Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/aP58tc29aR0Rlcx91bSqKbkbZ2w.roa
File:                     aP58tc29aR0Rlcx91bSqKbkbZ2w.roa (raw, json)
Hash identifier:          pTj9HUyFIOZNNjvReS5mBT/x55OBLrEtWswX33ZbwXY=
Subject key identifier:   68:FE:7C:B5:CD:BD:69:1D:11:95:CC:7D:D5:B4:AA:29:B9:1B:67:6C
Certificate issuer:       /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial:       0D05
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/aP58tc29aR0Rlcx91bSqKbkbZ2w.roa
Signing time:             Thu 15 Sep 2022 02:37:08 +0000
ROA not before:           Thu 15 Sep 2022 02:37:08 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24168
IP address blocks:        103.136.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3333 (0xd05)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
        Validity
            Not Before: Sep 15 02:37:08 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=68FE7CB5CDBD691D1195CC7DD5B4AA29B91B676C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:65:ff:dd:ea:8f:89:31:64:76:9d:46:a2:32:
                    24:18:db:c4:d0:51:a6:9e:85:5b:97:0d:24:11:93:
                    1b:dd:e6:12:e8:6b:c3:53:87:42:be:f9:bb:df:1b:
                    c7:d3:fa:95:ce:ee:8f:ef:5b:97:70:fb:82:ec:04:
                    3b:03:91:db:c4:23:d0:80:5d:de:44:71:a0:f3:c3:
                    66:e1:ec:94:24:2a:32:14:50:c5:72:e0:02:9a:04:
                    f7:4f:34:f6:ec:19:4a:94:e3:9f:d9:ce:20:88:75:
                    65:b5:36:84:09:a0:1c:9d:a5:9a:33:b5:8f:37:49:
                    fd:ad:8c:8d:70:dd:ee:07:66:b7:46:8e:2e:1c:ff:
                    95:00:64:35:ce:b4:5f:8b:ad:99:df:fe:c3:04:6f:
                    44:94:24:cc:b1:e4:5b:e6:ca:0e:cd:dd:7d:fd:fb:
                    d8:7a:6d:d6:35:46:13:86:53:df:d3:ab:4e:3e:3f:
                    db:98:5b:5b:84:d8:d4:b3:a9:e9:87:4d:bb:73:d1:
                    5b:fc:75:4a:70:4c:e2:fa:5d:05:93:8f:f5:83:c8:
                    57:71:af:f4:7c:18:9e:8c:b5:b5:95:b3:d0:fd:0c:
                    ef:2d:88:f1:77:09:9b:6f:70:0f:53:56:c1:e6:65:
                    d2:14:6f:5d:91:cd:65:33:e7:2e:1d:4f:f6:e6:6c:
                    78:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:FE:7C:B5:CD:BD:69:1D:11:95:CC:7D:D5:B4:AA:29:B9:1B:67:6C
            X509v3 Authority Key Identifier:
                keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/aP58tc29aR0Rlcx91bSqKbkbZ2w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.136.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:10:f0:6f:46:b7:d1:64:17:74:9a:de:ea:b3:2d:1c:f3:21:
         73:c6:c0:e9:b5:37:26:58:57:f5:47:30:c3:c1:f5:59:f0:3c:
         fc:45:e8:b1:b8:af:8d:6b:df:e8:b9:2a:0f:eb:a5:06:bc:42:
         54:27:af:1b:d4:16:97:f2:48:90:f3:8c:d8:d5:8e:4d:fd:d3:
         dd:5d:8a:55:60:37:ea:86:fd:05:bc:2e:d8:85:c8:b1:78:9f:
         2d:1d:0e:bb:b7:e6:9e:e5:4e:bc:44:29:16:78:d8:f5:2b:d0:
         35:51:7d:e1:e4:a0:e5:24:6a:bb:a0:73:ca:57:38:1e:f1:50:
         35:f7:e2:a5:45:46:4a:65:1c:d3:cf:89:c4:fd:df:bf:d6:28:
         fb:e3:52:2e:19:5e:77:2a:9b:52:ea:96:e3:f5:6e:00:01:0b:
         43:73:ea:60:da:ef:42:61:be:0d:fc:04:80:b4:aa:af:db:2a:
         35:3b:71:af:ac:cd:c9:f4:81:9b:ba:e6:b4:f7:99:7e:32:01:
         cf:f6:75:29:92:6d:44:ec:74:a6:89:0d:d7:87:9e:ea:82:c6:
         bc:92:28:14:fa:55:79:cc:31:67:c6:bc:50:44:26:87:a2:d7:
         c0:7a:7a:a5:ed:a4:72:c4:86:00:d1:c6:e2:12:09:69:ac:45:
         3f:b8:69:18
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMjA5MTUw
MjM3MDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY4RkU3Q0I1Q0RCRDY5
MUQxMTk1Q0M3REQ1QjRBQTI5QjkxQjY3NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBZf/d6o+JMWR2nUaiMiQY28TQUaaehVuXDSQRkxvd5hLoa8NT
h0K++bvfG8fT+pXO7o/vW5dw+4LsBDsDkdvEI9CAXd5EcaDzw2bh7JQkKjIUUMVy
4AKaBPdPNPbsGUqU45/ZziCIdWW1NoQJoBydpZoztY83Sf2tjI1w3e4HZrdGji4c
/5UAZDXOtF+LrZnf/sMEb0SUJMyx5Fvmyg7N3X39+9h6bdY1RhOGU9/Tq04+P9uY
W1uE2NSzqemHTbtz0Vv8dUpwTOL6XQWTj/WDyFdxr/R8GJ6MtbWVs9D9DO8tiPF3
CZtvcA9TVsHmZdIUb12RzWUz5y4dT/bmbHjNAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUaP58tc29aR0Rlcx91bSqKbkbZ2wwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL2FQNTh0YzI5YVIwUmxjeDkxYlNxS2Jr
Yloydy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniDwwDQYJ
KoZIhvcNAQELBQADggEBADUQ8G9Gt9FkF3Sa3uqzLRzzIXPGwOm1NyZYV/VHMMPB
9VnwPPxF6LG4r41r3+i5Kg/rpQa8QlQnrxvUFpfySJDzjNjVjk39091dilVgN+qG
/QW8LtiFyLF4ny0dDru35p7lTrxEKRZ42PUr0DVRfeHkoOUkarugc8pXOB7xUDX3
4qVFRkplHNPPicT937/WKPvjUi4ZXncqm1LqluP1bgABC0Nz6mDa70Jhvg38BIC0
qq/bKjU7ca+szcn0gZu65rT3mX4yAc/2dSmSbUTsdKaJDdeHnuqCxrySKBT6VXnM
MWfGvFBEJoei18B6eqXtpHLEhgDRxuISCWmsRT+4aRg=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:03:15 2023 by rpki-client on console-fra.rpki-client.org