ZmnGsL76TtwrKX8cCW9TNpiQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.159.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:1b:c6:05:be:9b:f4:55:b2:9c:b2:fc:fe:f1:06:82:ac:c1:
         54:90:12:21:bc:39:71:d8:21:61:8a:e1:7c:74:28:99:f1:66:
         49:b7:7d:d4:1c:7d:af:b3:fc:e3:70:dd:3d:50:30:b7:c4:dd:
         a7:89:d3:2a:15:dd:49:98:fb:91:1a:2f:db:d1:4b:e0:25:b9:
         1e:f4:5a:f1:ce:ec:06:22:6e:44:16:82:ef:eb:1a:53:99:2c:
         9d:61:90:d2:ef:b0:3b:53:d1:95:47:dd:f3:a2:1b:44:c5:e9:
         eb:7b:a5:8b:5d:1c:cb:78:ad:de:3f:c8:98:5a:a8:a5:15:73:
         43:25:8e:8b:4c:8f:39:56:37:1a:3b:e9:ca:21:7e:5d:33:43:
         5e:84:b9:65:a4:0b:85:37:07:58:3a:2d:39:7e:04:ef:34:7c:
         91:7f:a2:43:c0:5f:3c:d8:d0:4c:46:9c:46:ad:af:60:72:71:
         9a:4c:d6:1d:2a:0e:eb:62:7d:04:ac:61:69:62:f5:66:34:c6:
         3c:73:99:55:2c:57:cd:fc:66:27:a4:79:52:f0:18:c1:f6:f3:
         6d:7a:1e:63:4f:b2:97:6f:64:6b:93:d6:de:cc:0d:a2:78:86:
         6f:ff:cd:5d:00:d0:5d:2f:cd:54:f6:c8:00:ca:11:fa:39:33:
         78:f9:a4:c1
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjUwMTRaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKEIzNEQ5OTlBNzFBQzJG
QkU5M0I3MEFDQTVGQzcwMjVCRDRDREE2MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8teE9g7LHtQTiHyP/4nIKdZTX4FFmNFZ2hfBTrxp+TmHqPkt+
G9uYDXtN94p4+5Mkc+we/X67M4A0+XTb/GP3oqkLPn8DbVNiGOuvfgFFAHrWlwqf
kV2X8PNJwp7FKfkqhm1VgJOm+unMQKbB7vx+/pWjvMqIxDMUKMGLp7CYybGROeE2
3JL2oDL6uaHr9deiBUFXIbysbuIA8do8NDy3ucmh16YNef8pdXFwJxx0KMsNSYPE
SQBouGY9ga0e5JfIa9D2+Agfryxl//Nv/5GK3kPXpw/AzHGOl1Kc1gJ1sEq3oMj9
eoC4UvxRiF4LoyJmNMxCIVqncD/TIre4YogXAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUs02ZmnGsL76TtwrKX8cCW9TNpiQwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3MwMlptbkdzTDc2VHR3cktYOGNDVzlUTnBpUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALcn9gwDQYJKoZIhvcNAQELBQADggEBAFgbxgW+m/RVspyy/P7xBoKswVSQ
EiG8OXHYIWGK4Xx0KJnxZkm3fdQcfa+z/ONw3T1QMLfE3aeJ0yoV3UmY+5EaL9vR
S+AluR70WvHO7AYibkQWgu/rGlOZLJ1hkNLvsDtT0ZVH3fOiG0TF6et7pYtdHMt4
rd4/yJhaqKUVc0MljotMjzlWNxo76cohfl0zQ16EuWWkC4U3B1g6LTl+BO80fJF/
okPAXzzY0ExGnEatr2BycZpM1h0qDutifQSsYWli9WY0xjxzmVUsV838ZiekeVLw
GMH28216HmNPspdvZGuT1t7MDaJ4hm//zV0A0F0vzVT2yADKEfo5M3j5pME=
-----END CERTIFICATE-----
Generated at Sun Jun 30 03:11:26 2024 by rpki-client on console-fra.rpki-client.org