Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Nwj74oHpAq_o74Up99st2Boy5sE.roa
File:                     Nwj74oHpAq_o74Up99st2Boy5sE.roa (raw, json)
Hash identifier:          Fiku1SEB78Hl5ICktgLckFsFssSn5H4z0nnC8wMgYZo=
Subject key identifier:   37:08:FB:E2:81:E9:02:AF:E8:EF:85:29:F7:DB:2D:D8:1A:32:E6:C1
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Nwj74oHpAq_o74Up99st2Boy5sE.roa
Signing time:             Thu 15 Sep 2022 02:48:01 +0000
ROA not before:           Thu 15 Sep 2022 02:48:01 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     198949
IP address blocks:        210.242.186.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3446 (0xd76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 15 02:48:01 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=3708FBE281E902AFE8EF8529F7DB2DD81A32E6C1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d2:a6:70:77:08:1b:fc:ec:e8:e7:90:4c:11:
                    52:9e:70:ac:08:e5:9c:b2:db:51:77:95:38:22:a8:
                    b6:48:f5:14:2c:8b:8d:c1:ca:f7:9a:bc:84:c8:27:
                    8a:8b:7b:2f:42:ed:f7:1e:95:bc:9f:9c:8b:32:13:
                    1d:0d:18:bb:c3:5f:c0:85:a7:37:aa:8a:ff:54:18:
                    51:34:fc:e7:bf:da:eb:e4:88:69:8f:1a:9f:96:65:
                    3b:df:bc:e5:94:65:e6:8c:89:1c:45:65:cb:18:e8:
                    dc:7d:9a:ef:a0:da:a0:b2:6a:10:07:39:00:5b:c7:
                    02:7f:9d:f3:50:98:1f:5c:be:6b:a6:ca:ff:6f:4a:
                    94:e8:1b:16:eb:e1:30:9b:5f:94:80:a7:9e:eb:a7:
                    eb:24:d5:d5:9c:bd:b9:46:1a:4f:55:89:c0:2d:17:
                    9d:d4:e5:fc:f9:19:e3:cc:2e:86:5b:76:9f:80:cb:
                    3c:a2:f6:64:65:1c:ba:68:41:ca:d0:38:19:9a:72:
                    b6:69:c8:6a:97:3a:57:fe:c4:fe:47:f5:23:aa:01:
                    df:25:6b:49:8b:5d:77:d5:24:ea:be:37:88:f2:06:
                    e4:2d:71:0f:b4:50:18:d1:35:bd:db:aa:2f:2c:0b:
                    44:37:20:ce:df:da:1a:5b:89:5b:9a:36:76:d6:6d:
                    7c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:08:FB:E2:81:E9:02:AF:E8:EF:85:29:F7:DB:2D:D8:1A:32:E6:C1
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Nwj74oHpAq_o74Up99st2Boy5sE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.242.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:37:74:79:5f:b7:a1:0e:13:19:64:50:75:94:9a:05:2a:fa:
         a0:7e:c7:8d:d5:59:7a:84:b6:1f:43:25:69:e3:2a:d1:76:dc:
         bd:41:39:58:fc:3e:ae:db:93:7f:7e:81:ec:89:12:93:31:37:
         e3:4b:6d:52:b3:b4:c0:2d:4c:07:16:de:c1:1c:53:19:4a:1f:
         11:3f:a1:3b:08:29:a4:57:9b:c6:d0:4a:84:7c:7a:61:ab:2a:
         64:55:d7:72:6a:48:54:a2:62:4a:5a:a5:16:13:23:f0:3b:ef:
         3a:e7:32:62:f9:82:d8:bd:be:8a:8a:35:30:80:64:61:4e:95:
         44:18:fe:f3:ba:07:83:ae:17:24:b4:f9:24:1c:18:79:dd:a2:
         62:b3:66:5f:9a:46:f4:04:d3:78:59:81:7c:83:26:6c:ff:35:
         82:cb:e2:1a:32:41:dc:4f:90:44:17:aa:7e:53:af:40:9b:1a:
         12:d8:7a:60:65:ad:fc:84:c3:b0:bb:1c:8b:09:f5:59:f0:be:
         02:1c:b9:5a:8d:93:0e:9b:b6:98:50:b2:15:f9:77:ec:95:78:
         89:16:1b:9b:ff:c8:3d:cc:1c:be:12:ff:50:d7:ea:85:e6:29:
         e4:6e:10:df:fa:fb:52:6f:fc:78:ed:48:19:68:33:96:71:e8:
         14:c3:8a:b3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM3MDhGQkUyODFFOTAy
QUZFOEVGODUyOUY3REIyREQ4MUEzMkU2QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy0qZwdwgb/Ozo55BMEVKecKwI5Zyy21F3lTgiqLZI9RQsi43B
yveavITIJ4qLey9C7fcelbyfnIsyEx0NGLvDX8CFpzeqiv9UGFE0/Oe/2uvkiGmP
Gp+WZTvfvOWUZeaMiRxFZcsY6Nx9mu+g2qCyahAHOQBbxwJ/nfNQmB9cvmumyv9v
SpToGxbr4TCbX5SAp57rp+sk1dWcvblGGk9VicAtF53U5fz5GePMLoZbdp+Ayzyi
9mRlHLpoQcrQOBmacrZpyGqXOlf+xP5H9SOqAd8la0mLXXfVJOq+N4jyBuQtcQ+0
UBjRNb3bqi8sC0Q3IM7f2hpbiVuaNnbWbXyhAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUNwj74oHpAq/o74Up99st2Boy5sEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Od2o3NG9IcEFxX283NFVwOTlz
dDJCb3k1c0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0vK6
MA0GCSqGSIb3DQEBCwUAA4IBAQAnN3R5X7ehDhMZZFB1lJoFKvqgfseN1Vl6hLYf
QyVp4yrRdty9QTlY/D6u25N/foHsiRKTMTfjS21Ss7TALUwHFt7BHFMZSh8RP6E7
CCmkV5vG0EqEfHphqypkVddyakhUomJKWqUWEyPwO+865zJi+YLYvb6KijUwgGRh
TpVEGP7zugeDrhcktPkkHBh53aJis2Zfmkb0BNN4WYF8gyZs/zWCy+IaMkHcT5BE
F6p+U69AmxoS2HpgZa38hMOwuxyLCfVZ8L4CHLlajZMOm7aYULIV+XfslXiJFhub
/8g9zBy+Ev9Q1+qF5inkbhDf+vtSb/x47UgZaDOWcegUw4qz
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:28:15 2023 by rpki-client on console-fra.rpki-client.org