Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/14AgIR8wBpIrSFz4eRfrEKE_ve0.roa
File:                     14AgIR8wBpIrSFz4eRfrEKE_ve0.roa (raw, json)
Hash identifier:          jGXPEkhOQk0StPNVQfmbOMGu/l8ByvAKTKC2bQOxTqs=
Subject key identifier:   D7:80:20:21:1F:30:06:92:2B:48:5C:F8:79:17:EB:10:A1:3F:BD:ED
Certificate issuer:       /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial:       108D
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/14AgIR8wBpIrSFz4eRfrEKE_ve0.roa
Signing time:             Wed 01 Feb 2023 10:28:42 +0000
ROA not before:           Wed 01 Feb 2023 10:28:42 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     198949
IP address blocks:        113.196.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4237 (0x108d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
        Validity
            Not Before: Feb  1 10:28:42 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=D78020211F3006922B485CF87917EB10A13FBDED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d1:be:c0:6a:e6:f4:98:c5:f6:7e:de:11:66:
                    f3:0d:83:8a:08:0c:03:7b:31:be:3b:3e:a2:e3:5c:
                    37:ba:c3:58:dc:36:88:a8:09:d2:b3:33:bf:28:75:
                    b5:03:45:51:64:4b:02:1d:66:0c:34:62:c8:9c:33:
                    40:51:e1:bf:83:27:8b:a1:23:39:d0:99:34:1d:7a:
                    97:8a:78:95:10:30:db:2c:a3:79:26:e6:c7:bf:5f:
                    30:5c:76:a1:14:bd:b0:79:8d:2d:76:4b:58:94:4b:
                    1c:7c:fc:8b:4e:0d:ed:a7:58:21:17:a8:15:a9:0c:
                    c7:e0:db:32:8a:5b:33:8e:d6:2e:ea:8c:ec:f7:e1:
                    81:85:7a:4a:7d:b9:f0:99:6a:ef:0b:0f:70:30:82:
                    b9:43:e0:8f:98:92:c8:02:a7:91:00:db:1f:9b:cd:
                    a8:92:1e:90:db:a7:fc:9d:88:d4:b1:3e:9d:89:45:
                    ce:de:34:07:31:d0:39:57:7c:8a:e7:da:22:cf:47:
                    aa:0d:d6:a5:47:da:a0:b4:c5:23:ca:67:4d:ee:25:
                    ac:15:0e:19:65:2d:d2:ec:c8:ba:15:4e:44:7b:e5:
                    1f:ad:b8:8a:d3:a3:23:f8:d1:a8:32:dc:9f:3b:3f:
                    39:ab:84:02:32:8a:7a:45:c2:de:e2:41:9f:e6:fe:
                    6e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:80:20:21:1F:30:06:92:2B:48:5C:F8:79:17:EB:10:A1:3F:BD:ED
            X509v3 Authority Key Identifier:
                keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/14AgIR8wBpIrSFz4eRfrEKE_ve0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.196.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:d9:a8:77:20:4b:e7:0e:f6:9b:0d:65:01:a2:73:d5:9a:20:
         69:ea:c9:3c:56:d8:66:12:1e:ee:dc:c7:70:1a:fa:87:f2:c5:
         db:23:c2:aa:e6:1d:ed:59:fe:6a:c5:ca:70:1c:7d:4b:26:70:
         1f:22:37:4f:0d:b5:ae:67:5c:d4:f8:98:d9:be:c0:dd:d5:36:
         c9:85:5d:0f:17:64:ea:3f:3a:99:c1:74:40:23:50:cc:1b:c9:
         13:6d:13:ae:ae:71:92:1a:ba:9b:8c:58:e1:30:d4:83:e4:ff:
         ee:4c:1e:6d:b5:07:78:ca:3b:50:8b:cb:a4:b8:51:f6:59:a8:
         e5:4e:d9:6a:04:51:39:8a:36:3a:f8:d7:d9:cb:1b:50:67:f9:
         c1:bf:1a:58:62:22:01:59:41:6d:07:31:06:28:25:85:77:e8:
         03:81:eb:4b:e8:9f:c5:bd:39:7a:e6:1e:3b:36:91:0a:c1:09:
         a1:35:0f:d1:e6:63:98:e9:f9:6c:d0:c9:5e:ce:6e:dd:a5:b6:
         14:9b:52:51:e9:d6:2e:87:96:c5:16:ef:bc:87:44:ed:1e:2b:
         7b:c2:5a:8d:42:1e:67:af:c2:0c:55:d1:f8:e2:14:da:ff:be:
         a9:67:1e:6a:06:3d:63:48:e4:08:e6:bb:8d:7d:bc:85:c5:b0:
         32:c1:b0:05
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ3ODAyMDIxMUYzMDA2
OTIyQjQ4NUNGODc5MTdFQjEwQTEzRkJERUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA0b7Aaub0mMX2ft4RZvMNg4oIDAN7Mb47PqLjXDe6w1jcNoio
CdKzM78odbUDRVFkSwIdZgw0YsicM0BR4b+DJ4uhIznQmTQdepeKeJUQMNsso3km
5se/XzBcdqEUvbB5jS12S1iUSxx8/ItODe2nWCEXqBWpDMfg2zKKWzOO1i7qjOz3
4YGFekp9ufCZau8LD3AwgrlD4I+YksgCp5EA2x+bzaiSHpDbp/ydiNSxPp2JRc7e
NAcx0DlXfIrn2iLPR6oN1qVH2qC0xSPKZ03uJawVDhllLdLsyLoVTkR75R+tuIrT
oyP40agy3J87PzmrhAIyinpFwt7iQZ/m/m69AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU14AgIR8wBpIrSFz4eRfrEKE/ve0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMTRBZ0lSOHdCcElyU0Z6NGVSZnJF
S0VfdmUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHHETzAN
BgkqhkiG9w0BAQsFAAOCAQEAQdmodyBL5w72mw1lAaJz1ZogaerJPFbYZhIe7tzH
cBr6h/LF2yPCquYd7Vn+asXKcBx9SyZwHyI3Tw21rmdc1PiY2b7A3dU2yYVdDxdk
6j86mcF0QCNQzBvJE20Trq5xkhq6m4xY4TDUg+T/7kwebbUHeMo7UIvLpLhR9lmo
5U7ZagRROYo2OvjX2csbUGf5wb8aWGIiAVlBbQcxBiglhXfoA4HrS+ifxb05euYe
OzaRCsEJoTUP0eZjmOn5bNDJXs5u3aW2FJtSUenWLoeWxRbvvIdE7R4re8JajUIe
Z6/CDFXR+OIU2v++qWceagY9Y0jkCOa7jX28hcWwMsGwBQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:14 2023 by rpki-client on console-fra.rpki-client.org