Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/-nlDQSbt6wxDUJKyvLb9oJZQK84.roa
File:                     -nlDQSbt6wxDUJKyvLb9oJZQK84.roa (raw, json)
Hash identifier:          v7ItCU1vE/OxYDdIQqYtcoWyqww0Y0vnG4RPeRHFvtQ=
Subject key identifier:   FA:79:43:41:26:ED:EB:0C:43:50:92:B2:BC:B6:FD:A0:96:50:2B:CE
Certificate issuer:       /CN=ECD2FDC38522A74A422DE7BD1C026D55E08D9E9A
Certificate serial:       0115
Authority key identifier: EC:D2:FD:C3:85:22:A7:4A:42:2D:E7:BD:1C:02:6D:55:E0:8D:9E:9A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/7NL9w4Uip0pCLee9HAJtVeCNnpo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/-nlDQSbt6wxDUJKyvLb9oJZQK84.roa
Signing time:             Mon 30 Sep 2024 10:20:25 +0000
ROA not before:           Mon 30 Sep 2024 10:20:25 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     2914
IP address blocks:        202.160.72.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Wed 09 Oct 2024 00:08:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 277 (0x115)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ECD2FDC38522A74A422DE7BD1C026D55E08D9E9A
        Validity
            Not Before: Sep 30 10:20:25 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=FA79434126EDEB0C435092B2BCB6FDA096502BCE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:4f:64:a1:b4:c9:bc:88:9a:a4:01:6e:d1:af:
                    84:34:25:a0:14:45:f1:93:59:f3:d4:1d:2b:86:ae:
                    59:60:1b:3a:df:85:03:bc:d0:fd:c4:6e:e8:08:7f:
                    5f:5a:88:1c:90:35:92:d7:83:1e:f2:79:9e:58:34:
                    be:67:ce:e9:24:c5:c2:fe:20:43:43:68:60:4e:26:
                    92:f8:dd:34:8e:09:a1:4b:c2:6b:6a:5c:4d:e7:23:
                    8a:19:5a:05:ff:e4:7e:8e:f7:ea:1d:cb:8f:4e:d8:
                    48:63:c0:98:56:7e:c1:bc:ae:f7:2f:01:20:ae:0a:
                    32:39:73:97:c6:3a:cc:b9:27:a6:e0:fe:03:64:f4:
                    21:be:8c:cc:0b:2f:94:e9:0a:3f:3c:dc:a5:00:09:
                    a2:b4:01:fb:d3:f4:14:13:bb:0d:ea:c0:1a:60:b7:
                    5d:1b:66:15:70:f2:ae:6e:2a:54:a0:5a:24:d5:b1:
                    ae:e2:6a:6b:eb:46:e7:c5:5e:ff:dc:8f:17:cb:17:
                    53:8d:6b:e4:d7:5b:63:61:3a:6d:7e:d4:a1:67:b9:
                    a8:0d:ae:10:0d:0e:0f:8a:0a:dc:5f:a5:0e:eb:70:
                    ce:b1:c6:71:8b:d2:b4:6d:90:6d:be:12:5f:42:9e:
                    17:bc:39:dd:61:60:01:81:2b:cd:08:16:d2:3e:99:
                    df:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:79:43:41:26:ED:EB:0C:43:50:92:B2:BC:B6:FD:A0:96:50:2B:CE
            X509v3 Authority Key Identifier:
                keyid:EC:D2:FD:C3:85:22:A7:4A:42:2D:E7:BD:1C:02:6D:55:E0:8D:9E:9A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/7NL9w4Uip0pCLee9HAJtVeCNnpo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7NL9w4Uip0pCLee9HAJtVeCNnpo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/-nlDQSbt6wxDUJKyvLb9oJZQK84.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.160.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7d:8e:3b:31:bc:85:6f:c7:f3:67:9e:8e:ae:dc:52:af:7f:cd:
         e9:fe:91:89:71:27:4d:38:a8:82:4d:d2:a4:e8:f1:49:21:0b:
         4c:0a:5a:db:cd:40:44:61:6b:36:9a:fb:15:5a:4d:23:4e:6b:
         2c:85:d6:20:34:fa:f5:82:f0:c3:85:17:be:26:d8:e3:f1:7c:
         ff:c3:a2:dd:aa:2d:f8:32:bf:8d:64:bd:c1:b9:c0:82:12:46:
         a5:02:4f:ad:19:f6:86:4b:64:48:22:db:75:42:c3:79:5b:08:
         57:c2:0e:36:e0:a0:b9:b1:2c:db:f5:5c:af:c6:63:e0:12:97:
         74:0b:91:34:33:45:c6:9f:ad:59:0f:ab:a0:ce:da:53:98:97:
         d8:74:52:71:79:84:10:83:d5:e8:e0:88:d1:4f:95:fd:2b:4e:
         db:21:9d:df:35:8b:cd:7f:17:64:f4:b3:ab:6c:9c:ea:7f:18:
         6f:8e:5c:a5:ba:7b:dc:40:92:52:f5:00:aa:78:a2:77:9a:01:
         8e:e3:f3:3a:48:7e:a4:31:37:4f:c8:f0:3b:72:20:5f:de:16:
         15:2a:e4:13:f5:ad:cf:bf:5f:a1:a7:ed:7b:92:92:09:99:da:
         a1:01:c4:ad:ae:d1:17:39:03:08:61:df:85:22:a7:21:bc:ec:
         e4:18:82:52
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICARUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUNE
MkZEQzM4NTIyQTc0QTQyMkRFN0JEMUMwMjZENTVFMDhEOUU5QTAeFw0yNDA5MzAx
MDIwMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZBNzk0MzQxMjZFREVC
MEM0MzUwOTJCMkJDQjZGREEwOTY1MDJCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwT2ShtMm8iJqkAW7Rr4Q0JaAURfGTWfPUHSuGrllgGzrfhQO8
0P3EbugIf19aiByQNZLXgx7yeZ5YNL5nzukkxcL+IENDaGBOJpL43TSOCaFLwmtq
XE3nI4oZWgX/5H6O9+ody49O2EhjwJhWfsG8rvcvASCuCjI5c5fGOsy5J6bg/gNk
9CG+jMwLL5TpCj883KUACaK0AfvT9BQTuw3qwBpgt10bZhVw8q5uKlSgWiTVsa7i
amvrRufFXv/cjxfLF1ONa+TXW2NhOm1+1KFnuagNrhANDg+KCtxfpQ7rcM6xxnGL
0rRtkG2+El9Cnhe8Od1hYAGBK80IFtI+md/ZAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU+nlDQSbt6wxDUJKyvLb9oJZQK84wHwYDVR0jBBgwFoAU7NL9w4Uip0pCLee9
HAJtVeCNnpowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFBTSUxL
RVJBLzdOTDl3NFVpcDBwQ0xlZTlIQUp0VmVDTm5wby5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvN05MOXc0VWlwMHBDTGVlOUhBSnRWZUNObnBvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFBTSUxLRVJBLy1ubERRU2J0Nnd4
RFVKS3l2TGI5b0paUUs4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPKoEgwDQYJKoZIhvcNAQELBQADggEBAH2OOzG8hW/H82eejq7cUq9/zen+
kYlxJ004qIJN0qTo8UkhC0wKWtvNQERhazaa+xVaTSNOayyF1iA0+vWC8MOFF74m
2OPxfP/Dot2qLfgyv41kvcG5wIISRqUCT60Z9oZLZEgi23VCw3lbCFfCDjbgoLmx
LNv1XK/GY+ASl3QLkTQzRcafrVkPq6DO2lOYl9h0UnF5hBCD1ejgiNFPlf0rTtsh
nd81i81/F2T0s6tsnOp/GG+OXKW6e9xAklL1AKp4oneaAY7j8zpIfqQxN0/I8Dty
IF/eFhUq5BP1rc+/X6Gn7XuSkgmZ2qEBxK2u0Rc5Awhh34UipyG87OQYglI=
-----END CERTIFICATE-----
Generated at Wed Oct 9 04:26:57 2024 by rpki-client on console-ams.rpki-client.org