Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ASNET/P5wHD_oIDbb0QUEbUimxVlzqlEE.roa
File:                     P5wHD_oIDbb0QUEbUimxVlzqlEE.roa (raw, json)
Hash identifier:          8c6H0tkiPikpcyM6d4O2kwG5kLrwZziJq4B4e4gK8QE=
Subject key identifier:   3F:9C:07:0F:FA:08:0D:B6:F4:41:41:1B:52:29:B1:56:5C:EA:94:41
Certificate issuer:       /CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
Certificate serial:       0BFD
Authority key identifier: 70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/P5wHD_oIDbb0QUEbUimxVlzqlEE.roa
Signing time:             Mon 01 Jul 2024 00:00:52 +0000
ROA not before:           Mon 01 Jul 2024 00:00:52 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24167
IP address blocks:        117.103.96.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Fri 26 Jul 2024 07:56:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3069 (0xbfd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
        Validity
            Not Before: Jul  1 00:00:52 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=3F9C070FFA080DB6F441411B5229B1565CEA9441
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:3b:23:b8:ed:4c:11:36:03:fd:88:53:3f:74:
                    b2:32:b5:d8:f1:fb:e3:c9:4d:78:cf:fc:41:36:55:
                    9a:dd:8c:48:f4:10:08:c8:91:f3:7d:06:fc:71:9c:
                    3a:3c:7e:5e:ec:57:79:36:3b:b3:af:88:24:8b:75:
                    d1:c8:46:75:11:b4:12:a3:ee:08:9b:51:f7:2a:9e:
                    52:84:94:5b:83:34:30:8f:c8:6f:fe:fc:d9:25:29:
                    a2:b8:e7:42:bd:76:19:6c:03:97:4f:8e:50:98:8c:
                    91:fe:7c:92:c0:c5:2d:5e:ac:a3:be:ad:55:15:02:
                    85:7a:a2:e3:eb:a0:26:dc:94:df:e6:7f:43:53:14:
                    8b:b7:59:cc:5e:d3:6a:91:f2:44:0c:c1:02:3d:44:
                    7b:98:e4:cf:88:58:96:97:d2:3b:c1:69:85:ad:a1:
                    2a:72:f0:6c:5d:77:ac:05:9e:14:e5:41:79:55:73:
                    8f:44:79:87:3d:fb:26:31:bd:29:34:a6:be:61:2b:
                    35:04:65:35:74:27:23:97:b2:25:39:35:1b:74:92:
                    df:0a:8f:f7:8e:9b:1a:fc:8a:2f:4e:07:75:9f:be:
                    72:02:84:b4:12:f7:ab:d8:f3:fd:2b:aa:84:75:ce:
                    73:bf:b6:af:07:be:27:7a:05:51:9e:4b:c7:c7:9d:
                    ff:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:9C:07:0F:FA:08:0D:B6:F4:41:41:1B:52:29:B1:56:5C:EA:94:41
            X509v3 Authority Key Identifier:
                keyid:70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/cJhPAIyij2R120JjU7_RxDPYvBo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/P5wHD_oIDbb0QUEbUimxVlzqlEE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.103.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d4:bd:f8:5c:ad:44:55:c2:7e:c7:81:a8:e6:88:dc:c3:e9:99:
         76:92:76:f8:7c:17:c6:40:40:2e:0b:e0:36:b8:19:b7:1d:66:
         af:0b:74:ec:51:cb:79:e5:ae:fe:38:0e:84:88:41:61:ca:65:
         98:fd:3a:be:bb:e1:f7:24:14:a0:f5:0c:27:5e:4b:2c:6c:dc:
         c6:5b:e1:c9:cb:33:9c:fb:bc:9c:17:6d:c8:45:e2:0c:af:f5:
         a0:20:88:ec:53:d2:da:1f:67:76:3c:9f:84:aa:d2:c5:f1:44:
         07:06:5d:05:2b:bc:22:90:54:05:c8:ec:e0:c2:ca:4c:9a:64:
         ee:65:4b:e2:98:13:9b:3b:02:c7:02:7f:48:77:b2:7f:8d:d4:
         cb:b6:7d:ea:ba:e8:c8:f9:65:3d:d2:50:71:8e:5b:2c:0c:21:
         26:c2:90:ce:88:6b:b2:b1:0a:86:05:fc:89:ed:dc:71:b5:5c:
         49:41:04:20:f4:08:73:b9:50:f8:2d:dc:f9:0b:52:12:a0:5a:
         ee:3a:d1:31:8d:cf:07:4a:99:0d:e0:54:ae:8a:62:30:f3:93:
         a9:3c:3b:7b:ff:29:2a:36:ab:28:0a:76:7e:7c:76:7d:a9:f9:
         c7:4f:ef:39:85:ce:31:d2:54:7a:f8:1d:d3:0a:84:e4:7b:fe:
         5e:25:9c:e6
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC/0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA5
ODRGMDA4Q0EyOEY2NDc1REI0MjYzNTNCRkQxQzQzM0Q4QkMxQTAeFw0yNDA3MDEw
MDAwNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNGOUMwNzBGRkEwODBE
QjZGNDQxNDExQjUyMjlCMTU2NUNFQTk0NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWOyO47UwRNgP9iFM/dLIytdjx++PJTXjP/EE2VZrdjEj0EAjI
kfN9BvxxnDo8fl7sV3k2O7OviCSLddHIRnURtBKj7gibUfcqnlKElFuDNDCPyG/+
/NklKaK450K9dhlsA5dPjlCYjJH+fJLAxS1erKO+rVUVAoV6ouProCbclN/mf0NT
FIu3Wcxe02qR8kQMwQI9RHuY5M+IWJaX0jvBaYWtoSpy8Gxdd6wFnhTlQXlVc49E
eYc9+yYxvSk0pr5hKzUEZTV0JyOXsiU5NRt0kt8Kj/eOmxr8ii9OB3WfvnIChLQS
96vY8/0rqoR1znO/tq8Hvid6BVGeS8fHnf9DAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUP5wHD/oIDbb0QUEbUimxVlzqlEEwHwYDVR0jBBgwFoAUcJhPAIyij2R120Jj
U7/RxDPYvBowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVNORVQv
Y0poUEFJeWlqMlIxMjBKalU3X1J4RFBZdkJvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9jSmhQQUl5aWoyUjEyMEpqVTdfUnhEUFl2Qm8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BU05FVC9QNXdIRF9vSURiYjBRVUViVWlt
eFZsenFsRUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEdWdg
MA0GCSqGSIb3DQEBCwUAA4IBAQDUvfhcrURVwn7HgajmiNzD6Zl2knb4fBfGQEAu
C+A2uBm3HWavC3TsUct55a7+OA6EiEFhymWY/Tq+u+H3JBSg9QwnXkssbNzGW+HJ
yzOc+7ycF23IReIMr/WgIIjsU9LaH2d2PJ+EqtLF8UQHBl0FK7wikFQFyOzgwspM
mmTuZUvimBObOwLHAn9Id7J/jdTLtn3quujI+WU90lBxjlssDCEmwpDOiGuysQqG
BfyJ7dxxtVxJQQQg9AhzuVD4Ldz5C1ISoFruOtExjc8HSpkN4FSuimIw85OpPDt7
/ykqNqsoCnZ+fHZ9qfnHT+85hc4x0lR6+B3TCoTke/5eJZzm
-----END CERTIFICATE-----
Generated at Fri Jul 26 10:04:39 2024 by rpki-client on console-ams.rpki-client.org