Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/990/QNxgp_uRupOwvFp88eoPj01l-Fc.roa
File:                     QNxgp_uRupOwvFp88eoPj01l-Fc.roa (raw, json)
Hash identifier:          lpwOF2wmYKkuIc8VadpbvFpzeWp1xh+OCXXv4qzR+Z8=
Subject key identifier:   40:DC:60:A7:FB:91:BA:93:B0:BC:5A:7C:F1:EA:0F:8F:4D:65:F8:57
Certificate issuer:       /CN=42E32457C16BA874216A8F5DBB0D335BD148CB31
Certificate serial:       07
Authority key identifier: 42:E3:24:57:C1:6B:A8:74:21:6A:8F:5D:BB:0D:33:5B:D1:48:CB:31
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/QuMkV8FrqHQhao9duw0zW9FIyzE.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/990/QNxgp_uRupOwvFp88eoPj01l-Fc.roa
Signing time:             Wed 28 Jun 2023 01:13:40 +0000
ROA not before:           Wed 28 Jun 2023 01:13:40 +0000
ROA not after:            Sat 15 Jun 2024 06:45:48 +0000
asID:                     131965
IP address blocks:        175.28.4.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 01 Jun 2024 06:45:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42E32457C16BA874216A8F5DBB0D335BD148CB31
        Validity
            Not Before: Jun 28 01:13:40 2023 GMT
            Not After : Jun 15 06:45:48 2024 GMT
        Subject: CN=40DC60A7FB91BA93B0BC5A7CF1EA0F8F4D65F857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:17:df:5b:0f:aa:e9:3b:68:8c:35:fc:c2:44:
                    4c:f4:ca:ac:0f:ff:7f:0d:ba:1e:1e:99:fd:78:2c:
                    47:a3:72:8c:8b:c2:35:61:56:78:3e:8f:2d:59:4a:
                    be:c3:35:ed:c6:42:14:a0:69:e7:50:ca:8f:41:55:
                    00:3d:3d:56:35:67:52:c0:1b:5b:80:c5:47:6b:69:
                    76:15:12:c8:70:b6:1a:5a:d0:46:8a:d0:bb:3a:86:
                    20:fb:f4:09:ea:ea:91:3e:e1:92:81:e5:2d:05:d8:
                    48:aa:67:ac:c8:8b:09:85:b9:aa:aa:6a:27:5f:cd:
                    76:72:4c:ec:35:67:c6:04:ee:af:b2:f9:b8:18:81:
                    dd:67:18:9a:0d:41:66:c0:f6:12:ef:2b:de:5a:e0:
                    81:3c:a2:d8:84:30:ad:fc:aa:3c:f0:91:8c:b2:a6:
                    37:94:e7:84:74:a6:2e:f5:7b:e2:da:f6:9a:55:07:
                    ef:04:01:b3:96:41:b0:7f:cf:ad:86:d0:c2:27:f5:
                    a7:0d:c3:8e:22:5e:89:62:1f:be:86:07:57:70:76:
                    f9:85:b7:c8:9d:65:47:be:73:ad:d8:68:86:d6:b5:
                    65:00:b2:35:36:1b:69:31:2d:2e:66:b4:56:54:5e:
                    fc:79:bc:e9:f0:77:02:3f:d1:5e:aa:e6:f4:3c:0b:
                    94:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:DC:60:A7:FB:91:BA:93:B0:BC:5A:7C:F1:EA:0F:8F:4D:65:F8:57
            X509v3 Authority Key Identifier:
                keyid:42:E3:24:57:C1:6B:A8:74:21:6A:8F:5D:BB:0D:33:5B:D1:48:CB:31

