Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/43/XxCiT3PWj73NLXzFEci3QaPa_jo.roa
File:                     XxCiT3PWj73NLXzFEci3QaPa_jo.roa (raw, json)
Hash identifier:          yVR9A8Vw4GFvkwd/vuJyG9PEhd/WWf4JvZVimg4qLlg=
Subject key identifier:   5F:10:A2:4F:73:D6:8F:BD:CD:2D:7C:C5:11:C8:B7:41:A3:DA:FE:3A
Certificate issuer:       /CN=095A182FA18D458233284AA8DC88BD075E5D702D
Certificate serial:       0114
Authority key identifier: 09:5A:18:2F:A1:8D:45:82:33:28:4A:A8:DC:88:BD:07:5E:5D:70:2D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/CVoYL6GNRYIzKEqo3Ii9B15dcC0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/43/XxCiT3PWj73NLXzFEci3QaPa_jo.roa
Signing time:             Fri 01 Dec 2023 01:31:49 +0000
ROA not before:           Fri 01 Dec 2023 01:31:49 +0000
ROA not after:            Thu 14 Nov 2024 01:30:03 +0000
asID:                     2527
IP address blocks:        120.74.0.0/15 maxlen: 24

Validation:               Failed, certificate revoked on Thu 31 Oct 2024 01:30:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 276 (0x114)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=095A182FA18D458233284AA8DC88BD075E5D702D
        Validity
            Not Before: Dec  1 01:31:49 2023 GMT
            Not After : Nov 14 01:30:03 2024 GMT
        Subject: CN=5F10A24F73D68FBDCD2D7CC511C8B741A3DAFE3A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:10:15:b0:29:6a:6e:c2:60:84:44:27:e1:4e:
                    aa:60:2d:d9:97:18:d1:ab:1d:fd:e0:d0:01:5a:3c:
                    78:04:6e:3c:83:73:d2:2b:d9:f1:29:94:48:d4:89:
                    ca:87:d4:f9:43:c7:04:d6:2a:17:a5:58:8f:65:84:
                    1e:a8:1e:b4:ce:1d:fc:5c:86:47:05:9d:f8:85:02:
                    ff:d8:5b:2d:b7:6c:e5:27:60:c9:39:73:e4:55:35:
                    97:3b:ac:5d:12:3e:f7:54:ce:eb:52:bc:87:fd:a3:
                    5c:aa:d2:ed:96:78:57:8d:fb:55:52:04:76:ed:8b:
                    df:62:60:76:f6:94:1d:1e:9c:50:b4:6b:1a:bf:9c:
                    79:aa:f6:51:75:42:b7:3f:c0:cd:65:a9:be:41:2c:
                    84:36:c2:1d:7a:5f:23:95:40:31:01:73:9b:66:72:
                    21:8e:02:ed:7a:80:ec:cb:bc:98:85:20:6a:86:eb:
                    23:6a:c5:98:07:bd:ab:3b:4d:54:ee:34:7f:b9:21:
                    e5:d5:73:67:cf:df:ca:3f:25:6e:1b:78:e3:19:a9:
                    c5:d3:28:03:d6:e7:1f:5d:c5:2c:92:3e:67:6c:d9:
                    10:f2:27:5a:74:41:63:ee:0e:c0:e7:8d:3b:bb:bd:
                    d9:98:7b:e1:23:f2:0b:90:0e:e4:fa:7c:c1:dd:30:
                    79:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:10:A2:4F:73:D6:8F:BD:CD:2D:7C:C5:11:C8:B7:41:A3:DA:FE:3A
            X509v3 Authority Key Identifier:
                keyid:09:5A:18:2F:A1:8D:45:82:33:28:4A:A8:DC:88:BD:07:5E:5D:70:2D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/43/CVoYL6GNRYIzKEqo3Ii9B15dcC0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/CVoYL6GNRYIzKEqo3Ii9B15dcC0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/43/XxCiT3PWj73NLXzFEci3QaPa_jo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.74.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         22:27:ff:bd:1c:db:5d:fb:ae:c9:2c:e4:6e:ff:6e:ac:7b:8b:
