Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/_341pcy2DC-JGK4FABQTP5hs5r4.roa
File:                     _341pcy2DC-JGK4FABQTP5hs5r4.roa (raw, json)
Hash identifier:          QF5nhMVcobQbdq7O1T18JCu1JX8BAFisvyJJTDNCUf0=
Subject key identifier:   FF:7E:35:A5:CC:B6:0C:2F:89:18:AE:05:00:14:13:3F:98:6C:E6:BE
Certificate issuer:       /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial:       0862
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/_341pcy2DC-JGK4FABQTP5hs5r4.roa
Signing time:             Mon 26 Aug 2024 05:24:10 +0000
ROA not before:           Mon 26 Aug 2024 05:24:10 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     131642
IP address blocks:        2405:cdc0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 21 Sep 2024 19:23:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2146 (0x862)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
        Validity
            Not Before: Aug 26 05:24:10 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=FF7E35A5CCB60C2F8918AE050014133F986CE6BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ee:5f:a0:b5:90:c9:b1:02:1b:da:54:86:ce:
                    00:2f:48:43:d8:79:ef:ea:c0:ee:d2:6a:97:13:14:
                    c4:26:2d:0e:23:e3:f6:92:5f:8e:95:ed:8c:04:e0:
                    ec:0c:62:4a:c6:a3:7e:6d:90:57:1e:63:09:37:63:
                    03:71:d3:41:69:08:6a:f9:49:63:f8:22:5a:4c:f0:
                    96:93:cb:08:9c:98:81:95:28:e8:fe:00:d5:87:0a:
                    e1:24:7e:c5:9f:f6:aa:c0:ad:0d:68:92:69:c1:b0:
                    c9:8f:91:57:d1:e7:84:14:ec:e3:9e:82:c9:ce:00:
                    3a:af:db:51:73:39:8c:ff:29:9a:e5:18:6c:ab:74:
                    83:07:77:9f:32:b1:03:34:66:4b:f8:ad:75:94:d2:
                    59:5b:4c:f9:cd:a5:f8:70:eb:ab:9a:d0:a8:7b:94:
                    32:5b:22:df:5b:64:1f:b7:54:37:99:4c:c6:69:40:
                    6b:9b:67:14:f7:83:60:43:7b:b2:7b:4b:50:e7:c5:
                    1b:7f:4f:a2:74:00:a9:95:60:52:ac:b7:27:8a:06:
                    01:86:63:b6:62:9e:f4:31:54:5f:8c:33:53:20:52:
                    7d:3f:73:fc:66:59:df:f7:e3:28:26:3e:3f:76:0d:
                    20:15:fa:67:40:28:45:e8:b0:5a:30:cb:12:96:b3:
                    fb:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:7E:35:A5:CC:B6:0C:2F:89:18:AE:05:00:14:13:3F:98:6C:E6:BE
            X509v3 Authority Key Identifier:
                keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/_341pcy2DC-JGK4FABQTP5hs5r4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:cdc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:77:c7:3c:60:83:0e:4e:7f:73:b0:30:0f:3e:b0:51:95:bf:
         fe:14:a2:94:ae:b5:f9:14:df:17:cb:64:95:7b:e5:96:ea:d8:
         fc:45:f5:46:95:bc:41:12:99:d0:88:d3:ae:8f:1a:06:32:d3:
         8a:87:c7:98:a6:8e:9e:5e:ed:e1:02:b5:b6:8d:d5:3e:6a:20:
         fa:91:a7:52:2b:7d:a1:02:89:bb:b9:0e:59:8b:88:e9:da:9a:
         7a:ae:d6:67:5c:27:98:c4:ac:3f:f1:f7:97:9b:bf:70:2b:7e:
         a2:1c:0c:ee:e5:15:8a:75:7e:d0:8d:70:58:b0:3f:e1:62:4e:
         47:45:a8:39:35:68:57:b0:50:b2:cd:fe:91:1d:1a:8e:f8:48:
         31:31:2e:b1:3d:a9:0e:dc:8c:3f:a7:02:e6:8e:a5:1a:b9:18:
         e3:7a:bf:3d:42:23:57:b1:60:ec:6d:49:85:6a:09:b0:f0:1d:
         2d:8c:81:4a:f5:03:9b:c0:da:a9:2d:32:06:d9:3b:c5:83:a5:
         ab:16:f7:36:59:b1:02:2b:11:9d:11:b5:85:e1:cc:cd:76:50:
         1d:76:fb:fc:67:12:49:ec:f9:79:53:64:44:d3:48:f8:54:78:
         15:36:63:d9:78:b9:55:dd:fb:28:60:9d:2c:19:fa:0d:c8:6a:
         f9:bf:34:a5
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yNDA4MjYw
NTI0MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZGN0UzNUE1Q0NCNjBD
MkY4OTE4QUUwNTAwMTQxMzNGOTg2Q0U2QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi7l+gtZDJsQIb2lSGzgAvSEPYee/qwO7SapcTFMQmLQ4j4/aS
X46V7YwE4OwMYkrGo35tkFceYwk3YwNx00FpCGr5SWP4IlpM8JaTywicmIGVKOj+
ANWHCuEkfsWf9qrArQ1okmnBsMmPkVfR54QU7OOegsnOADqv21FzOYz/KZrlGGyr
dIMHd58ysQM0Zkv4rXWU0llbTPnNpfhw66ua0Kh7lDJbIt9bZB+3VDeZTMZpQGub
ZxT3g2BDe7J7S1DnxRt/T6J0AKmVYFKstyeKBgGGY7ZinvQxVF+MM1MgUn0/c/xm
Wd/34ygmPj92DSAV+mdAKEXosFowyxKWs/ulAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU/341pcy2DC+JGK4FABQTP5hs5r4wHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL18zNDFwY3kyREMtSkdLNEZBQlFUUDVo
czVyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBc3AMA0G
CSqGSIb3DQEBCwUAA4IBAQCpd8c8YIMOTn9zsDAPPrBRlb/+FKKUrrX5FN8Xy2SV
e+WW6tj8RfVGlbxBEpnQiNOujxoGMtOKh8eYpo6eXu3hArW2jdU+aiD6kadSK32h
Aom7uQ5Zi4jp2pp6rtZnXCeYxKw/8feXm79wK36iHAzu5RWKdX7QjXBYsD/hYk5H
Rag5NWhXsFCyzf6RHRqO+EgxMS6xPakO3Iw/pwLmjqUauRjjer89QiNXsWDsbUmF
agmw8B0tjIFK9QObwNqpLTIG2TvFg6WrFvc2WbECKxGdEbWF4czNdlAddvv8ZxJJ
7Pl5U2RE00j4VHgVNmPZeLlV3fsoYJ0sGfoNyGr5vzSl
-----END CERTIFICATE-----
Generated at Sat Sep 21 21:00:10 2024 by rpki-client on console-ams.rpki-client.org