Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KAIWEI/I1qDXlu_iHvMGV5xuVR3j8rzRVs.roa
File:                     I1qDXlu_iHvMGV5xuVR3j8rzRVs.roa (raw, json)
Hash identifier:          cmFLGS1MWW2CLldra4pqS95C11bUcdHF4af0UBFIiP8=
Subject key identifier:   23:5A:83:5E:5B:BF:88:7B:CC:19:5E:71:B9:54:77:8F:CA:F3:45:5B
Certificate issuer:       /CN=F95F0AA4EEE346F077A0CEEC8D06CC498F9B1AB9
Certificate serial:       06
Authority key identifier: F9:5F:0A:A4:EE:E3:46:F0:77:A0:CE:EC:8D:06:CC:49:8F:9B:1A:B9
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-V8KpO7jRvB3oM7sjQbMSY-bGrk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KAIWEI/I1qDXlu_iHvMGV5xuVR3j8rzRVs.roa
Signing time:             Thu 16 Nov 2023 08:11:15 +0000
ROA not before:           Thu 16 Nov 2023 08:11:15 +0000
ROA not after:            Wed 13 Nov 2024 15:30:20 +0000
asID:                     131642
IP address blocks:        2401:4f20::/32 maxlen: 64

Validation:               Failed, certificate revoked on Wed 30 Oct 2024 15:49:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F95F0AA4EEE346F077A0CEEC8D06CC498F9B1AB9
        Validity
            Not Before: Nov 16 08:11:15 2023 GMT
            Not After : Nov 13 15:30:20 2024 GMT
        Subject: CN=235A835E5BBF887BCC195E71B954778FCAF3455B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b7:2e:63:d8:ea:1b:d3:ba:4b:1d:69:f0:59:
                    a0:d0:71:3a:fa:c1:d5:cb:b4:f9:fb:1f:a6:d8:70:
                    c3:79:81:3c:33:18:6d:36:94:ed:2e:17:57:46:84:
                    ae:09:93:66:75:4c:e5:c4:d6:57:f1:05:68:bf:83:
                    38:11:48:38:cf:c6:df:7c:19:35:0f:37:28:04:c0:
                    3d:c9:64:f9:05:d2:5a:c2:a1:f8:27:02:c2:0c:fe:
                    df:c2:e1:14:b9:65:6f:32:fb:38:6c:7d:57:fa:4d:
                    78:10:ac:66:6a:2b:98:9a:76:22:0e:0b:11:7e:a6:
                    6f:68:01:43:ee:63:e7:ab:b3:db:6d:17:42:03:e1:
                    38:14:2a:34:c4:98:84:18:68:93:37:2d:36:cf:8b:
                    ed:6b:d5:4a:11:10:5f:78:2e:a2:e6:6c:24:6b:a7:
                    e3:dd:32:c7:ac:71:80:89:43:ef:a6:c3:5e:91:22:
                    18:ab:a4:9e:07:5e:7e:e6:e9:7f:30:ea:5e:1d:c6:
                    37:79:8a:f4:a6:0a:8a:71:a9:0f:63:f6:87:89:b3:
                    91:a2:f6:33:ee:13:ed:8f:a7:9f:70:a0:b5:ab:f7:
                    8f:b8:53:ac:e9:08:f3:9b:4a:83:49:53:41:99:e4:
                    d5:88:bb:e6:26:eb:ce:2b:01:15:ee:3f:6d:28:4c:
                    6c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:5A:83:5E:5B:BF:88:7B:CC:19:5E:71:B9:54:77:8F:CA:F3:45:5B
            X509v3 Authority Key Identifier:
                keyid:F9:5F:0A:A4:EE:E3:46:F0:77:A0:CE:EC:8D:06:CC:49:8F:9B:1A:B9

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KAIWEI/-V8KpO7jRvB3oM7sjQbMSY-bGrk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-V8KpO7jRvB3oM7sjQbMSY-bGrk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KAIWEI/I1qDXlu_iHvMGV5xuVR3j8rzRVs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:4f20::/32

