Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/usJsFt32OvJdYSos8QGufKvx1oI.roa
File:                     usJsFt32OvJdYSos8QGufKvx1oI.roa (raw, json)
Hash identifier:          ucIjt/s/pOpGGHpLGPltllYLVwnjJ6zgfTWd+RUW2ZY=
Subject key identifier:   BA:C2:6C:16:DD:F6:3A:F2:5D:61:2A:2C:F1:01:AE:7C:AB:F1:D6:82
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0496
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/usJsFt32OvJdYSos8QGufKvx1oI.roa
Signing time:             Thu 27 Jul 2023 16:46:06 +0000
ROA not before:           Thu 27 Jul 2023 16:46:06 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        183.73.64.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.mft
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.crl
                          rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ukQSs19ainFHv8ZntZtSDarH2o8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ukQSs19ainFHv8ZntZtSDarH2o8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Jun 2024 11:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1174 (0x496)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:46:06 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=BAC26C16DDF63AF25D612A2CF101AE7CABF1D682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ae:d2:8a:02:28:c6:98:69:34:92:77:02:29:
                    16:7b:a8:85:2f:bb:e8:dd:ae:49:57:69:0a:1d:fc:
                    da:64:28:37:01:dd:c1:5f:5f:91:9c:26:52:19:39:
                    97:70:b8:49:68:a7:21:34:15:2f:99:ec:b5:a5:ac:
                    6c:5f:dd:70:bd:7d:1b:10:3f:2c:ac:1d:cc:6f:c6:
                    d3:30:14:fb:b1:81:b6:30:41:72:80:34:ab:13:52:
                    ce:75:05:f0:a8:90:22:b7:e2:9c:d5:07:2c:1f:ad:
                    75:58:16:0b:17:7f:e3:0e:db:22:4b:5d:90:7d:66:
                    91:24:77:d3:f4:00:e1:83:6c:93:7c:32:08:e1:aa:
                    ac:31:a5:02:48:01:00:05:d9:95:ae:0c:61:b0:49:
                    ed:bf:2a:fd:42:ff:bd:c5:fa:b4:e6:8d:91:a8:26:
                    c2:8d:74:59:ac:51:c8:74:41:78:16:3f:d5:67:03:
                    c7:f4:20:f1:e3:6f:a0:1f:cc:da:c9:5c:57:0a:c6:
                    0b:52:7b:18:2c:2b:25:0c:5b:b4:b8:b4:46:5e:bc:
                    9d:5b:8e:e6:0f:93:24:eb:4f:cd:dc:86:6d:f3:d2:
                    5c:61:46:54:53:9c:9a:60:92:06:13:a7:ba:21:68:
                    07:9d:c0:02:25:3c:dd:2a:0e:d0:fe:7c:eb:0b:76:
                    6d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:C2:6C:16:DD:F6:3A:F2:5D:61:2A:2C:F1:01:AE:7C:AB:F1:D6:82
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/usJsFt32OvJdYSos8QGufKvx1oI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  183.73.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         88:28:e5:cb:e5:36:ab:89:a5:64:24:1e:10:ee:d2:ac:c2:b7:
         c5:92:06:8d:02:57:71:06:a4:fa:c2:a9:2e:cb:98:59:90:30:
         a2:c8:11:af:b3:79:c8:d8:66:87:90:13:ed:79:8a:f6:d9:96:
         a6:b5:19:28:b1:43:20:86:9c:f0:e3:59:50:a4:f8:a7:b0:be:
         92:49:43:b4:ef:04:c4:19:a8:b4:0f:3f:48:e3:02:7d:cc:36:
         e4:ec:37:a3:5d:95:72:aa:bd:8d:fe:9d:a4:f3:11:87:c2:7c:
         74:26:d3:06:79:e4:4f:b1:af:72:eb:eb:a6:c2:27:fc:01:df:
         cf:41:8b:72:9c:77:1f:ff:05:77:68:c0:eb:57:38:4b:58:19:
         3c:23:fd:59:ad:49:57:00:59:90:cc:a6:be:3e:32:fe:5e:9d:
         33:ae:59:96:29:96:6e:2a:43:c9:ae:9f:1d:2a:63:b0:92:fe:
         24:cc:09:fb:b6:4a:14:7b:90:77:79:74:e7:f5:c5:db:8a:81:
         b6:7d:c6:b9:9c:b0:25:9e:10:ce:a4:d5:28:4a:9e:a5:e4:28:
         ab:e3:1f:34:7e:3f:0f:01:a5:d7:13:d1:d5:59:e1:d6:f0:ef:
         5d:c1:5a:06:c4:b6:93:8a:f0:83:7f:3d:b8:e7:0d:08:39:35:
         f3:3e:38:1c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjQ2MDZaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKEJBQzI2QzE2RERGNjNB
RjI1RDYxMkEyQ0YxMDFBRTdDQUJGMUQ2ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwrtKKAijGmGk0kncCKRZ7qIUvu+jdrklXaQod/NpkKDcB3cFf
X5GcJlIZOZdwuElopyE0FS+Z7LWlrGxf3XC9fRsQPyysHcxvxtMwFPuxgbYwQXKA
NKsTUs51BfCokCK34pzVBywfrXVYFgsXf+MO2yJLXZB9ZpEkd9P0AOGDbJN8Mgjh
qqwxpQJIAQAF2ZWuDGGwSe2/Kv1C/73F+rTmjZGoJsKNdFmsUch0QXgWP9VnA8f0
IPHjb6AfzNrJXFcKxgtSexgsKyUMW7S4tEZevJ1bjuYPkyTrT83chm3z0lxhRlRT
nJpgkgYTp7ohaAedwAIlPN0qDtD+fOsLdm1NAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUusJsFt32OvJdYSos8QGufKvx1oIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3VzSnNGdDMyT3ZKZFlTb3M4UUd1Zkt2eDFvSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAW3SUAwDQYJKoZIhvcNAQELBQADggEBAIgo5cvlNquJpWQkHhDu0qzCt8WS
Bo0CV3EGpPrCqS7LmFmQMKLIEa+zecjYZoeQE+15ivbZlqa1GSixQyCGnPDjWVCk
+KewvpJJQ7TvBMQZqLQPP0jjAn3MNuTsN6NdlXKqvY3+naTzEYfCfHQm0wZ55E+x
r3Lr66bCJ/wB389Bi3Kcdx//BXdowOtXOEtYGTwj/VmtSVcAWZDMpr4+Mv5enTOu
WZYplm4qQ8munx0qY7CS/iTMCfu2ShR7kHd5dOf1xduKgbZ9xrmcsCWeEM6k1ShK
nqXkKKvjHzR+Pw8BpdcT0dVZ4dbw713BWgbEtpOK8IN/PbjnDQg5NfM+OBw=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:57:23 2024 by rpki-client on console-fra.rpki-client.org