Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/COLIN/m1NSAis_8akCYunSr583Vn4YWzE.roa
File:                     m1NSAis_8akCYunSr583Vn4YWzE.roa (raw, json)
Hash identifier:          v27LH7pJMXbmS/ez+V//unW8spWucwmWoLKZ7+G6ZwU=
Subject key identifier:   9B:53:52:02:2B:3F:F1:A9:02:62:E9:D2:AF:9F:37:56:7E:18:5B:31
Certificate issuer:       /CN=9700C068EFA9A6B2E6879310C9AEA030DC8B2AD1
Certificate serial:       07
Authority key identifier: 97:00:C0:68:EF:A9:A6:B2:E6:87:93:10:C9:AE:A0:30:DC:8B:2A:D1
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/lwDAaO-pprLmh5MQya6gMNyLKtE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/COLIN/m1NSAis_8akCYunSr583Vn4YWzE.roa
Signing time:             Tue 29 Aug 2023 15:57:43 +0000
ROA not before:           Tue 29 Aug 2023 15:57:43 +0000
ROA not after:            Thu 22 Aug 2024 08:53:09 +0000
asID:                     131642
IP address blocks:        103.6.124.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 24 Mar 2024 14:23:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9700C068EFA9A6B2E6879310C9AEA030DC8B2AD1
        Validity
            Not Before: Aug 29 15:57:43 2023 GMT
            Not After : Aug 22 08:53:09 2024 GMT
        Subject: CN=9B5352022B3FF1A90262E9D2AF9F37567E185B31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c2:a0:f9:d3:f0:c9:18:66:a0:0c:11:2e:db:
                    a3:5c:63:56:39:a0:57:29:7f:b3:5d:69:23:e2:b4:
                    33:3b:7c:1d:c6:66:a6:74:49:2c:97:d0:c7:e9:8c:
                    7b:00:60:0b:cd:3e:32:82:12:94:f1:d7:c3:43:f2:
                    85:5d:0a:8b:c8:51:44:e1:1e:66:7b:84:be:c8:fd:
                    10:fb:42:db:fa:88:1b:76:77:e1:b3:75:1d:38:9c:
                    7e:01:ed:b2:91:b6:d4:aa:91:db:1b:5c:c9:4f:f9:
                    e1:c1:96:8a:8d:65:f0:01:73:86:e2:c9:7c:00:05:
                    c6:60:4c:d3:a0:c6:15:ab:4d:35:b6:f1:53:27:5d:
                    32:fb:2b:dd:fb:a4:c2:30:53:22:19:4b:9b:6e:62:
                    c9:da:22:ac:02:c1:7f:29:9d:9c:b9:6f:17:fc:0f:
                    6d:ef:27:8c:e9:7f:11:7d:d9:02:8a:f5:74:64:44:
                    a4:23:d3:bc:24:4e:03:43:9f:71:42:5e:ae:37:9e:
                    90:05:83:cf:74:6c:81:90:d3:50:7c:ab:2d:41:2e:
                    ea:d8:0c:e8:b2:cf:47:7e:08:bd:a8:97:dd:c0:87:
                    8e:88:8e:61:62:65:a0:11:58:c2:21:09:1f:2d:1d:
                    34:fb:d5:ca:16:76:e2:68:c4:c3:91:5c:11:93:f6:
                    0f:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:53:52:02:2B:3F:F1:A9:02:62:E9:D2:AF:9F:37:56:7E:18:5B:31
            X509v3 Authority Key Identifier:
