Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/602/NsZiManOkrl-sSsthuNXDt2O3-Q.roa
File:                     NsZiManOkrl-sSsthuNXDt2O3-Q.roa (raw, json)
Hash identifier:          Wm8rGMB2RVn+0Pqoo2PzKkxpWRpTo87HNT2ds+DuAYY=
Subject key identifier:   36:C6:62:31:A9:CE:92:B9:7E:B1:2B:2D:86:E3:57:0E:DD:8E:DF:E4
Certificate issuer:       /CN=4EFF1AB6EADA273BA066DB0F77B79D6A0D901542
Certificate serial:       4F
Authority key identifier: 4E:FF:1A:B6:EA:DA:27:3B:A0:66:DB:0F:77:B7:9D:6A:0D:90:15:42
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Tv8aturaJzugZtsPd7edag2QFUI.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/602/NsZiManOkrl-sSsthuNXDt2O3-Q.roa
Signing time:             Fri 01 Sep 2023 01:29:14 +0000
ROA not before:           Fri 01 Sep 2023 01:29:14 +0000
ROA not after:            Wed 14 Aug 2024 01:30:02 +0000
asID:                     24295
IP address blocks:        203.169.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 Jul 2024 01:28:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79 (0x4f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4EFF1AB6EADA273BA066DB0F77B79D6A0D901542
        Validity
            Not Before: Sep  1 01:29:14 2023 GMT
            Not After : Aug 14 01:30:02 2024 GMT
        Subject: CN=36C66231A9CE92B97EB12B2D86E3570EDD8EDFE4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:4c:6b:ee:63:24:ce:28:42:d4:c0:a3:60:19:
                    47:1d:03:d6:60:0e:3c:40:28:ed:5b:17:8a:14:e9:
                    1b:de:00:72:4b:8b:64:6a:ff:a9:c7:53:43:e9:76:
                    61:47:31:ba:33:e6:30:73:ef:0c:8e:e7:13:d2:43:
                    ee:17:2d:d4:d5:7e:cf:86:58:78:2f:04:5c:d1:9d:
                    01:d1:09:ad:94:c4:a3:5a:99:ba:e6:da:82:50:23:
                    62:fa:6f:f3:93:41:c4:e9:8c:63:14:04:dd:93:51:
                    79:24:7a:47:f2:eb:9c:f6:90:a3:77:20:44:a9:a3:
                    6d:13:dd:e9:de:ce:62:c3:f6:97:4b:b7:72:db:f4:
                    2f:6c:c6:b2:7b:ee:db:38:8d:45:e6:75:ca:6c:98:
                    7e:80:3f:7e:ba:71:7b:e7:4a:e2:46:68:8a:6d:4f:
                    0e:64:a0:9a:b7:02:5b:97:7e:e6:f6:0a:48:0a:04:
                    d9:ef:23:60:41:25:af:ec:85:eb:fe:d8:f6:e1:e3:
                    e4:17:b3:57:cc:e1:fe:6b:52:94:6a:7d:d1:9c:a5:
                    02:fe:0f:b1:f9:4c:93:43:ad:28:c9:5e:6d:47:0b:
                    ee:48:4f:1d:ac:6f:0f:5a:5a:e3:1b:f1:d4:b0:b1:
                    da:ff:6f:95:37:04:28:76:a6:14:03:53:d7:83:8b:
                    64:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:C6:62:31:A9:CE:92:B9:7E:B1:2B:2D:86:E3:57:0E:DD:8E:DF:E4
            X509v3 Authority Key Identifier:
                keyid:4E:FF:1A:B6:EA:DA:27:3B:A0:66:DB:0F:77:B7:9D:6A:0D:90:15:42

