Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/z8kXq4iR17_FfVllRedlxAz8lCw.roa
File:                     z8kXq4iR17_FfVllRedlxAz8lCw.roa (raw, json)
Hash identifier:          4e9tnOyWTGASZ0+K78hkqNMKV19J5vYJWhxbrC99lVE=
Subject key identifier:   CF:C9:17:AB:88:91:D7:BF:C5:7D:59:65:45:E7:65:C4:0C:FC:94:2C
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       04EB
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/z8kXq4iR17_FfVllRedlxAz8lCw.roa
Signing time:             Thu 27 Jul 2023 16:50:17 +0000
ROA not before:           Thu 27 Jul 2023 16:50:17 +0000
ROA not after:            Sun 14 Jul 2024 01:30:03 +0000
asID:                     9605
IP address blocks:        220.210.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 30 Jun 2024 01:42:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1259 (0x4eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jul 27 16:50:17 2023 GMT
            Not After : Jul 14 01:30:03 2024 GMT
        Subject: CN=CFC917AB8891D7BFC57D596545E765C40CFC942C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:71:47:01:4e:4d:a0:9b:9a:1e:3e:9b:27:3e:
                    9a:46:54:77:8a:92:1d:4b:0c:2d:16:6a:29:95:28:
                    7e:8d:9f:35:83:22:1a:e2:dc:86:11:fb:87:6a:33:
                    ab:2d:a5:03:93:27:b5:37:8f:39:10:82:79:b0:d6:
                    df:4d:e7:9e:91:aa:d9:97:5c:91:23:a5:02:08:84:
                    2b:67:ec:cf:80:6d:7f:73:4f:7f:99:67:6b:fc:22:
                    fe:29:71:28:fe:c0:bb:ad:9e:f0:aa:8c:06:58:8d:
                    97:ab:9a:ba:0e:69:6d:70:71:72:03:59:29:b8:f2:
                    8a:a1:dd:c0:2f:52:00:16:94:0c:c6:3f:a3:e2:43:
                    fa:4b:16:19:08:67:29:50:44:40:d0:13:8b:e0:f1:
                    f2:ac:51:d7:94:b6:0b:e3:e1:f6:b7:96:2a:ce:51:
                    5c:33:20:91:62:6b:52:66:de:4f:4b:bd:e3:ae:c3:
                    9b:7a:12:fb:1c:dc:d8:5f:91:94:20:ba:d0:6f:d7:
                    c8:f1:53:0e:4b:89:b3:cd:b9:e3:6b:aa:a7:e1:2b:
                    ff:a8:59:47:08:39:94:ff:34:5a:19:81:19:d1:de:
                    48:48:8e:3e:f8:c1:db:e0:20:cb:a1:87:98:8e:ae:
                    84:67:82:a7:e0:28:fa:45:d2:f6:49:32:29:ca:07:
                    d6:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:C9:17:AB:88:91:D7:BF:C5:7D:59:65:45:E7:65:C4:0C:FC:94:2C
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/z8kXq4iR17_FfVllRedlxAz8lCw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.210.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:bb:cf:f9:0d:0d:f4:1d:5c:71:81:47:db:d7:44:0f:c0:17:
         25:27:ad:49:14:1b:b0:74:67:80:f8:53:ce:4a:a9:17:40:6e:
         e2:23:89:a3:ff:94:58:dd:1c:fc:7b:7b:d2:15:a0:84:73:ed:
         92:ba:39:d2:53:28:50:72:59:19:3d:eb:e1:a5:fa:3e:00:76:
         ff:6c:50:d3:2d:03:18:ca:46:98:c6:a5:4f:a2:ad:ee:e1:57:
         f6:0a:33:67:b1:76:36:e3:1c:d7:3b:30:e0:0f:9a:ff:5f:6b:
         ab:b5:ff:ec:c4:de:30:3d:78:e5:a0:f6:46:15:3d:39:ba:bf:
         3f:a2:72:4c:a7:63:90:3c:87:2a:48:45:1a:23:a8:ec:bf:f5:
         93:b6:de:37:23:4c:00:dc:0f:89:8c:7f:86:f1:32:21:06:be:
         86:47:17:a3:56:ef:94:45:15:0d:33:9c:b1:f1:b4:d7:7c:86:
         9b:01:97:70:44:fb:ba:2b:8e:f8:dd:02:c4:9f:be:87:e9:ae:
         ac:f2:cd:35:c4:a7:db:45:72:b6:f1:fe:21:eb:fe:9e:0c:62:
         f7:5a:b0:5e:67:c4:78:cc:e9:01:3d:1b:fb:e2:9b:2f:66:f7:
         17:e3:27:55:54:a5:0d:42:ed:78:14:bc:93:a3:24:55:9a:00:
         1c:c6:80:a8
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBOswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA3Mjcx
NjUwMTdaFw0yNDA3MTQwMTMwMDNaMDMxMTAvBgNVBAMTKENGQzkxN0FCODg5MUQ3
QkZDNTdENTk2NTQ1RTc2NUM0MENGQzk0MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCecUcBTk2gm5oePpsnPppGVHeKkh1LDC0WaimVKH6NnzWDIhri
3IYR+4dqM6stpQOTJ7U3jzkQgnmw1t9N556RqtmXXJEjpQIIhCtn7M+AbX9zT3+Z
Z2v8Iv4pcSj+wLutnvCqjAZYjZermroOaW1wcXIDWSm48oqh3cAvUgAWlAzGP6Pi
Q/pLFhkIZylQREDQE4vg8fKsUdeUtgvj4fa3lirOUVwzIJFia1Jm3k9LveOuw5t6
Evsc3NhfkZQgutBv18jxUw5LibPNueNrqqfhK/+oWUcIOZT/NFoZgRnR3khIjj74
wdvgIMuhh5iOroRngqfgKPpF0vZJMinKB9ZvAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUz8kXq4iR17/FfVllRedlxAz8lCwwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3o4a1hxNGlSMTdfRmZWbGxSZWRseEF6OGxDdy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADc0h0wDQYJKoZIhvcNAQELBQADggEBAI27z/kNDfQdXHGBR9vXRA/AFyUn
rUkUG7B0Z4D4U85KqRdAbuIjiaP/lFjdHPx7e9IVoIRz7ZK6OdJTKFByWRk96+Gl
+j4Adv9sUNMtAxjKRpjGpU+ire7hV/YKM2exdjbjHNc7MOAPmv9fa6u1/+zE3jA9
eOWg9kYVPTm6vz+ickynY5A8hypIRRojqOy/9ZO23jcjTADcD4mMf4bxMiEGvoZH
F6NW75RFFQ0znLHxtNd8hpsBl3BE+7orjvjdAsSfvofprqzyzTXEp9tFcrbx/iHr
/p4MYvdasF5nxHjM6QE9G/vimy9m9xfjJ1VUpQ1C7XgUvJOjJFWaABzGgKg=
-----END CERTIFICATE-----
Generated at Sun Jun 30 04:02:48 2024 by rpki-client on console-ams.rpki-client.org