Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/394/ztPt1gSDpWb_sCfbl3V9SefYfnE.roa
File:                     ztPt1gSDpWb_sCfbl3V9SefYfnE.roa (raw, json)
Hash identifier:          eKMTbgATm+QaJqAUOGdoDd9vgdDreFqbE42TBoc4dXg=
Subject key identifier:   CE:D3:ED:D6:04:83:A5:66:FF:B0:27:DB:97:75:7D:49:E7:D8:7E:71
Certificate issuer:       /CN=0D7125AE4CEAE1335FE5D429AA030CE9070DF19C
Certificate serial:       01A3
Authority key identifier: 0D:71:25:AE:4C:EA:E1:33:5F:E5:D4:29:AA:03:0C:E9:07:0D:F1:9C
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/ztPt1gSDpWb_sCfbl3V9SefYfnE.roa
Signing time:             Fri 07 Jul 2023 04:14:30 +0000
ROA not before:           Fri 07 Jul 2023 04:14:30 +0000
ROA not after:            Fri 14 Jun 2024 01:30:02 +0000
asID:                     10013
IP address blocks:        220.150.208.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Fri 31 May 2024 01:39:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 419 (0x1a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D7125AE4CEAE1335FE5D429AA030CE9070DF19C
        Validity
            Not Before: Jul  7 04:14:30 2023 GMT
            Not After : Jun 14 01:30:02 2024 GMT
        Subject: CN=CED3EDD60483A566FFB027DB97757D49E7D87E71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:30:ed:8e:b7:47:f1:2c:7d:c1:ff:f8:ef:78:
                    3b:a9:7f:34:6b:fe:f6:58:30:4c:f3:11:b1:91:a4:
                    d5:1e:60:02:22:d2:76:24:64:7a:50:96:97:e3:f0:
                    d3:16:60:1d:62:6d:10:92:d2:47:0a:73:48:9e:18:
                    bb:cc:b9:c6:0b:eb:14:5d:27:80:f1:a9:96:f7:b0:
                    4d:74:2f:30:af:84:18:33:c8:47:9d:1b:f1:79:4f:
                    d8:8b:d3:2a:08:cb:fc:ba:fd:94:15:9a:cc:6f:eb:
                    d9:81:e9:c4:15:91:6d:02:df:d0:59:a2:49:af:56:
                    2f:88:ae:e1:04:71:bd:f3:26:50:14:93:be:3a:b4:
                    c3:81:e8:33:ee:3f:ec:b2:91:14:42:a6:19:ca:f3:
                    ff:6d:ca:fc:dc:34:3c:ad:f0:7b:27:bc:5a:67:e9:
                    5a:b6:5a:56:93:8c:3a:4c:7c:95:06:be:d6:dd:4a:
                    72:d5:00:47:5e:0d:84:c1:f4:0a:b9:89:86:db:8c:
                    35:a7:3d:da:9c:f6:d5:f4:eb:fe:d7:49:bb:27:48:
                    1a:88:61:25:5c:e4:93:56:07:13:fe:30:d5:22:f7:
                    ba:dd:59:5b:ec:98:fb:c9:e7:33:71:09:c5:a1:92:
                    03:38:6a:70:b8:ac:ad:f3:b0:b2:b7:a3:8d:cc:dd:
                    3c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:D3:ED:D6:04:83:A5:66:FF:B0:27:DB:97:75:7D:49:E7:D8:7E:71
            X509v3 Authority Key Identifier:
                keyid:0D:71:25:AE:4C:EA:E1:33:5F:E5:D4:29:AA:03:0C:E9:07:0D:F1:9C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/DXElrkzq4TNf5dQpqgMM6QcN8Zw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/ztPt1gSDpWb_sCfbl3V9SefYfnE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.150.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         71:d4:6d:28:e7:3a:c1:2a:7b:25:df:fc:fb:cb:ee:19:10:b9:
         bc:f5:6b:15:ca:8c:be:81:5a:9b:80:99:1c:eb:a7:9d:fe:ed:
         35:21:16:ba:00:fc:af:ce:fe:68:e8:51:28:92:d4:18:a5:49:
         84:db:53:54:58:3c:5e:a2:ce:3f:31:dd:19:a1:44:31:5e:2f:
         61:38:e8:47:a7:81:cb:a7:76:82:2c:4a:72:25:5b:94:3e:5d:
         fd:4a:fd:42:cb:99:af:06:89:3f:a2:46:c7:7c:cb:c3:40:97:
         31:83:2c:91:e0:56:ed:50:f3:e6:7a:1c:39:22:4c:84:00:b8:
         bd:48:e4:b8:0f:33:35:2f:6c:e8:87:29:c2:28:28:f1:6f:ed:
         75:fc:98:97:49:58:34:52:ac:1f:3e:df:93:d7:77:11:eb:7b:
         3b:af:ed:cc:09:ca:db:2c:9a:17:5f:2c:e1:01:64:8e:23:38:
         89:33:bc:9e:7c:63:fb:b2:b0:a9:f5:3c:be:44:d5:0e:0e:69:
         fd:89:29:1b:84:3f:3c:70:aa:f8:5c:1a:3a:79:95:34:69:33:
         33:af:75:7b:88:d2:0a:f5:2f:5a:4c:7e:5b:22:f3:3b:05:d9:
         08:61:4e:d7:27:c5:93:34:64:94:12:2e:f0:57:73:e7:30:71:
         02:85:ff:03
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ3
MTI1QUU0Q0VBRTEzMzVGRTVENDI5QUEwMzBDRTkwNzBERjE5QzAeFw0yMzA3MDcw
NDE0MzBaFw0yNDA2MTQwMTMwMDJaMDMxMTAvBgNVBAMTKENFRDNFREQ2MDQ4M0E1
NjZGRkIwMjdEQjk3NzU3RDQ5RTdEODdFNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEMO2Ot0fxLH3B//jveDupfzRr/vZYMEzzEbGRpNUeYAIi0nYk
ZHpQlpfj8NMWYB1ibRCS0kcKc0ieGLvMucYL6xRdJ4DxqZb3sE10LzCvhBgzyEed
G/F5T9iL0yoIy/y6/ZQVmsxv69mB6cQVkW0C39BZokmvVi+IruEEcb3zJlAUk746
tMOB6DPuP+yykRRCphnK8/9tyvzcNDyt8HsnvFpn6Vq2WlaTjDpMfJUGvtbdSnLV
AEdeDYTB9Aq5iYbbjDWnPdqc9tX06/7XSbsnSBqIYSVc5JNWBxP+MNUi97rdWVvs
mPvJ5zNxCcWhkgM4anC4rK3zsLK3o43M3TzRAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUztPt1gSDpWb/sCfbl3V9SefYfnEwHwYDVR0jBBgwFoAUDXElrkzq4TNf5dQp
qgMM6QcN8ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM5NC9EWEVscmt6cTRUTmY1ZFFwcWdNTTZRY044WncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9EWEVscmt6cTRUTmY1ZFFwcWdNTTZR
Y044WncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzk0L3p0UHQxZ1NEcFdiX3NDZmJsM1Y5U2VmWWZuRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPcltAwDQYJKoZIhvcNAQELBQADggEBAHHUbSjnOsEqeyXf/PvL7hkQubz1
axXKjL6BWpuAmRzrp53+7TUhFroA/K/O/mjoUSiS1BilSYTbU1RYPF6izj8x3Rmh
RDFeL2E46EengcundoIsSnIlW5Q+Xf1K/ULLma8GiT+iRsd8y8NAlzGDLJHgVu1Q
8+Z6HDkiTIQAuL1I5LgPMzUvbOiHKcIoKPFv7XX8mJdJWDRSrB8+35PXdxHrezuv
7cwJytssmhdfLOEBZI4jOIkzvJ58Y/uysKn1PL5E1Q4Oaf2JKRuEPzxwqvhcGjp5
lTRpMzOvdXuI0gr1L1pMflsi8zsF2QhhTtcnxZM0ZJQSLvBXc+cwcQKF/wM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:09 2024 by rpki-client on console-ams.rpki-client.org