         b2:73:09:1b:c0:c1:71:4e:93:e7:c1:03:cc:24:67:cc:77:7b:
         41:f3:ab:d9:b7:c9:59:70:32:4e:bc:59:6f:63:82:88:c7:da:
         c8:30:95:de:7a:02:5d:88:23:f8:d8:e7:ef:37:31:90:1c:6a:
         17:6c:ba:9e:67:ee:ef:c9:59:a9:cc:ac:eb:59:32:7e:c4:92:
         83:2f:5d:e7:bf:58:17:cf:5a:bf:ae:00:38:c2:c9:38:d1:45:
         bf:0c:4a:c2:a8:ce:d6:e8:3a:b0:58:08:29:c5:18:86:33:2f:
         32:4b:b3:47:d3:d4:2f:ae:b8:cb:d0:f7:19:8b:c9:ed:8d:d0:
         55:16:ab:65:95:9e:ea:6e:28:aa:58:d9:d1:82:ce:f1:f7:82:
         d9:fb:40:0d:a3:ce:c5:82:45:63:c9:b3:50:0e:92:e7:2d:d8:
         a7:ef:8d:c2:ec:6b:f1:2f:95:d4:92:9e:63:b4:01:5c:4b:00:
         3e:7b:0d:da:b5:b4:c5:c6:f7:66:4c:8f:a1:7d:c3:9c:98:b0:
         fc:d1:00:76:f4:2b:24:30:12:27:82:93:a6:ba:e7:22:7e:f8:
         18:e2:d5:d4:56:3e:fd:f5:43:3d:db:ae:de:7e:6f:c1:ec:f3:
         ea:9d:d6:6b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgICARQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDk1
QTE4MkZBMThENDU4MjMzMjg0QUE4REM4OEJEMDc1RTVENzAyRDAeFw0yMzEyMDEw
MTMxNDlaFw0yNDExMTQwMTMwMDNaMDMxMTAvBgNVBAMTKDVGMTBBMjRGNzNENjhG
QkRDRDJEN0NDNTExQzhCNzQxQTNEQUZFM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLEBWwKWpuwmCERCfhTqpgLdmXGNGrHf3g0AFaPHgEbjyDc9Ir
2fEplEjUicqH1PlDxwTWKhelWI9lhB6oHrTOHfxchkcFnfiFAv/YWy23bOUnYMk5
c+RVNZc7rF0SPvdUzutSvIf9o1yq0u2WeFeN+1VSBHbti99iYHb2lB0enFC0axq/
nHmq9lF1Qrc/wM1lqb5BLIQ2wh16XyOVQDEBc5tmciGOAu16gOzLvJiFIGqG6yNq
xZgHvas7TVTuNH+5IeXVc2fP38o/JW4beOMZqcXTKAPW5x9dxSySPmds2RDyJ1p0
QWPuDsDnjTu7vdmYe+Ej8guQDuT6fMHdMHlVAgMBAAGjggIhMIICHTAdBgNVHQ4E
FgQUXxCiT3PWj73NLXzFEci3QaPa/jowHwYDVR0jBBgwFoAUCVoYL6GNRYIzKEqo
3Ii9B15dcC0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBlBgNVHR8EXjBcMFqg
WKBWhlRyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzQzL0NWb1lMNkdOUllJektFcW8zSWk5QjE1ZGNDMC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0NWb1lMNkdOUllJektFcW8zSWk5QjE1
ZGNDMC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG6BggrBgEFBQcBCwSBrTCBqjBgBggr
BgEFBQcwC4ZUcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC80My9YeENpVDNQV2o3M05MWHpGRWNpM1FhUGFfam8ucm9hMEYG
CCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvcnJk
cC9hcC9ub3RpZmljYXRpb24ueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAF
AwMBeEowDQYJKoZIhvcNAQELBQADggEBACIn/70c2137rsks5G7/bqx7i7JzCRvA
wXFOk+fBA8wkZ8x3e0Hzq9m3yVlwMk68WW9jgojH2sgwld56Al2II/jY5+83MZAc
ahdsup5n7u/JWanMrOtZMn7EkoMvXee/WBfPWr+uADjCyTjRRb8MSsKoztboOrBY
CCnFGIYzLzJLs0fT1C+uuMvQ9xmLye2N0FUWq2WVnupuKKpY2dGCzvH3gtn7QA2j
zsWCRWPJs1AOkuct2KfvjcLsa/EvldSSnmO0AVxLAD57Ddq1tMXG92ZMj6F9w5yY
sPzRAHb0KyQwEieCk6a65yJ++Bji1dRWPv31Qz3brt5+b8Hs8+qd1ms=
-----END CERTIFICATE-----
Generated at Thu Oct 31 05:07:19 2024 by rpki-client on console-ams.rpki-client.org