Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/ufQEELaWqhg3mfD14-C8MNQ1Bb8.roa
File:                     ufQEELaWqhg3mfD14-C8MNQ1Bb8.roa (raw, json)
Hash identifier:          cRShh2+kRRrhC3TYQ6CxYqX7Q64P4CYC0vk8zBU4boQ=
Subject key identifier:   B9:F4:04:10:B6:96:AA:18:37:99:F0:F5:E3:E0:BC:30:D4:35:05:BF
Certificate issuer:       /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial:       0861
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/ufQEELaWqhg3mfD14-C8MNQ1Bb8.roa
Signing time:             Mon 26 Aug 2024 05:24:10 +0000
ROA not before:           Mon 26 Aug 2024 05:24:10 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     131642
IP address blocks:        103.148.72.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sat 21 Sep 2024 19:24:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2145 (0x861)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
        Validity
            Not Before: Aug 26 05:24:10 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=B9F40410B696AA183799F0F5E3E0BC30D43505BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6e:79:3f:8c:a1:f5:9d:b4:32:3c:43:65:9e:
                    3a:7e:ae:3e:c8:53:be:8b:a3:83:4a:b9:ad:a2:bf:
                    23:04:0a:47:6a:1a:7b:b6:0a:b5:62:97:55:82:6d:
                    c5:39:27:8b:c9:90:3a:e0:1f:f2:bf:0c:c9:84:83:
                    cb:68:f5:49:33:e4:e9:e1:0e:be:0d:05:46:6b:65:
                    7c:d9:09:86:b8:ff:39:bc:c4:e1:0f:23:ee:47:4f:
                    fd:e7:c4:e0:e2:69:80:bb:f5:2c:c9:6f:11:f8:31:
                    e4:dd:7b:50:20:40:6b:ba:15:c1:17:c4:a7:0b:ed:
                    cd:b2:48:d5:92:7a:88:d8:93:8f:fc:0d:82:20:a9:
                    ab:5f:30:c6:17:18:13:bf:48:ab:92:26:9a:82:d4:
                    b2:9e:5b:8c:85:28:61:89:6c:02:4c:d4:72:a4:3c:
                    86:03:3e:55:50:a8:80:48:9c:90:a7:43:18:a4:56:
                    28:8d:d1:e9:f3:e7:34:4f:43:dc:8d:ee:f5:de:cf:
                    5b:f4:85:c3:90:0f:de:be:1f:15:00:c9:32:d2:f4:
                    a7:66:bd:58:02:61:93:8d:79:17:07:64:12:15:f6:
                    2f:2e:bf:3d:66:cf:c9:25:cd:af:c4:b4:6b:80:e7:
                    4f:76:8d:1c:22:6f:dd:1b:c9:5b:2f:41:84:69:2e:
                    75:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F4:04:10:B6:96:AA:18:37:99:F0:F5:E3:E0:BC:30:D4:35:05:BF
            X509v3 Authority Key Identifier:
                keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/ufQEELaWqhg3mfD14-C8MNQ1Bb8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6c:68:05:3d:b6:e7:8e:0b:f8:5f:5a:55:af:9a:9d:74:e3:45:
         e9:f3:a0:dd:b9:c7:80:db:0c:fa:2c:eb:e3:ea:3a:53:9c:0a:
         97:a7:70:52:ab:33:c7:36:45:93:f8:05:44:f7:95:9e:db:2c:
         e6:eb:1f:75:4e:4c:29:82:73:f3:ad:5b:e4:d0:64:81:8f:b8:
         34:cf:91:09:7f:be:a0:29:79:25:2b:9d:5f:09:c7:8e:10:32:
         ee:73:49:e0:dc:82:63:23:f9:4f:68:db:88:a9:f3:45:24:d5:
         f3:ca:b2:e3:c4:bb:bd:09:b4:f5:7d:22:40:17:df:3d:b1:34:
         90:1b:92:41:e5:38:d8:3f:f9:28:b1:e3:75:28:73:11:08:87:
         60:e7:1f:2f:f3:ee:a1:86:35:b9:34:a4:06:d3:ae:83:d3:a5:
         66:a2:10:a9:21:e5:a8:ab:7b:f6:e2:b1:e8:52:69:fa:57:aa:
         14:95:c5:83:09:28:38:29:5c:09:72:a2:c8:01:f4:d2:67:50:
         2c:09:7b:23:9f:50:54:5e:bc:60:8c:21:64:01:18:e7:d1:c3:
         6a:bc:d0:c1:5b:d0:a3:20:33:9d:37:fa:22:dc:f5:0e:c5:af:
         50:3f:37:6e:ba:05:13:8e:70:04:24:49:de:67:5d:35:f3:70:
         45:92:5a:9a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yNDA4MjYw
NTI0MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI5RjQwNDEwQjY5NkFB
MTgzNzk5RjBGNUUzRTBCQzMwRDQzNTA1QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFbnk/jKH1nbQyPENlnjp+rj7IU76Lo4NKua2ivyMECkdqGnu2
CrVil1WCbcU5J4vJkDrgH/K/DMmEg8to9Ukz5OnhDr4NBUZrZXzZCYa4/zm8xOEP
I+5HT/3nxODiaYC79SzJbxH4MeTde1AgQGu6FcEXxKcL7c2ySNWSeojYk4/8DYIg
qatfMMYXGBO/SKuSJpqC1LKeW4yFKGGJbAJM1HKkPIYDPlVQqIBInJCnQxikViiN
0enz5zRPQ9yN7vXez1v0hcOQD96+HxUAyTLS9KdmvVgCYZONeRcHZBIV9i8uvz1m
z8klza/EtGuA5092jRwib90byVsvQYRpLnUVAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUufQEELaWqhg3mfD14+C8MNQ1Bb8wHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL3VmUUVFTGFXcWhnM21mRDE0LUM4TU5R
MUJiOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEgwDQYJ
KoZIhvcNAQELBQADggEBAGxoBT22544L+F9aVa+anXTjRenzoN25x4DbDPos6+Pq
OlOcCpencFKrM8c2RZP4BUT3lZ7bLObrH3VOTCmCc/OtW+TQZIGPuDTPkQl/vqAp
eSUrnV8Jx44QMu5zSeDcgmMj+U9o24ip80Uk1fPKsuPEu70JtPV9IkAX3z2xNJAb
kkHlONg/+Six43UocxEIh2DnHy/z7qGGNbk0pAbTroPTpWaiEKkh5aire/bisehS
afpXqhSVxYMJKDgpXAlyosgB9NJnUCwJeyOfUFRevGCMIWQBGOfRw2q80MFb0KMg
M503+iLc9Q7Fr1A/N266BROOcAQkSd5nXTXzcEWSWpo=
-----END CERTIFICATE-----
Generated at Sat Sep 21 21:00:10 2024 by rpki-client on console-ams.rpki-client.org