Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/990/OGZtVJZmJn3Wm314U2PUeBlrGxM.roa
File:                     OGZtVJZmJn3Wm314U2PUeBlrGxM.roa (raw, json)
Hash identifier:          xMJNQy0vu3tSTSa6pHxGJNWCl0nmpMOOBR41+bmQrFY=
Subject key identifier:   38:66:6D:54:96:66:26:7D:D6:9B:7D:78:53:63:D4:78:19:6B:1B:13
Certificate issuer:       /CN=71B974F0FD34DDC354AF961A78E84E511D351A63
Certificate serial:       02
Authority key identifier: 71:B9:74:F0:FD:34:DD:C3:54:AF:96:1A:78:E8:4E:51:1D:35:1A:63
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cbl08P003cNUr5YaeOhOUR01GmM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/990/OGZtVJZmJn3Wm314U2PUeBlrGxM.roa
Signing time:             Tue 12 Sep 2023 01:30:04 +0000
ROA not before:           Tue 12 Sep 2023 01:30:04 +0000
ROA not after:            Wed 14 Aug 2024 01:30:02 +0000
asID:                     131965
IP address blocks:        85.131.192.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 Jul 2024 01:32:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71B974F0FD34DDC354AF961A78E84E511D351A63
        Validity
            Not Before: Sep 12 01:30:04 2023 GMT
            Not After : Aug 14 01:30:02 2024 GMT
        Subject: CN=38666D549666267DD69B7D785363D478196B1B13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:06:41:26:13:33:5d:d7:89:e5:64:23:fd:8a:
                    89:18:70:36:0f:90:25:53:a5:64:41:b4:a4:75:45:
                    a5:1a:c8:75:94:7b:1f:be:09:04:34:13:e0:07:f8:
                    0a:af:45:93:e9:e3:70:9f:62:aa:69:14:9d:dd:f1:
                    ed:46:33:92:da:a1:c4:cd:b3:e4:55:c3:40:22:93:
                    78:fc:be:f6:d6:94:c2:da:f0:e3:4c:1c:cc:13:56:
                    d4:38:6e:b7:4e:b5:3b:4f:70:b9:4d:60:67:bf:ad:
                    9d:88:09:7d:57:e8:c7:4e:10:53:87:48:e1:48:28:
                    1a:f7:3d:4a:c0:73:e8:bc:c2:d8:14:ad:12:41:9f:
                    2b:42:af:f0:24:d2:3b:58:64:a1:9e:ff:fa:a0:5a:
                    87:36:3e:a9:89:1c:0b:ed:87:71:c7:d0:ab:e3:cc:
                    37:e1:ca:91:82:76:4d:4d:3a:2e:22:11:64:e8:bf:
                    ab:85:fd:f6:8f:b6:eb:ed:00:00:cc:df:a5:67:68:
                    2e:68:48:69:4b:69:6b:50:91:ea:2a:3a:c9:db:c3:
                    74:60:f0:1f:47:c0:bd:0b:78:5b:ec:e4:0f:d3:1d:
                    ce:d1:98:b2:aa:57:4c:36:a2:94:7b:9e:30:30:62:
                    fb:69:9f:cc:b0:5c:5e:16:2e:dc:a0:48:32:a3:e0:
                    3f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:66:6D:54:96:66:26:7D:D6:9B:7D:78:53:63:D4:78:19:6B:1B:13
            X509v3 Authority Key Identifier:
                keyid:71:B9:74:F0:FD:34:DD:C3:54:AF:96:1A:78:E8:4E:51:1D:35:1A:63

