Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/671/4kmgpdkRChA-XTlFlCDfFqnXArQ.roa
File:                     4kmgpdkRChA-XTlFlCDfFqnXArQ.roa (raw, json)
Hash identifier:          WVkgtm2jGDvO/4eJihheUFUJWQMgoPGQUnBvcQE8sAo=
Subject key identifier:   E2:49:A0:A5:D9:11:0A:10:3E:5D:39:45:94:20:DF:16:A9:D7:02:B4
Certificate issuer:       /CN=FB06B2E4A9D567EB7D80FF59A755FD283BFB13AB
Certificate serial:       01BA
Authority key identifier: FB:06:B2:E4:A9:D5:67:EB:7D:80:FF:59:A7:55:FD:28:3B:FB:13:AB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-way5KnVZ-t9gP9Zp1X9KDv7E6s.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/4kmgpdkRChA-XTlFlCDfFqnXArQ.roa
Signing time:             Sun 01 Oct 2023 01:38:15 +0000
ROA not before:           Sun 01 Oct 2023 01:38:15 +0000
ROA not after:            Sat 14 Sep 2024 01:30:03 +0000
asID:                     4721
IP address blocks:        223.165.32.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Sat 31 Aug 2024 01:40:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 442 (0x1ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB06B2E4A9D567EB7D80FF59A755FD283BFB13AB
        Validity
            Not Before: Oct  1 01:38:15 2023 GMT
            Not After : Sep 14 01:30:03 2024 GMT
        Subject: CN=E249A0A5D9110A103E5D39459420DF16A9D702B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:29:32:a2:60:c8:f4:d3:d3:c9:d2:a1:6f:9c:
                    dd:60:b5:52:b3:8c:c3:b0:27:83:2b:2a:e0:2e:40:
                    65:6a:00:65:b8:0c:d8:02:9d:ae:25:37:04:03:0c:
                    72:72:52:86:13:4c:8b:76:69:88:95:ff:f7:f1:18:
                    9c:75:0a:08:5e:20:e2:e4:35:bf:93:bd:58:d8:18:
                    cc:ae:7c:3e:bb:e8:ee:ba:7e:ec:5e:c7:54:9a:b5:
                    05:bd:14:9b:6f:b4:64:b7:a3:0c:2e:33:1d:bc:e0:
                    4c:c5:7e:54:02:29:6b:78:42:41:d8:32:75:1d:3f:
                    b8:5b:15:f4:b3:2f:30:66:5b:0e:cf:81:b3:3d:50:
                    2b:8f:61:d9:3f:fe:c2:29:4f:69:d3:86:6f:8e:73:
                    29:3b:c0:87:3f:b5:0b:43:e8:b0:70:64:43:39:78:
                    93:1b:51:53:ff:86:f7:e7:45:68:12:26:bb:ca:ee:
                    0e:95:1c:ea:37:37:ba:a0:fd:59:9a:27:a7:93:23:
                    3f:8c:65:e5:78:10:bf:2b:32:d5:ec:25:81:30:19:
                    36:85:0d:74:c5:02:41:fa:3c:99:fd:d5:b6:c0:63:
                    47:dd:2a:e1:e0:cb:15:31:41:a8:76:d9:e6:e3:df:
                    c9:3b:a4:bf:85:8b:41:4f:a3:bd:e1:f5:44:90:82:
                    7d:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:49:A0:A5:D9:11:0A:10:3E:5D:39:45:94:20:DF:16:A9:D7:02:B4
            X509v3 Authority Key Identifier:
                keyid:FB:06:B2:E4:A9:D5:67:EB:7D:80:FF:59:A7:55:FD:28:3B:FB:13:AB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/-way5KnVZ-t9gP9Zp1X9KDv7E6s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-way5KnVZ-t9gP9Zp1X9KDv7E6s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/4kmgpdkRChA-XTlFlCDfFqnXArQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.165.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         1a:29:0a:32:c1:51:72:87:d7:64:0b:c8:4c:7e:fa:ee:56:fe:
         c9:e3:4d:3d:ba:4e:19:80:cc:ab:97:ea:db:b9:f6:25:7f:77:
         78:c6:bd:7f:3f:7e:23:33:93:20:a7:59:e5:c3:ef:88:f2:bf:
         f7:03:c4:b0:53:16:8b:2e:c1:bd:54:7e:a1:12:05:f5:c2:fa:
         d9:91:3a:d3:2a:a4:7c:0d:73:df:d4:71:24:30:5f:94:f5:5f:
         9f:25:a4:31:49:32:26:ca:a6:e9:4f:79:30:00:ce:b0:d4:e0:
         68:c3:63:b7:60:b4:62:eb:08:ef:ef:c0:da:5a:71:83:4e:f1:
         a4:c4:17:57:68:4b:25:29:e4:62:2a:1c:f8:a3:12:e1:b9:ee:
         cf:28:9b:ac:34:83:be:2f:21:4c:de:7b:29:9b:af:22:6a:c5:
         79:d9:86:80:7f:78:75:91:df:d5:45:1f:cd:27:29:fe:30:02:
         41:e7:93:f7:c4:1f:b2:9e:f3:bf:21:63:c0:d2:0e:08:02:01:
         98:d6:33:64:42:19:62:91:2c:22:4a:2e:20:f5:46:61:df:f5:
         20:38:a8:f3:b7:fc:b9:d4:b4:ba:24:df:d1:34:99:91:33:dd:
         97:9f:b2:22:39:fb:a2:4b:03:17:f2:ae:01:b5:29:ac:99:72:
         cf:31:66:0f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAbowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NkIyRTRBOUQ1NjdFQjdEODBGRjU5QTc1NUZEMjgzQkZCMTNBQjAeFw0yMzEwMDEw
MTM4MTVaFw0yNDA5MTQwMTMwMDNaMDMxMTAvBgNVBAMTKEUyNDlBMEE1RDkxMTBB
MTAzRTVEMzk0NTk0MjBERjE2QTlENzAyQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+KTKiYMj009PJ0qFvnN1gtVKzjMOwJ4MrKuAuQGVqAGW4DNgC
na4lNwQDDHJyUoYTTIt2aYiV//fxGJx1CgheIOLkNb+TvVjYGMyufD676O66fuxe
x1SatQW9FJtvtGS3owwuMx284EzFflQCKWt4QkHYMnUdP7hbFfSzLzBmWw7PgbM9
UCuPYdk//sIpT2nThm+Ocyk7wIc/tQtD6LBwZEM5eJMbUVP/hvfnRWgSJrvK7g6V
HOo3N7qg/VmaJ6eTIz+MZeV4EL8rMtXsJYEwGTaFDXTFAkH6PJn91bbAY0fdKuHg
yxUxQah22ebj38k7pL+Fi0FPo73h9USQgn0bAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU4kmgpdkRChA+XTlFlCDfFqnXArQwHwYDVR0jBBgwFoAU+way5KnVZ+t9gP9Z
p1X9KDv7E6swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzY3MS8td2F5NUtuVlotdDlnUDlacDFYOUtEdjdFNnMuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC8td2F5NUtuVlotdDlnUDlacDFYOUtE
djdFNnMuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNjcxLzRrbWdwZGtSQ2hBLVhUbEZsQ0RmRnFuWEFyUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXfpSAwDQYJKoZIhvcNAQELBQADggEBABopCjLBUXKH12QLyEx++u5W/snj
TT26ThmAzKuX6tu59iV/d3jGvX8/fiMzkyCnWeXD74jyv/cDxLBTFosuwb1UfqES
BfXC+tmROtMqpHwNc9/UcSQwX5T1X58lpDFJMibKpulPeTAAzrDU4GjDY7dgtGLr
CO/vwNpacYNO8aTEF1doSyUp5GIqHPijEuG57s8om6w0g74vIUzeeymbryJqxXnZ
hoB/eHWR39VFH80nKf4wAkHnk/fEH7Ke878hY8DSDggCAZjWM2RCGWKRLCJKLiD1
RmHf9SA4qPO3/LnUtLok39E0mZEz3ZefsiI5+6JLAxfyrgG1KayZcs8xZg8=
-----END CERTIFICATE-----
Generated at Sat Aug 31 04:11:55 2024 by rpki-client on console-ams.rpki-client.org