Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/id3GEm-qpuy37hERty9uSyqW5x4.roa
File:                     id3GEm-qpuy37hERty9uSyqW5x4.roa (raw, json)
Hash identifier:          qc/Nf4g7UZrJ/sLu2mP9GYy8NcmK2ozkisMQwJLsWaY=
Subject key identifier:   89:DD:C6:12:6F:AA:A6:EC:B7:EE:11:11:B7:2F:6E:4B:2A:96:E7:1E
Certificate issuer:       /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial:       0469
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/id3GEm-qpuy37hERty9uSyqW5x4.roa
Signing time:             Thu 15 Sep 2022 02:34:56 +0000
ROA not before:           Thu 15 Sep 2022 02:34:56 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     20473
IP address blocks:        2406:48c0::/32 maxlen: 32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1129 (0x469)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
        Validity
            Not Before: Sep 15 02:34:56 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=89DDC6126FAAA6ECB7EE1111B72F6E4B2A96E71E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:8f:03:6b:3e:0f:0c:f6:f4:0b:bf:6e:81:76:
                    dd:54:e9:bf:d7:c2:fb:ac:ae:be:ba:c6:a3:f1:09:
                    6c:5b:fc:4a:75:50:07:0d:51:f7:8a:7d:ee:18:f7:
                    52:26:6e:25:f9:54:f4:2a:fc:b6:d8:cc:63:f8:d4:
                    63:f6:cc:1c:91:79:66:99:bf:15:d1:98:68:c7:2c:
                    4c:00:20:46:46:4b:d8:f2:75:29:ba:82:49:92:1c:
                    ea:09:f0:72:92:6f:ce:7b:72:36:14:b4:ca:a1:9e:
                    e5:21:d0:0a:d1:94:94:22:9e:0e:06:ad:7a:fa:fc:
                    80:f6:05:c4:c2:bd:14:10:c0:25:79:f9:07:73:79:
                    90:30:83:1e:e6:ab:85:65:4e:e0:02:4f:3a:96:bd:
                    a2:f3:71:23:cd:10:1f:a8:cb:86:84:4e:9b:fa:1e:
                    db:55:ef:91:40:01:01:9c:a1:0c:7e:eb:8f:f2:85:
                    11:bd:37:a3:ae:25:27:16:2a:60:fb:95:33:19:24:
                    64:96:3d:73:c5:2d:50:3b:c8:94:a2:ff:0c:2c:8e:
                    2d:95:40:55:f2:9e:78:d2:63:b5:90:84:88:42:6b:
                    55:1d:ed:a1:44:f1:fb:dc:cd:06:c0:ad:58:59:cd:
                    ec:3a:7e:74:a6:bf:89:9a:5f:57:e8:43:b1:bf:1a:
                    2f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:DD:C6:12:6F:AA:A6:EC:B7:EE:11:11:B7:2F:6E:4B:2A:96:E7:1E
            X509v3 Authority Key Identifier:
                keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/id3GEm-qpuy37hERty9uSyqW5x4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:48c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         2e:60:b2:b7:64:52:f3:1f:4d:41:cf:1f:e4:bb:cb:ec:52:36:
         ac:85:33:13:66:42:01:9c:0f:db:c7:38:c9:15:17:48:63:f0:
         a9:39:63:37:f3:2e:6e:ab:ec:3d:08:ab:9a:11:52:3d:dd:eb:
         88:8e:5d:63:af:c2:19:10:d3:44:5e:a8:45:ce:58:b5:2c:85:
         18:3d:d4:c4:e6:06:75:6b:3c:6e:52:9e:ec:28:bf:cd:d2:3a:
         77:9b:ee:6c:51:d1:78:8b:b9:a6:fc:99:57:1c:24:27:92:47:
         77:4e:36:fa:4d:4a:d2:29:77:b8:a5:c5:20:9e:1d:76:9a:68:
         67:99:79:ec:ea:dd:28:3a:18:5a:a0:d6:12:b3:04:bd:c6:62:
         b8:34:11:1f:e6:11:02:55:fc:c3:cb:ce:57:6b:1b:eb:ed:94:
         46:47:cd:c6:b4:f7:79:eb:b3:41:f7:a6:bc:20:7e:2e:93:8d:
         8d:01:1a:aa:19:6e:b6:70:d9:64:f4:66:e0:29:82:d3:fc:68:
         8c:67:cb:9a:43:fe:24:33:2d:14:10:43:b3:d4:11:04:a2:a5:
         9c:a5:16:32:ba:f6:b0:65:cf:0c:4e:44:8c:c8:34:a5:cb:6e:
         b8:02:14:04:b8:0d:16:30:e8:cf:8b:7f:3f:87:0e:96:4c:2f:
         41:85:5d:92
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICBGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMjA5MTUw
MjM0NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg5RERDNjEyNkZBQUE2
RUNCN0VFMTExMUI3MkY2RTRCMkE5NkU3MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBjwNrPg8M9vQLv26Bdt1U6b/Xwvusrr66xqPxCWxb/Ep1UAcN
UfeKfe4Y91ImbiX5VPQq/LbYzGP41GP2zByReWaZvxXRmGjHLEwAIEZGS9jydSm6
gkmSHOoJ8HKSb857cjYUtMqhnuUh0ArRlJQing4GrXr6/ID2BcTCvRQQwCV5+Qdz
eZAwgx7mq4VlTuACTzqWvaLzcSPNEB+oy4aETpv6HttV75FAAQGcoQx+64/yhRG9
N6OuJScWKmD7lTMZJGSWPXPFLVA7yJSi/wwsji2VQFXynnjSY7WQhIhCa1Ud7aFE
8fvczQbArVhZzew6fnSmv4maX1foQ7G/Gi/9AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUid3GEm+qpuy37hERty9uSyqW5x4wHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL2lkM0dFbS1xcHV5MzdoRVJ0
eTl1U3lxVzV4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
BkjAMA0GCSqGSIb3DQEBCwUAA4IBAQAuYLK3ZFLzH01Bzx/ku8vsUjashTMTZkIB
nA/bxzjJFRdIY/CpOWM38y5uq+w9CKuaEVI93euIjl1jr8IZENNEXqhFzli1LIUY
PdTE5gZ1azxuUp7sKL/N0jp3m+5sUdF4i7mm/JlXHCQnkkd3Tjb6TUrSKXe4pcUg
nh12mmhnmXns6t0oOhhaoNYSswS9xmK4NBEf5hECVfzDy85Xaxvr7ZRGR83GtPd5
67NB96a8IH4uk42NARqqGW62cNlk9GbgKYLT/GiMZ8uaQ/4kMy0UEEOz1BEEoqWc
pRYyuvawZc8MTkSMyDSly264AhQEuA0WMOjPi38/hw6WTC9BhV2S
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:23:41 2023 by rpki-client on console-ams.rpki-client.org