Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/977/cdOf_I9n6i_Ki2He_DKjB-WIafY.roa
File:                     cdOf_I9n6i_Ki2He_DKjB-WIafY.roa (raw, json)
Hash identifier:          8LeHaAR5khTOCgMMBKFjJN6OxWZnqBRX+ceDAOWFupY=
Subject key identifier:   71:D3:9F:FC:8F:67:EA:2F:CA:8B:61:DE:FC:32:A3:07:E5:88:69:F6
Certificate issuer:       /CN=BD69002D0E8B7ED2C3D1D5D07AE6922C7497F02D
Certificate serial:       04
Authority key identifier: BD:69:00:2D:0E:8B:7E:D2:C3:D1:D5:D0:7A:E6:92:2C:74:97:F0:2D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/vWkALQ6LftLD0dXQeuaSLHSX8C0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/977/cdOf_I9n6i_Ki2He_DKjB-WIafY.roa
Signing time:             Mon 28 Aug 2023 02:00:26 +0000
ROA not before:           Mon 28 Aug 2023 02:00:26 +0000
ROA not after:            Wed 21 Aug 2024 06:10:04 +0000
asID:                     23784
IP address blocks:        124.150.152.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Wed 07 Aug 2024 06:09:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BD69002D0E8B7ED2C3D1D5D07AE6922C7497F02D
        Validity
            Not Before: Aug 28 02:00:26 2023 GMT
            Not After : Aug 21 06:10:04 2024 GMT
        Subject: CN=71D39FFC8F67EA2FCA8B61DEFC32A307E58869F6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:29:04:14:22:f0:41:39:ca:82:58:eb:c7:3a:
                    45:77:2a:37:d3:22:f6:cd:f4:34:b3:ee:fb:a4:70:
                    22:32:58:20:a1:55:8f:65:e2:57:ba:1f:c8:f8:fb:
                    23:a2:39:55:4e:e6:24:56:6a:ee:a7:c6:26:9c:30:
                    61:22:ab:9a:bc:5e:cd:34:82:dd:09:f8:8e:85:4a:
                    46:c8:0c:45:20:38:91:d7:31:c2:47:bf:64:03:be:
                    71:1b:5d:34:3e:69:dc:6b:8e:be:ab:ef:40:4b:be:
                    cc:98:de:d6:8b:af:36:88:64:ba:82:c3:3e:5d:ab:
                    23:bd:ef:84:7f:1e:46:88:ea:0b:bc:a7:a2:7a:cb:
                    95:56:20:d9:57:b1:a8:19:56:96:1c:4f:8f:5b:cd:
                    42:25:1c:65:96:43:58:29:80:23:79:1d:42:bd:fd:
                    1c:29:82:35:a4:6d:11:d2:b8:26:c4:7e:ad:16:03:
                    29:07:81:2c:45:4b:07:b2:7a:6e:99:ac:6b:86:2d:
                    c2:fe:3a:42:09:7d:f6:26:4b:9c:29:a5:bd:a9:b9:
                    68:b3:87:fd:ff:ce:e4:a2:94:43:7f:94:e6:e3:65:
                    ab:21:70:ca:9c:da:5f:dc:c9:8f:51:17:3c:89:22:
                    f2:01:66:4d:4b:c3:ac:fc:82:34:0d:e5:82:05:df:
                    b8:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D3:9F:FC:8F:67:EA:2F:CA:8B:61:DE:FC:32:A3:07:E5:88:69:F6
            X509v3 Authority Key Identifier:
                keyid:BD:69:00:2D:0E:8B:7E:D2:C3:D1:D5:D0:7A:E6:92:2C:74:97:F0:2D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/977/vWkALQ6LftLD0dXQeuaSLHSX8C0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/vWkALQ6LftLD0dXQeuaSLHSX8C0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/977/cdOf_I9n6i_Ki2He_DKjB-WIafY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.150.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         61:32:3b:3e:a2:f6:04:06:03:ac:f5:46:49:97:03:7f:ce:a9:
         29:91:95:d5:c2:65:b9:36:da:07:02:6d:24:a9:1c:21:9b:68:
         fc:94:dd:ef:56:e5:b6:ff:22:93:ba:6e:c1:0e:5c:da:79:33:
         1c:bc:79:c7:4a:64:a7:7d:19:fe:66:a8:c4:06:84:76:27:66:
         36:a5:7a:ba:cf:db:89:f7:16:87:7f:48:fd:12:79:0a:0b:cc:
         d9:51:a2:21:e5:ce:bd:46:f4:00:47:bf:07:e2:22:c6:b9:bd:
         78:56:48:4c:18:0a:10:53:aa:3e:0b:20:c1:1a:5f:6a:ac:1a:
         fd:4d:6a:c4:13:ef:37:49:3e:37:d0:a7:f3:9a:c9:a0:9d:f0:
         bf:0d:a7:32:55:0a:f4:96:9f:36:7d:5f:f6:7b:8f:cd:fb:23:
         d6:64:80:4e:7d:81:5f:c0:00:1b:b5:4d:4c:c7:af:7f:ed:5b:
         ba:c6:32:cc:cf:9b:e1:82:2a:04:de:28:5a:6d:36:dc:4f:ee:
         6b:07:f7:c4:6c:50:29:ec:ae:f0:38:8f:df:7b:0e:57:81:38:
         f5:2f:49:77:d7:3a:eb:76:08:17:c2:ba:5a:3a:2e:83:68:3f:
         d4:03:45:43:5c:0d:55:61:5f:61:9f:4e:12:c0:1c:4c:55:4c:
         aa:bd:7a:2f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCRDY5
MDAyRDBFOEI3RUQyQzNEMUQ1RDA3QUU2OTIyQzc0OTdGMDJEMB4XDTIzMDgyODAy
MDAyNloXDTI0MDgyMTA2MTAwNFowMzExMC8GA1UEAxMoNzFEMzlGRkM4RjY3RUEy
RkNBOEI2MURFRkMzMkEzMDdFNTg4NjlGNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKwpBBQi8EE5yoJY68c6RXcqN9Mi9s30NLPu+6RwIjJYIKFVj2Xi
V7ofyPj7I6I5VU7mJFZq7qfGJpwwYSKrmrxezTSC3Qn4joVKRsgMRSA4kdcxwke/
ZAO+cRtdND5p3GuOvqvvQEu+zJje1ouvNohkuoLDPl2rI73vhH8eRojqC7ynonrL
lVYg2VexqBlWlhxPj1vNQiUcZZZDWCmAI3kdQr39HCmCNaRtEdK4JsR+rRYDKQeB
LEVLB7J6bpmsa4Ytwv46Qgl99iZLnCmlvam5aLOH/f/O5KKUQ3+U5uNlqyFwypza
X9zJj1EXPIki8gFmTUvDrPyCNA3lggXfuI0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRx05/8j2fqL8qLYd78MqMH5Yhp9jAfBgNVHSMEGDAWgBS9aQAtDot+0sPR1dB6
5pIsdJfwLTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvOTc3L3ZXa0FMUTZMZnRMRDBkWFFldWFTTEhTWDhDMC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3ZXa0FMUTZMZnRMRDBkWFFldWFTTEhT
WDhDMC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC85NzcvY2RPZl9JOW42aV9LaTJIZV9ES2pCLVdJYWZZLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA3yWmDANBgkqhkiG9w0BAQsFAAOCAQEAYTI7PqL2BAYDrPVGSZcDf86pKZGV
1cJluTbaBwJtJKkcIZto/JTd71bltv8ik7puwQ5c2nkzHLx5x0pkp30Z/maoxAaE
didmNqV6us/bifcWh39I/RJ5CgvM2VGiIeXOvUb0AEe/B+Iixrm9eFZITBgKEFOq
PgsgwRpfaqwa/U1qxBPvN0k+N9Cn85rJoJ3wvw2nMlUK9JafNn1f9nuPzfsj1mSA
Tn2BX8AAG7VNTMevf+1busYyzM+b4YIqBN4oWm023E/uawf3xGxQKeyu8DiP33sO
V4E49S9Jd9c663YIF8K6Wjoug2g/1ANFQ1wNVWFfYZ9OEsAcTFVMqr16Lw==
-----END CERTIFICATE-----
Generated at Wed Aug 7 08:50:25 2024 by rpki-client on console-ams.rpki-client.org