Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a333030303a3a2f34302d3438203d3e20313939323033.roa
File:                     326131323a646434373a333030303a3a2f34302d3438203d3e20313939323033.roa (raw, json)
Hash identifier:          vfoumhUbxWl+IyHbLDjC2roD9laSBoeMWUEaXWXNlcc=
Subject key identifier:   87:0A:1E:54:2A:62:D7:E0:91:00:FE:B3:AB:36:0B:8C:5E:BB:5E:37
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       442DDB29A17DA33907BA0444D4AD8030C5C5957B
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a333030303a3a2f34302d3438203d3e20313939323033.roa
Signing time:             Tue 17 Oct 2023 16:13:30 +0000
ROA not before:           Tue 17 Oct 2023 16:08:30 +0000
ROA not after:            Tue 15 Oct 2024 16:13:30 +0000
asID:                     199203
IP address blocks:        2a12:dd47:3000::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 29 Jan 2024 23:57:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:2d:db:29:a1:7d:a3:39:07:ba:04:44:d4:ad:80:30:c5:c5:95:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:30 2023 GMT
            Not After : Oct 15 16:13:30 2024 GMT
        Subject: CN=870A1E542A62D7E09100FEB3AB360B8C5EBB5E37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:97:7d:42:28:e5:54:22:90:0f:43:1a:1b:7b:
                    91:42:50:d9:eb:8e:88:c5:bf:1d:3f:8e:c0:38:fa:
                    8f:c0:08:af:5f:0d:88:ae:5b:26:b7:43:e9:3e:53:
                    47:25:75:3e:34:89:48:0f:13:8c:82:db:47:27:a8:
                    38:71:7d:9b:bd:47:6e:63:7b:7e:07:9e:81:55:dd:
                    bb:c2:87:d9:b0:80:94:fb:31:4d:2b:d6:a5:0a:dd:
                    48:72:c5:06:22:60:64:3a:29:0f:d2:5b:5f:c0:41:
                    06:ee:7c:79:d2:1a:24:ab:9f:d0:d0:a6:16:c7:e8:
                    46:e9:83:9a:3e:6c:5a:30:8c:b3:17:2f:d5:90:d7:
                    6c:20:41:64:6d:7e:f3:86:55:0a:ac:bb:ff:09:47:
                    db:24:31:1f:67:cf:f1:01:e2:55:67:b7:df:8c:55:
                    f2:06:6d:cc:13:12:fe:44:1a:87:13:20:02:ba:13:
                    fc:07:b3:b2:8e:83:7a:a4:2f:29:c1:bb:41:99:d0:
                    b2:2d:59:b9:3b:04:53:fb:d8:5b:66:ca:d8:ab:b7:
                    31:07:80:e6:a8:f1:37:ef:3b:4f:39:02:8e:fd:c8:
                    e7:94:6c:2a:e6:be:04:ed:8b:76:b6:c8:7a:38:af:
                    61:c5:1d:2b:ef:a8:c3:88:18:3c:53:12:91:1b:fe:
                    12:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:0A:1E:54:2A:62:D7:E0:91:00:FE:B3:AB:36:0B:8C:5E:BB:5E:37
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a333030303a3a2f34302d3438203d3e20313939323033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:3000::/40

    Signature Algorithm: sha256WithRSAEncryption
         3e:34:f8:7e:cd:6c:45:a8:27:b9:68:65:23:32:4f:38:62:30:
         4e:b7:65:ce:7d:8e:33:70:46:a7:b5:d2:0b:08:bc:44:4d:36:
         52:8c:1d:81:b9:fa:0d:d8:86:6f:b0:e5:b4:ee:8f:a2:1c:2d:
         31:c6:b0:a5:02:d3:b7:2b:38:75:d4:6c:17:f0:a8:97:6b:4a:
         18:7f:b0:1c:c7:d4:f5:02:4e:72:b7:a3:4a:a6:50:fd:8d:41:
         b6:96:45:9d:52:b2:49:a0:fa:f2:8e:11:50:31:96:33:cf:2a:
         bc:c3:33:c1:b3:c4:04:03:8e:71:b5:82:cb:aa:cd:49:17:2c:
         aa:82:75:39:87:71:a6:fc:9d:12:8e:b5:c4:b5:1c:eb:bb:c6:
         9e:ea:7d:41:ca:16:63:d7:85:ef:d9:ed:78:ec:14:ec:70:3c:
         70:bb:98:25:83:fa:6f:47:71:17:9e:2f:a2:2d:3e:1e:00:87:
         f6:e9:c8:8c:33:c4:d4:a7:19:e5:ed:26:48:72:a1:d0:d3:54:
         4d:1d:33:8b:fc:29:df:a6:9e:32:d4:4f:25:17:11:df:83:1a:
         94:2d:64:e5:40:8c:6f:19:2e:3b:f0:e8:3c:b9:47:b5:5d:b3:
         6e:19:92:b9:7f:18:82:4f:0c:58:78:98:1a:3a:c6:cd:42:4b:
         9a:46:e7:01
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIURC3bKaF9ozkHugRE1K2AMMXFlXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzBaFw0yNDEwMTUxNjEzMzBaMDMxMTAvBgNV
BAMTKDg3MEExRTU0MkE2MkQ3RTA5MTAwRkVCM0FCMzYwQjhDNUVCQjVFMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDul31CKOVUIpAPQxobe5FCUNnr
jojFvx0/jsA4+o/ACK9fDYiuWya3Q+k+U0cldT40iUgPE4yC20cnqDhxfZu9R25j
e34HnoFV3bvCh9mwgJT7MU0r1qUK3UhyxQYiYGQ6KQ/SW1/AQQbufHnSGiSrn9DQ
phbH6Ebpg5o+bFowjLMXL9WQ12wgQWRtfvOGVQqsu/8JR9skMR9nz/EB4lVnt9+M
VfIGbcwTEv5EGocTIAK6E/wHs7KOg3qkLynBu0GZ0LItWbk7BFP72FtmytirtzEH
gOao8TfvO085Ao79yOeUbCrmvgTti3a2yHo4r2HFHSvvqMOIGDxTEpEb/hJTAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUhwoeVCpi1+CRAP6zqzYLjF67XjcwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTMzMzAzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzEzOTM5MzIzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdRzAwDQYJKoZI
hvcNAQELBQADggEBAD40+H7NbEWoJ7loZSMyTzhiME63Zc59jjNwRqe10gsIvERN
NlKMHYG5+g3Yhm+w5bTuj6IcLTHGsKUC07crOHXUbBfwqJdrShh/sBzH1PUCTnK3
o0qmUP2NQbaWRZ1Sskmg+vKOEVAxljPPKrzDM8GzxAQDjnG1gsuqzUkXLKqCdTmH
cab8nRKOtcS1HOu7xp7qfUHKFmPXhe/Z7XjsFOxwPHC7mCWD+m9HcReeL6ItPh4A
h/bpyIwzxNSnGeXtJkhyodDTVE0dM4v8Kd+mnjLUTyUXEd+DGpQtZOVAjG8ZLjvw
6Dy5R7Vds24Zkrl/GIJPDFh4mBo6xs1CS5pG5wE=
-----END CERTIFICATE-----
Generated at Tue Jan 30 02:28:26 2024 by rpki-client on console-ams.rpki-client.org