    Signature Algorithm: sha256WithRSAEncryption
         20:63:2f:25:49:c1:b0:9b:a9:72:bd:06:0a:d7:74:51:13:d2:
         b2:2d:7a:29:ff:2b:1b:6c:a5:88:44:2b:29:3a:42:b2:f8:ea:
         0f:ff:2e:88:55:2e:55:f6:29:a2:29:df:16:c7:8a:39:3b:e8:
         49:fa:11:82:6c:5a:95:fb:67:83:d9:01:79:ba:c4:3f:0c:7a:
         56:66:83:b5:fd:80:c0:31:25:6d:26:87:31:ed:d5:b2:e1:ec:
         be:b2:3f:3b:9b:f8:cb:c3:4b:2a:0f:94:39:d5:93:d8:b6:18:
         97:a8:3d:2f:dd:c0:19:f8:f0:41:67:3b:7d:48:66:c6:b4:25:
         62:6f:8f:7a:4a:03:f3:8f:aa:02:c2:1e:d1:f8:79:98:d8:98:
         49:91:8b:c4:db:1e:25:bf:77:70:bb:3c:8b:1e:80:4f:3d:62:
         ec:cf:f7:2c:25:8e:98:23:3d:08:cc:11:a5:ef:35:3d:b2:85:
         a6:b8:16:fb:8b:09:3a:b3:d6:e8:65:0b:51:34:05:22:6c:d3:
         a3:0a:7b:c5:b0:13:74:d1:3d:e8:d9:a7:2b:2d:12:55:31:b2:
         c9:08:5f:4f:39:ea:fe:fa:34:6f:d2:71:86:b2:81:a4:d2:77:
         50:5e:89:57:78:48:11:78:07:39:7d:92:14:5d:c3:29:0a:f7:
         79:a7:05:58
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgIBBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGOTVG
MEFBNEVFRTM0NkYwNzdBMENFRUM4RDA2Q0M0OThGOUIxQUI5MB4XDTIzMTExNjA4
MTExNVoXDTI0MTExMzE1MzAyMFowMzExMC8GA1UEAxMoMjM1QTgzNUU1QkJGODg3
QkNDMTk1RTcxQjk1NDc3OEZDQUYzNDU1QjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANS3LmPY6hvTuksdafBZoNBxOvrB1cu0+fsfpthww3mBPDMYbTaU
7S4XV0aErgmTZnVM5cTWV/EFaL+DOBFIOM/G33wZNQ83KATAPclk+QXSWsKh+CcC
wgz+38LhFLllbzL7OGx9V/pNeBCsZmormJp2Ig4LEX6mb2gBQ+5j56uz220XQgPh
OBQqNMSYhBhokzctNs+L7WvVShEQX3guouZsJGun490yx6xxgIlD76bDXpEiGKuk
ngdefubpfzDqXh3GN3mK9KYKinGpD2P2h4mzkaL2M+4T7Y+nn3Cgtav3j7hTrOkI
85tKg0lTQZnk1Yi75ibrzisBFe4/bShMbP0CAwEAAaOCAe8wggHrMB0GA1UdDgQW
BBQjWoNeW7+Ie8wZXnG5VHePyvNFWzAfBgNVHSMEGDAWgBT5Xwqk7uNG8HegzuyN
BsxJj5sauTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LQUlXRUkv
LVY4S3BPN2pSdkIzb003c2pRYk1TWS1iR3JrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8tVjhLcE83alJ2QjNvTTdzalFiTVNZLWJHcmsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LQUlXRUkvSTFxRFhsdV9pSHZNR1Y1eHVW
UjNqOHJ6UlZzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3
L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQB
TyAwDQYJKoZIhvcNAQELBQADggEBACBjLyVJwbCbqXK9BgrXdFET0rItein/Kxts
pYhEKyk6QrL46g//LohVLlX2KaIp3xbHijk76En6EYJsWpX7Z4PZAXm6xD8MelZm
g7X9gMAxJW0mhzHt1bLh7L6yPzub+MvDSyoPlDnVk9i2GJeoPS/dwBn48EFnO31I
Zsa0JWJvj3pKA/OPqgLCHtH4eZjYmEmRi8TbHiW/d3C7PIsegE89YuzP9ywljpgj
PQjMEaXvNT2yhaa4FvuLCTqz1uhlC1E0BSJs06MKe8WwE3TRPejZpystElUxsskI
X0856v76NG/ScYaygaTSd1BeiVd4SBF4Bzl9khRdwykK93mnBVg=
Generated at Wed Oct 30 19:19:41 2024 by rpki-client on console-ams.rpki-client.org