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/990/QuMkV8FrqHQhao9duw0zW9FIyzE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/QuMkV8FrqHQhao9duw0zW9FIyzE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/990/QNxgp_uRupOwvFp88eoPj01l-Fc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.28.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:cb:ba:f3:dd:d3:61:db:0b:39:a9:41:7d:44:ce:b0:6a:29:
         0b:47:3e:84:28:6d:33:e0:f6:c5:20:7c:c8:f5:9f:32:3e:e5:
         68:06:d7:c4:d1:e1:d6:44:7d:8e:a6:3d:54:88:10:76:9e:07:
         1e:91:85:42:a6:75:ae:07:c6:4d:95:66:7c:55:9f:f1:c5:30:
         27:d5:4a:4f:8a:9d:6f:cb:42:6a:3e:58:57:e2:77:22:eb:f7:
         cb:88:09:22:20:90:29:08:1b:38:e5:2b:20:e3:a0:8c:3a:72:
         ff:b2:ba:cc:58:54:73:2b:14:04:80:f9:c4:1c:bf:dc:0d:6b:
         3a:6d:de:d9:45:20:72:c6:3c:97:fe:b1:42:0e:42:40:e0:10:
         c8:a0:16:af:03:2a:56:ce:64:5e:f6:80:25:6b:2f:e5:a9:b2:
         fe:14:ab:a0:5d:be:d5:5a:7b:84:c8:b7:08:30:36:02:f0:63:
         5d:36:47:e4:3d:01:c9:c1:5a:68:19:52:6c:53:f5:c4:82:df:
         39:20:61:be:aa:d2:21:c5:93:d4:c3:1e:cc:44:7a:26:e7:bd:
         db:28:38:88:79:a6:9a:64:5a:75:92:42:25:ed:5b:76:64:f6:
         2e:8b:71:af:a7:7d:99:a7:34:d4:8f:a0:b8:27:16:e4:9a:08:
         85:ab:b9:26
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0MkUz
MjQ1N0MxNkJBODc0MjE2QThGNURCQjBEMzM1QkQxNDhDQjMxMB4XDTIzMDYyODAx
MTM0MFoXDTI0MDYxNTA2NDU0OFowMzExMC8GA1UEAxMoNDBEQzYwQTdGQjkxQkE5
M0IwQkM1QTdDRjFFQTBGOEY0RDY1Rjg1NzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL4X31sPquk7aIw1/MJETPTKrA//fw26Hh6Z/XgsR6NyjIvCNWFW
eD6PLVlKvsM17cZCFKBp51DKj0FVAD09VjVnUsAbW4DFR2tpdhUSyHC2GlrQRorQ
uzqGIPv0CerqkT7hkoHlLQXYSKpnrMiLCYW5qqpqJ1/NdnJM7DVnxgTur7L5uBiB
3WcYmg1BZsD2Eu8r3lrggTyi2IQwrfyqPPCRjLKmN5TnhHSmLvV74tr2mlUH7wQB
s5ZBsH/PrYbQwif1pw3DjiJeiWIfvoYHV3B2+YW3yJ1lR75zrdhohta1ZQCyNTYb
aTEtLma0VlRe/Hm86fB3Aj/RXqrm9DwLlLkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRA3GCn+5G6k7C8Wnzx6g+PTWX4VzAfBgNVHSMEGDAWgBRC4yRXwWuodCFqj127
DTNb0UjLMTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvOTkwL1F1TWtWOEZycUhRaGFvOWR1dzB6VzlGSXl6RS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1F1TWtWOEZycUhRaGFvOWR1dzB6VzlG
SXl6RS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC85OTAvUU54Z3BfdVJ1cE93dkZwODhlb1BqMDFsLUZjLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAq8cBDANBgkqhkiG9w0BAQsFAAOCAQEAHMu6893TYdsLOalBfUTOsGopC0c+
hChtM+D2xSB8yPWfMj7laAbXxNHh1kR9jqY9VIgQdp4HHpGFQqZ1rgfGTZVmfFWf
8cUwJ9VKT4qdb8tCaj5YV+J3Iuv3y4gJIiCQKQgbOOUrIOOgjDpy/7K6zFhUcysU
BID5xBy/3A1rOm3e2UUgcsY8l/6xQg5CQOAQyKAWrwMqVs5kXvaAJWsv5amy/hSr
oF2+1Vp7hMi3CDA2AvBjXTZH5D0BycFaaBlSbFP1xILfOSBhvqrSIcWT1MMezER6
Jue92yg4iHmmmmRadZJCJe1bdmT2Lotxr6d9mac01I+guCcW5JoIhau5Jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:02 2024 by rpki-client on console-fra.rpki-client.org