Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/671/l0iIhvJEoug_Uo6o_bLA4q6MgFo.roa
File:                     l0iIhvJEoug_Uo6o_bLA4q6MgFo.roa (raw, json)
Hash identifier:          GMD4H7SjCiKAn1JIY1YJh2+DpLV5thDsNOh3A4DZi5Q=
Subject key identifier:   97:48:88:86:F2:44:A2:E8:3F:52:8E:A8:FD:B2:C0:E2:AE:8C:80:5A
Certificate issuer:       /CN=FB06B2E4A9D567EB7D80FF59A755FD283BFB13AB
Certificate serial:       72
Authority key identifier: FB:06:B2:E4:A9:D5:67:EB:7D:80:FF:59:A7:55:FD:28:3B:FB:13:AB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-way5KnVZ-t9gP9Zp1X9KDv7E6s.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/l0iIhvJEoug_Uo6o_bLA4q6MgFo.roa
Signing time:             Mon 17 Oct 2022 02:47:51 +0000
ROA not before:           Mon 17 Oct 2022 02:47:51 +0000
ROA not after:            Sun 15 Oct 2023 01:30:02 +0000
asID:                     24276
IP address blocks:        114.69.128.0/19 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114 (0x72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB06B2E4A9D567EB7D80FF59A755FD283BFB13AB
        Validity
            Not Before: Oct 17 02:47:51 2022 GMT
            Not After : Oct 15 01:30:02 2023 GMT
        Subject: CN=97488886F244A2E83F528EA8FDB2C0E2AE8C805A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:32:08:f4:d9:bd:2a:35:9c:f2:df:7a:56:b4:
                    3d:76:62:0b:49:cf:99:3d:d9:5a:5b:5b:d6:23:bc:
                    97:69:ac:49:f3:ae:14:6f:27:63:5b:30:b8:b5:cd:
                    e7:9b:ea:73:bf:fd:4b:12:65:9b:df:c3:9b:b1:e8:
                    d9:6f:20:47:ba:18:71:33:b5:f8:43:de:39:d9:29:
                    1e:49:79:63:f9:ab:68:9f:b6:9d:b7:a0:5b:3a:60:
                    0e:a5:3c:ed:6e:96:33:df:19:95:bf:1c:1e:2f:c4:
                    4c:bc:c1:af:f7:0e:4d:61:60:cd:da:2f:00:ce:0a:
                    73:cd:c6:c7:db:50:73:4e:10:97:e8:67:b1:93:a6:
                    a1:ea:f8:2c:20:cf:0e:f7:7c:5f:41:76:38:70:ac:
                    84:ff:0f:22:a8:44:bb:92:a0:0f:fc:25:49:ca:be:
                    a8:f7:27:10:d4:e2:ef:51:64:ba:cd:b9:be:3d:bb:
                    1e:f2:43:c7:ae:d8:9c:7e:57:a3:37:63:f0:6d:a5:
                    e2:84:ad:00:80:d9:ee:c7:c2:9b:ad:db:f8:1f:c3:
                    10:a0:3c:37:63:d5:dc:e9:e8:d1:fc:1a:58:68:44:
                    2e:12:d3:82:a1:86:62:10:2b:71:4e:2a:c0:71:7d:
                    e4:fe:a5:de:e9:a5:78:50:ca:36:f5:7b:ad:3f:85:
                    c0:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:48:88:86:F2:44:A2:E8:3F:52:8E:A8:FD:B2:C0:E2:AE:8C:80:5A
            X509v3 Authority Key Identifier:
                keyid:FB:06:B2:E4:A9:D5:67:EB:7D:80:FF:59:A7:55:FD:28:3B:FB:13:AB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/-way5KnVZ-t9gP9Zp1X9KDv7E6s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-way5KnVZ-t9gP9Zp1X9KDv7E6s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/l0iIhvJEoug_Uo6o_bLA4q6MgFo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.69.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c2:63:29:0a:3a:61:e0:73:c9:70:3f:34:65:6e:e7:1c:ca:ad:
         bb:23:3a:b1:87:a5:b2:da:de:67:de:f5:3e:b7:e2:c1:e1:ab:
         5e:58:e2:47:f5:52:a1:f3:a5:c0:6f:eb:3e:1f:ca:50:8b:a7:
         da:8a:eb:67:41:ed:25:a9:45:30:df:64:62:7b:57:c4:2f:76:
         2a:77:2f:66:f8:87:ae:d5:58:87:d7:a4:8f:13:bd:0f:ee:cb:
         27:6e:de:45:29:1e:b6:8d:dd:1e:db:79:15:05:ad:53:bb:f1:
         c9:b9:51:98:fd:74:fa:65:a3:36:69:92:6f:93:c8:ab:ef:80:
         4a:ee:fb:1e:7e:e8:1f:2b:4b:9f:0b:fe:92:e5:05:a6:56:11:
         83:1c:42:ba:aa:c5:a0:4b:95:47:6d:11:f8:75:94:87:2d:07:
         5e:71:b4:9f:22:c1:1a:d0:e2:54:b1:d2:ab:17:8b:ab:d1:64:
         db:f2:9f:39:5d:36:96:7a:ee:20:6a:16:da:af:3f:cd:01:72:
         56:59:55:7b:24:b5:4a:83:dd:56:df:70:51:0c:3f:16:9e:20:
         d0:2a:63:54:d8:9d:87:bf:7a:cb:7e:4b:09:dd:2a:02:8e:c8:
         f0:97:7c:37:09:19:a2:c3:ba:fd:d1:0c:fb:40:22:e1:e7:45:
         65:2d:fb:5a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGQjA2
QjJFNEE5RDU2N0VCN0Q4MEZGNTlBNzU1RkQyODNCRkIxM0FCMB4XDTIyMTAxNzAy
NDc1MVoXDTIzMTAxNTAxMzAwMlowMzExMC8GA1UEAxMoOTc0ODg4ODZGMjQ0QTJF
ODNGNTI4RUE4RkRCMkMwRTJBRThDODA1QTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAO0yCPTZvSo1nPLfela0PXZiC0nPmT3ZWltb1iO8l2msSfOuFG8n
Y1swuLXN55vqc7/9SxJlm9/Dm7Ho2W8gR7oYcTO1+EPeOdkpHkl5Y/mraJ+2nbeg
WzpgDqU87W6WM98Zlb8cHi/ETLzBr/cOTWFgzdovAM4Kc83Gx9tQc04Ql+hnsZOm
oer4LCDPDvd8X0F2OHCshP8PIqhEu5KgD/wlScq+qPcnENTi71Fkus25vj27HvJD
x67YnH5Xozdj8G2l4oStAIDZ7sfCm63b+B/DEKA8N2PV3Ono0fwaWGhELhLTgqGG
YhArcU4qwHF95P6l3umleFDKNvV7rT+FwDECAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSXSIiG8kSi6D9Sjqj9ssDiroyAWjAfBgNVHSMEGDAWgBT7BrLkqdVn632A/1mn
Vf0oO/sTqzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNjcxLy13YXk1S25WWi10OWdQOVpwMVg5S0R2N0U2cy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLy13YXk1S25WWi10OWdQOVpwMVg5S0R2
N0U2cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC82NzEvbDBpSWh2SkVvdWdfVW82b19iTEE0cTZNZ0ZvLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBXJFgDANBgkqhkiG9w0BAQsFAAOCAQEAwmMpCjph4HPJcD80ZW7nHMqtuyM6
sYelstreZ971PrfiweGrXljiR/VSofOlwG/rPh/KUIun2orrZ0HtJalFMN9kYntX
xC92KncvZviHrtVYh9ekjxO9D+7LJ27eRSketo3dHtt5FQWtU7vxyblRmP10+mWj
NmmSb5PIq++ASu77Hn7oHytLnwv+kuUFplYRgxxCuqrFoEuVR20R+HWUhy0HXnG0
nyLBGtDiVLHSqxeLq9Fk2/KfOV02lnruIGoW2q8/zQFyVllVeyS1SoPdVt9wUQw/
Fp4g0CpjVNidh796y35LCd0qAo7I8Jd8NwkZosO6/dEM+0Ai4edFZS37Wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:56 2024 by rpki-client on console-fra.rpki-client.org