                keyid:97:00:C0:68:EF:A9:A6:B2:E6:87:93:10:C9:AE:A0:30:DC:8B:2A:D1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/COLIN/lwDAaO-pprLmh5MQya6gMNyLKtE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/lwDAaO-pprLmh5MQya6gMNyLKtE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/COLIN/m1NSAis_8akCYunSr583Vn4YWzE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.6.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:0c:91:39:af:5e:8f:18:29:e6:92:c0:7f:5e:e7:bd:7a:73:
         6f:0a:68:87:10:ad:0e:ee:9c:a4:aa:43:90:d7:03:36:3b:54:
         57:95:74:4b:e2:22:34:c8:4e:1e:41:cd:9e:16:dc:9f:c7:f7:
         c5:14:87:6d:b4:02:34:ce:17:06:f6:25:2a:67:c4:f7:91:95:
         af:49:9a:a2:d6:d0:c9:30:c1:13:e5:2b:0e:9a:27:5a:b3:6c:
         04:47:04:38:55:87:7b:2e:c0:cd:fc:20:6e:cf:ff:78:0c:0c:
         6c:18:f5:1e:1b:e8:e7:d8:80:13:a1:27:17:23:26:4e:ee:c3:
         ac:1e:e7:77:9e:7b:30:9d:f9:ae:cb:92:9b:36:e0:82:ff:12:
         74:33:27:b0:9c:b5:8c:6f:28:e7:03:c4:9a:2f:64:f8:d0:bd:
         9a:05:6a:94:00:37:16:00:82:57:a5:a5:50:44:39:23:de:b8:
         6a:a3:9b:80:69:0f:f4:52:a2:d5:ae:70:dd:6a:1d:8d:1f:3a:
         d3:8c:02:e9:6d:10:ed:2c:cb:18:1d:aa:00:73:8d:05:e1:28:
         b9:03:dd:79:e0:51:9e:3e:a7:30:b6:9e:4f:34:a3:7f:a7:11:
         76:55:c2:ab:d7:16:7b:7a:70:d0:3d:aa:0c:b8:27:9f:31:0d:
         32:41:10:f8
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NzAw
QzA2OEVGQTlBNkIyRTY4NzkzMTBDOUFFQTAzMERDOEIyQUQxMB4XDTIzMDgyOTE1
NTc0M1oXDTI0MDgyMjA4NTMwOVowMzExMC8GA1UEAxMoOUI1MzUyMDIyQjNGRjFB
OTAyNjJFOUQyQUY5RjM3NTY3RTE4NUIzMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALrCoPnT8MkYZqAMES7bo1xjVjmgVyl/s11pI+K0Mzt8HcZmpnRJ
LJfQx+mMewBgC80+MoISlPHXw0PyhV0Ki8hRROEeZnuEvsj9EPtC2/qIG3Z34bN1
HTicfgHtspG21KqR2xtcyU/54cGWio1l8AFzhuLJfAAFxmBM06DGFatNNbbxUydd
Mvsr3fukwjBTIhlLm25iydoirALBfymdnLlvF/wPbe8njOl/EX3ZAor1dGREpCPT
vCROA0OfcUJerjeekAWDz3RsgZDTUHyrLUEu6tgM6LLPR34IvaiX3cCHjoiOYWJl
oBFYwiEJHy0dNPvVyhZ24mjEw5FcEZP2DzMCAwEAAaOCAewwggHoMB0GA1UdDgQW
BBSbU1ICKz/xqQJi6dKvnzdWfhhbMTAfBgNVHSMEGDAWgBSXAMBo76mmsuaHkxDJ
rqAw3Isq0TAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DT0xJTi9s
d0RBYU8tcHByTG1oNU1ReWE2Z01OeUxLdEUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2x3REFhTy1wcHJMbWg1TVF5YTZnTU55TEt0RS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0NPTElOL20xTlNBaXNfOGFrQ1l1blNyNTgz
Vm40WVd6RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnBnww
DQYJKoZIhvcNAQELBQADggEBAJwMkTmvXo8YKeaSwH9e5716c28KaIcQrQ7unKSq
Q5DXAzY7VFeVdEviIjTITh5BzZ4W3J/H98UUh220AjTOFwb2JSpnxPeRla9JmqLW
0MkwwRPlKw6aJ1qzbARHBDhVh3suwM38IG7P/3gMDGwY9R4b6OfYgBOhJxcjJk7u
w6we53eeezCd+a7Lkps24IL/EnQzJ7CctYxvKOcDxJovZPjQvZoFapQANxYAglel
pVBEOSPeuGqjm4BpD/RSotWucN1qHY0fOtOMAultEO0syxgdqgBzjQXhKLkD3Xng
UZ4+pzC2nk80o3+nEXZVwqvXFnt6cNA9qgy4J58xDTJBEPg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org