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/602/Tv8aturaJzugZtsPd7edag2QFUI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Tv8aturaJzugZtsPd7edag2QFUI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/602/NsZiManOkrl-sSsthuNXDt2O3-Q.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.169.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:39:15:5a:e3:70:bd:37:ec:d3:94:58:37:a5:29:1f:69:86:
         09:fa:12:da:bb:e5:c9:e6:1e:fd:e9:06:31:6c:48:ff:0a:34:
         b3:a7:b1:80:24:02:49:28:7f:02:c2:3d:1b:54:08:3e:ee:59:
         6b:02:d7:34:28:52:b3:3c:37:b0:18:2e:e7:51:5a:4f:2b:1f:
         d5:9f:00:5c:fb:99:c8:11:34:c4:55:b9:cc:50:e0:65:cd:a5:
         45:4b:6a:05:12:f3:7a:b5:91:42:ea:a1:5b:ad:52:b9:75:01:
         e8:96:3c:02:a3:7f:8c:9f:ee:21:b5:89:d1:c3:ba:73:a6:b1:
         d7:c4:d1:8c:b7:ea:5c:0e:53:4b:b8:31:73:d6:35:41:22:63:
         de:fc:52:21:1c:67:76:34:ca:18:5a:47:dc:69:b7:8b:71:34:
         25:93:f2:86:15:fd:3c:58:f8:c2:99:5b:8b:1d:56:d0:d0:f8:
         a0:17:a5:95:05:61:7f:39:53:97:b9:c9:9a:88:d5:cd:92:18:
         97:9f:f9:93:9d:2e:c2:7e:cf:ae:42:d6:5e:9e:7b:bf:8a:b4:
         b7:96:5e:5b:d9:01:9b:f3:f2:b5:55:46:65:af:f2:cc:bd:4f:
         e2:a6:c3:9e:46:94:a4:4d:55:eb:60:d6:0e:b5:34:96:a4:9a:
         fb:a6:36:1a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0RUZG
MUFCNkVBREEyNzNCQTA2NkRCMEY3N0I3OUQ2QTBEOTAxNTQyMB4XDTIzMDkwMTAx
MjkxNFoXDTI0MDgxNDAxMzAwMlowMzExMC8GA1UEAxMoMzZDNjYyMzFBOUNFOTJC
OTdFQjEyQjJEODZFMzU3MEVERDhFREZFNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALRMa+5jJM4oQtTAo2AZRx0D1mAOPEAo7VsXihTpG94AckuLZGr/
qcdTQ+l2YUcxujPmMHPvDI7nE9JD7hct1NV+z4ZYeC8EXNGdAdEJrZTEo1qZuuba
glAjYvpv85NBxOmMYxQE3ZNReSR6R/LrnPaQo3cgRKmjbRPd6d7OYsP2l0u3ctv0
L2zGsnvu2ziNReZ1ymyYfoA/frpxe+dK4kZoim1PDmSgmrcCW5d+5vYKSAoE2e8j
YEElr+yF6/7Y9uHj5BezV8zh/mtSlGp90ZylAv4PsflMk0OtKMlebUcL7khPHaxv
D1pa4xvx1LCx2v9vlTcEKHamFANT14OLZOMCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQ2xmIxqc6SuX6xKy2G41cO3Y7f5DAfBgNVHSMEGDAWgBRO/xq26tonO6Bm2w93
t51qDZAVQjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNjAyL1R2OGF0dXJhSnp1Z1p0c1BkN2VkYWcyUUZVSS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1R2OGF0dXJhSnp1Z1p0c1BkN2VkYWcy
UUZVSS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC82MDIvTnNaaU1hbk9rcmwtc1NzdGh1TlhEdDJPMy1RLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMupDjANBgkqhkiG9w0BAQsFAAOCAQEAKzkVWuNwvTfs05RYN6UpH2mGCfoS
2rvlyeYe/ekGMWxI/wo0s6exgCQCSSh/AsI9G1QIPu5ZawLXNChSszw3sBgu51Fa
Tysf1Z8AXPuZyBE0xFW5zFDgZc2lRUtqBRLzerWRQuqhW61SuXUB6JY8AqN/jJ/u
IbWJ0cO6c6ax18TRjLfqXA5TS7gxc9Y1QSJj3vxSIRxndjTKGFpH3Gm3i3E0JZPy
hhX9PFj4wplbix1W0ND4oBellQVhfzlTl7nJmojVzZIYl5/5k50uwn7PrkLWXp57
v4q0t5ZeW9kBm/PytVVGZa/yzL1P4qbDnkaUpE1V62DWDrU0lqSa+6Y2Gg==
-----END CERTIFICATE-----
Generated at Wed Jul 31 03:01:49 2024 by rpki-client on console-ams.rpki-client.org