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/990/cbl08P003cNUr5YaeOhOUR01GmM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cbl08P003cNUr5YaeOhOUR01GmM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/990/OGZtVJZmJn3Wm314U2PUeBlrGxM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.131.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         3e:56:44:b2:9c:b0:1f:92:a9:c6:1c:b6:28:40:73:28:72:ba:
         2c:b2:fc:a3:33:0c:bb:c4:c3:19:49:f8:77:85:14:48:7f:da:
         31:12:75:fa:8f:9b:68:12:e5:6f:5d:2f:9e:d1:c5:81:b1:39:
         81:c5:92:fd:6e:0a:ed:4b:39:92:ae:56:e2:49:33:9e:ad:c7:
         50:34:dd:a0:35:dd:79:ea:33:5b:12:b0:c2:06:21:25:4f:5d:
         81:ba:5c:89:a3:7f:55:3e:86:3e:80:9c:b6:64:3c:c0:49:6f:
         f0:1e:4e:90:7e:f0:b7:0a:68:bd:dc:55:ba:0b:8d:72:09:76:
         42:2e:47:38:b1:a5:22:5b:28:b2:72:8c:ba:ca:11:21:d8:4c:
         56:dd:e3:0a:09:c8:1a:67:f9:2b:60:14:25:ab:a0:25:3f:5f:
         3f:39:7d:64:6e:68:9c:f0:57:55:48:c1:3b:7c:83:d6:8b:68:
         9c:f8:b2:d3:87:47:71:80:59:27:2a:f9:47:a1:48:e2:7b:40:
         f9:eb:1a:cd:1a:63:05:19:1c:ad:c8:b3:0c:a5:a3:8a:4f:3b:
         52:bf:89:ef:d1:a2:bd:f3:f4:fb:ea:c3:c5:c2:35:a1:9c:90:
         3b:d8:3d:d2:57:82:56:fd:71:09:52:55:64:f3:92:8b:9a:9f:
         27:8a:8c:01
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MUI5
NzRGMEZEMzREREMzNTRBRjk2MUE3OEU4NEU1MTFEMzUxQTYzMB4XDTIzMDkxMjAx
MzAwNFoXDTI0MDgxNDAxMzAwMlowMzExMC8GA1UEAxMoMzg2NjZENTQ5NjY2MjY3
REQ2OUI3RDc4NTM2M0Q0NzgxOTZCMUIxMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMgGQSYTM13XieVkI/2KiRhwNg+QJVOlZEG0pHVFpRrIdZR7H74J
BDQT4Af4Cq9Fk+njcJ9iqmkUnd3x7UYzktqhxM2z5FXDQCKTePy+9taUwtrw40wc
zBNW1Dhut061O09wuU1gZ7+tnYgJfVfox04QU4dI4UgoGvc9SsBz6LzC2BStEkGf
K0Kv8CTSO1hkoZ7/+qBahzY+qYkcC+2HccfQq+PMN+HKkYJ2TU06LiIRZOi/q4X9
9o+26+0AAMzfpWdoLmhIaUtpa1CR6io6ydvDdGDwH0fAvQt4W+zkD9MdztGYsqpX
TDailHueMDBi+2mfzLBcXhYu3KBIMqPgP+UCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQ4Zm1UlmYmfdabfXhTY9R4GWsbEzAfBgNVHSMEGDAWgBRxuXTw/TTdw1Svlhp4
6E5RHTUaYzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvOTkwL2NibDA4UDAwM2NOVXI1WWFlT2hPVVIwMUdtTS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2NibDA4UDAwM2NOVXI1WWFlT2hPVVIw
MUdtTS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC85OTAvT0dadFZKWm1KbjNXbTMxNFUyUFVlQmxyR3hNLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBlWDwDANBgkqhkiG9w0BAQsFAAOCAQEAPlZEspywH5Kpxhy2KEBzKHK6LLL8
ozMMu8TDGUn4d4UUSH/aMRJ1+o+baBLlb10vntHFgbE5gcWS/W4K7Us5kq5W4kkz
nq3HUDTdoDXdeeozWxKwwgYhJU9dgbpciaN/VT6GPoCctmQ8wElv8B5OkH7wtwpo
vdxVuguNcgl2Qi5HOLGlIlsosnKMusoRIdhMVt3jCgnIGmf5K2AUJaugJT9fPzl9
ZG5onPBXVUjBO3yD1otonPiy04dHcYBZJyr5R6FI4ntA+esazRpjBRkcrcizDKWj
ik87Ur+J79GivfP0++rDxcI1oZyQO9g90leCVv1xCVJVZPOSi5qfJ4qMAQ==
-----END CERTIFICATE-----
Generated at Wed Jul 31 03:15:27 2024 by rpki-client on console-fra.rpki-client.org