Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/AS945/2/323030313a3530333a666634343a3a2f34382d3438203d3e20343031313131.roa
File:                     323030313a3530333a666634343a3a2f34382d3438203d3e20343031313131.roa (raw, json)
Hash identifier:          GHcyL8GHsymj0WTPK+EU93ru5FIs7N3Wk0Gi/m34yTU=
Subject key identifier:   68:D0:45:21:E7:4A:9D:EC:7D:44:A7:66:4C:1E:70:7A:9E:69:5C:62
Certificate issuer:       /CN=1A8C29884038907EDD0174FADC751F16456E1C56
Certificate serial:       419162B5C222033F596E54769A317731025FEDC2
Authority key identifier: 1A:8C:29:88:40:38:90:7E:DD:01:74:FA:DC:75:1F:16:45:6E:1C:56
Authority info access:    rsync://dev.tw/rpki/August/7/1A8C29884038907EDD0174FADC751F16456E1C56.cer
Subject info access:      rsync://dev.tw/rpki/AS945/2/323030313a3530333a666634343a3a2f34382d3438203d3e20343031313131.roa
Signing time:             Tue 22 Oct 2024 22:51:21 +0000
ROA not before:           Tue 22 Oct 2024 22:46:21 +0000
ROA not after:            Tue 21 Oct 2025 22:51:21 +0000
asID:                     401111
IP address blocks:        2001:503:ff44::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 09 Nov 2024 14:15:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:91:62:b5:c2:22:03:3f:59:6e:54:76:9a:31:77:31:02:5f:ed:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1A8C29884038907EDD0174FADC751F16456E1C56
        Validity
            Not Before: Oct 22 22:46:21 2024 GMT
            Not After : Oct 21 22:51:21 2025 GMT
        Subject: CN=68D04521E74A9DEC7D44A7664C1E707A9E695C62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9b:62:8f:19:ac:26:b3:dc:06:4b:b1:6b:dd:
                    3b:2f:7e:ba:e5:91:0d:e8:31:28:99:18:6a:db:1c:
                    35:a9:a2:56:5d:36:95:bc:4a:e8:08:88:71:de:b3:
                    1f:35:93:19:c3:76:bd:d1:a1:5d:e8:af:5b:79:1c:
                    9b:dc:fe:d1:4e:60:54:b5:dc:a2:1b:65:1f:cd:72:
                    77:44:d5:86:90:91:7c:4c:64:ce:7c:32:37:eb:49:
                    4b:63:23:e3:a0:9b:c5:fe:e0:a2:19:cc:ab:c7:7a:
                    ef:10:e2:ee:70:af:e8:cd:62:29:a2:37:8a:51:42:
                    58:87:3e:03:d7:9e:c8:0a:df:4b:f7:f6:7d:60:7c:
                    8f:77:ff:19:1b:22:77:8e:a1:57:d8:a2:fe:19:72:
                    46:07:37:be:9a:de:4a:56:f5:ed:c5:00:ce:05:31:
                    9f:a8:a5:6c:21:6f:41:d4:33:47:c7:c4:5a:f3:3a:
                    8d:69:17:40:a1:6f:45:66:cd:06:00:48:d2:51:ad:
                    3d:82:35:1d:a8:49:81:8b:20:68:4c:64:70:1e:d2:
                    12:9e:6d:97:83:a5:1d:73:ec:12:be:02:db:b3:e6:
                    83:2f:f4:f5:dd:03:d2:5d:c5:dc:38:a6:46:b4:3c:
                    15:c0:63:37:31:2c:fc:bc:21:74:66:89:b2:a5:bb:
                    e9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:D0:45:21:E7:4A:9D:EC:7D:44:A7:66:4C:1E:70:7A:9E:69:5C:62
            X509v3 Authority Key Identifier:
                keyid:1A:8C:29:88:40:38:90:7E:DD:01:74:FA:DC:75:1F:16:45:6E:1C:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/AS945/2/1A8C29884038907EDD0174FADC751F16456E1C56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/7/1A8C29884038907EDD0174FADC751F16456E1C56.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/AS945/2/323030313a3530333a666634343a3a2f34382d3438203d3e20343031313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:503:ff44::/48

    Signature Algorithm: sha256WithRSAEncryption
         1e:32:0a:bc:f7:7b:1a:9f:2f:6f:36:56:fe:2a:46:8d:a8:d6:
         07:f1:e1:85:13:bf:a4:de:97:0f:3e:96:a4:7a:d1:b6:fd:bf:
         90:e1:a7:cb:14:40:6f:d1:cf:66:b9:5b:95:14:dd:9f:46:b6:
         5d:1a:ad:f6:fe:0b:e5:e8:2c:30:3d:78:28:d7:1b:c7:b0:10:
         98:f7:2b:26:e1:60:5a:fc:cf:88:5b:c7:d3:62:a8:d5:fe:db:
         c8:76:29:5b:d6:27:14:e8:49:6b:5a:83:d2:20:ce:cc:86:43:
         f7:a7:1d:0d:d1:14:91:31:e9:dd:3e:65:44:f5:1c:5c:13:9d:
         70:85:be:8e:18:55:2f:09:4d:df:2a:de:e2:1d:6f:4b:b9:b4:
         6f:06:5c:0a:17:98:e6:a5:29:c2:c3:1c:74:8b:e7:60:6b:1b:
         e1:90:08:0a:e3:d5:f9:ba:06:d5:7e:27:cd:38:4c:ee:30:54:
         c2:a9:63:6f:07:57:3c:4d:a9:1b:2e:33:6b:ca:ce:90:35:6b:
         72:3d:27:85:1b:b5:58:30:29:6f:ba:0f:39:21:27:9e:6e:50:
         04:8e:e5:39:4b:8d:ec:75:63:3a:37:fd:b9:ec:b6:4b:69:11:
         f8:92:7d:5a:e2:d1:a3:de:d9:55:58:2c:fa:72:2f:dd:fd:56:
         da:be:0d:0b
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIUQZFitcIiAz9ZblR2mjF3MQJf7cIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE4QzI5ODg0MDM4OTA3RUREMDE3NEZBREM3NTFGMTY0
NTZFMUM1NjAeFw0yNDEwMjIyMjQ2MjFaFw0yNTEwMjEyMjUxMjFaMDMxMTAvBgNV
BAMTKDY4RDA0NTIxRTc0QTlERUM3RDQ0QTc2NjRDMUU3MDdBOUU2OTVDNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHm2KPGawms9wGS7Fr3Tsvfrrl
kQ3oMSiZGGrbHDWpolZdNpW8SugIiHHesx81kxnDdr3RoV3or1t5HJvc/tFOYFS1
3KIbZR/NcndE1YaQkXxMZM58MjfrSUtjI+Ogm8X+4KIZzKvHeu8Q4u5wr+jNYimi
N4pRQliHPgPXnsgK30v39n1gfI93/xkbIneOoVfYov4ZckYHN76a3kpW9e3FAM4F
MZ+opWwhb0HUM0fHxFrzOo1pF0Chb0VmzQYASNJRrT2CNR2oSYGLIGhMZHAe0hKe
bZeDpR1z7BK+Atuz5oMv9PXdA9Jdxdw4pka0PBXAYzcxLPy8IXRmibKlu+nHAgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUaNBFIedKnex9RKdmTB5wep5pXGIwHwYDVR0j
BBgwFoAUGowpiEA4kH7dAXT63HUfFkVuHFYwDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMi8xQThDMjk4
ODQwMzg5MDdFREQwMTc0RkFEQzc1MUYxNjQ1NkUxQzU2LmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0Lzcv
MUE4QzI5ODg0MDM4OTA3RUREMDE3NEZBREM3NTFGMTY0NTZFMUM1Ni5jZXIwegYI
KwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzIvMzIzMDMwMzEzYTM1MzAzMzNhNjY2NjM0MzQzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzNDMwMzEzMTMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQUD/0QwDQYJKoZIhvcN
AQELBQADggEBAB4yCrz3exqfL282Vv4qRo2o1gfx4YUTv6Telw8+lqR60bb9v5Dh
p8sUQG/Rz2a5W5UU3Z9Gtl0arfb+C+XoLDA9eCjXG8ewEJj3KybhYFr8z4hbx9Ni
qNX+28h2KVvWJxToSWtag9IgzsyGQ/enHQ3RFJEx6d0+ZUT1HFwTnXCFvo4YVS8J
Td8q3uIdb0u5tG8GXAoXmOalKcLDHHSL52BrG+GQCArj1fm6BtV+J804TO4wVMKp
Y28HVzxNqRsuM2vKzpA1a3I9J4UbtVgwKW+6DzkhJ55uUASO5TlLjex1Yzo3/bns
tktpEfiSfVri0aPe2VVYLPpyL939Vtq+DQs=
-----END CERTIFICATE-----
Generated at Sat Nov 9 18:07:18 2024 by rpki-client on console-ams.rpki-client.org