Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/a-Qf6UM-KzS5FgObd9O_Ge67s1w.roa
File:                     a-Qf6UM-KzS5FgObd9O_Ge67s1w.roa (raw, json)
Hash identifier:          KkyRpw70t60Rrp9gIhYOFuunKsnmmvjdKoRiUWyRnmM=
Subject key identifier:   6B:E4:1F:E9:43:3E:2B:34:B9:16:03:9B:77:D3:BF:19:EE:BB:B3:5C
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0D4E
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/a-Qf6UM-KzS5FgObd9O_Ge67s1w.roa
Signing time:             Mon 15 Jan 2024 21:25:51 +0000
ROA not before:           Mon 15 Jan 2024 21:25:51 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        101.136.0.0/14 maxlen: 14

Validation:               Failed, certificate revoked on Thu 23 May 2024 06:21:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3406 (0xd4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:25:51 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=6BE41FE9433E2B34B916039B77D3BF19EEBBB35C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:00:b7:8a:b8:e8:1f:20:8a:d3:c6:40:9e:2f:
                    36:21:3b:0b:9d:1e:2e:2b:50:4c:34:d7:39:56:db:
                    b0:52:db:02:68:63:2f:da:29:93:70:95:bc:f5:2f:
                    67:d6:99:7a:5f:27:20:46:39:d7:52:e6:a7:57:8d:
                    e4:df:b4:63:17:31:b5:ae:47:34:6c:05:70:6d:37:
                    bb:63:f8:34:69:5a:9a:45:d4:48:bf:fd:9f:de:fb:
                    22:6b:fc:a4:62:70:21:68:99:2f:6d:3d:50:09:f8:
                    0a:01:4a:a4:46:5f:cc:fe:f0:2c:79:a2:15:fc:cb:
                    09:6a:e3:40:00:20:f6:99:46:78:42:d9:30:0c:37:
                    d3:9b:be:b6:d2:23:4c:77:fe:eb:e8:c9:c3:67:01:
                    d8:3e:fe:4b:38:87:2c:46:40:13:f4:6e:34:e3:09:
                    a2:71:a0:bc:c0:bd:9b:74:04:40:67:6a:7d:20:83:
                    01:50:b4:f8:bf:08:80:a1:73:bc:fd:b8:ce:5a:9e:
                    92:38:fb:7f:bf:f6:44:68:85:d2:6a:eb:cf:3b:5c:
                    ee:59:ce:f5:17:56:83:c9:6c:5c:22:19:a2:96:09:
                    3a:f2:2a:04:f9:dd:fe:72:18:b9:0d:81:0a:ad:39:
                    de:4e:53:9f:76:3a:2c:05:de:e0:4c:c3:fb:38:a6:
                    06:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:E4:1F:E9:43:3E:2B:34:B9:16:03:9B:77:D3:BF:19:EE:BB:B3:5C
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/a-Qf6UM-KzS5FgObd9O_Ge67s1w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  101.136.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         86:77:6c:39:66:2a:9a:c5:51:bb:96:48:c3:b9:af:97:ac:2e:
         b6:81:3a:97:eb:1b:56:cf:32:88:86:ac:3f:a7:3b:c0:c0:3e:
         28:66:9f:c3:0b:7f:fd:2f:f5:c9:80:0b:58:f9:98:7f:5c:16:
         ef:fe:1f:8a:79:d0:09:b7:6a:25:31:c7:bd:cd:a9:2d:29:8d:
         ea:43:8f:04:95:60:a3:69:9e:aa:65:b3:0e:7f:f5:d6:fb:90:
         e8:2d:f0:7f:1f:15:47:45:a4:bb:40:2c:c0:6c:4a:e0:23:22:
         f7:a2:bb:33:97:2f:fe:d6:d9:1c:fb:74:3e:74:99:b5:31:0f:
         f4:73:ed:af:a2:ff:a4:e8:85:f5:14:1b:d8:cd:e7:da:85:c7:
         6b:53:28:1a:a2:9f:79:de:fc:37:2f:f9:a8:41:d8:5b:84:82:
         eb:65:f8:df:85:e9:32:ea:47:db:b3:44:ec:a7:d6:5e:e5:17:
         c6:a2:90:12:41:c2:40:6a:a0:73:73:22:8a:38:41:36:28:70:
         99:7d:0b:9a:0e:cf:3b:2e:09:9a:9d:95:03:16:bd:b5:a9:70:
         fb:b9:7e:19:f7:6e:12:d9:25:00:32:0c:5e:5b:3e:74:d2:2f:
         4a:98:5a:81:8c:dc:bb:37:e8:b1:e8:f7:5b:fe:3a:53:1a:fd:
         2e:f1:c5:75
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICDU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTI1NTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDZCRTQxRkU5NDMzRTJC
MzRCOTE2MDM5Qjc3RDNCRjE5RUVCQkIzNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbALeKuOgfIIrTxkCeLzYhOwudHi4rUEw01zlW27BS2wJoYy/a
KZNwlbz1L2fWmXpfJyBGOddS5qdXjeTftGMXMbWuRzRsBXBtN7tj+DRpWppF1Ei/
/Z/e+yJr/KRicCFomS9tPVAJ+AoBSqRGX8z+8Cx5ohX8ywlq40AAIPaZRnhC2TAM
N9ObvrbSI0x3/uvoycNnAdg+/ks4hyxGQBP0bjTjCaJxoLzAvZt0BEBnan0ggwFQ
tPi/CIChc7z9uM5anpI4+3+/9kRohdJq6887XO5ZzvUXVoPJbFwiGaKWCTryKgT5
3f5yGLkNgQqtOd5OU592OiwF3uBMw/s4pgbbAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUa+Qf6UM+KzS5FgObd9O/Ge67s1wwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2EtUWY2VU0tS3pTNUZnT2JkOU9fR2U2
N3Mxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwJliDANBgkq
hkiG9w0BAQsFAAOCAQEAhndsOWYqmsVRu5ZIw7mvl6wutoE6l+sbVs8yiIasP6c7
wMA+KGafwwt//S/1yYALWPmYf1wW7/4finnQCbdqJTHHvc2pLSmN6kOPBJVgo2me
qmWzDn/11vuQ6C3wfx8VR0Wku0AswGxK4CMi96K7M5cv/tbZHPt0PnSZtTEP9HPt
r6L/pOiF9RQb2M3n2oXHa1MoGqKfed78Ny/5qEHYW4SC62X434XpMupH27NE7KfW
XuUXxqKQEkHCQGqgc3MiijhBNihwmX0Lmg7POy4Jmp2VAxa9talw+7l+GfduEtkl
ADIMXls+dNIvSphagYzcuzfosej3W/46Uxr9LvHFdQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org