Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUCD/xAKN-ky7gswnMIY3DOctwXGdyrI.roa
File:                     xAKN-ky7gswnMIY3DOctwXGdyrI.roa (raw, json)
Hash identifier:          imJ+3LeESUBhnwnIHd1QwxzGolCrJS7pJySmY31K34c=
Subject key identifier:   C4:02:8D:FA:4C:BB:82:CC:27:30:86:37:0C:E7:2D:C1:71:9D:CA:B2
Certificate issuer:       /CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Certificate serial:       F9
Authority key identifier: 35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/xAKN-ky7gswnMIY3DOctwXGdyrI.roa
Signing time:             Tue 12 Mar 2024 00:25:41 +0000
ROA not before:           Tue 12 Mar 2024 00:25:41 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     152179
IP address blocks:        103.115.108.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 02:13:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 249 (0xf9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35D63F285426D9D57209D42C46B9125B23A78EC1
        Validity
            Not Before: Mar 12 00:25:41 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=C4028DFA4CBB82CC273086370CE72DC1719DCAB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ea:7e:97:c0:59:c3:b6:4b:12:3d:09:a1:d7:
                    8a:51:83:d1:95:1c:09:9a:45:ba:c2:34:97:a9:01:
                    a0:c9:b9:3d:72:99:24:08:b0:68:a7:a0:b6:ef:9f:
                    3b:f2:d2:42:c2:15:18:9a:90:0c:4b:90:4f:c5:c4:
                    8a:0c:ce:2c:8e:51:b5:4c:c0:b0:a3:71:43:19:ca:
                    b0:50:52:47:f8:1c:07:dd:88:30:a6:61:bf:54:0c:
                    9d:a7:bb:dc:a3:bc:cc:99:81:41:5b:83:7d:08:39:
                    9d:d5:4a:1c:db:c5:47:16:c4:54:4e:14:d3:ae:6d:
                    86:3f:e8:10:c5:75:3c:8b:9b:bf:c3:38:1c:5f:46:
                    82:64:73:ca:de:ed:ed:b3:3b:4f:ce:94:81:f0:ed:
                    f7:c4:34:47:5b:3d:81:62:a7:3f:9a:50:d7:3a:f2:
                    4b:84:e4:c9:78:dc:d2:8d:4b:39:0b:3f:69:fc:f3:
                    73:c3:b5:7d:c1:02:61:26:ed:ef:06:62:79:46:b2:
                    5a:fc:28:a9:1a:35:4e:27:7b:33:21:f3:bb:07:32:
                    cb:f4:86:81:87:78:5d:94:60:90:ed:2f:ab:d0:a3:
                    f0:7c:e1:e8:11:a9:e1:ce:ef:18:2f:5b:02:c6:45:
                    05:11:c5:72:6d:98:f8:ff:18:ac:ec:b9:0c:e3:4a:
                    ec:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:02:8D:FA:4C:BB:82:CC:27:30:86:37:0C:E7:2D:C1:71:9D:CA:B2
            X509v3 Authority Key Identifier:
                keyid:35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/NdY_KFQm2dVyCdQsRrkSWyOnjsE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/xAKN-ky7gswnMIY3DOctwXGdyrI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.115.108.0/23

    Signature Algorithm: sha256WithRSAEncryption
         52:d0:1a:97:b9:96:b3:01:54:77:96:20:b1:60:79:e3:c8:67:
         fd:9e:1a:70:7a:d6:d5:e5:c9:25:08:cb:dc:e0:f1:ef:db:91:
         7e:4b:d7:72:e1:1f:45:82:4b:70:86:19:72:5f:96:00:24:1d:
         f3:32:58:f8:38:9a:cf:23:46:35:6d:5c:7d:62:f0:3b:9e:50:
         8b:3d:52:aa:b3:e6:9c:d6:cd:10:06:a2:13:6e:70:62:33:ee:
         2e:d2:e3:d4:3e:ff:1c:83:9d:7e:05:23:08:47:b6:a5:be:11:
         96:2c:1b:fc:34:60:82:88:a8:51:c3:2e:47:e2:d6:d6:6f:1f:
         b4:b1:05:b5:e0:2b:5a:ea:ec:ce:07:08:fd:45:bc:ed:68:43:
         c9:47:2e:2c:0e:2f:10:a3:07:ff:c3:40:ff:6c:d7:12:b3:ce:
         8f:e3:a9:03:63:82:90:97:84:f1:27:52:d9:c7:00:03:40:e7:
         4b:cf:ec:3c:22:7f:89:59:7f:0a:d9:f9:05:50:99:1a:f9:cc:
         68:e5:16:d1:df:7c:ef:08:6e:64:a2:83:52:cb:4b:17:1a:d7:
         c2:fa:39:bf:c9:a4:6d:a0:e9:ea:4a:e2:3d:9e:5b:0c:a6:16:
         7f:6f:2b:0b:49:9f:93:be:9e:9f:46:c3:b4:6f:83:d4:65:b7:
         86:20:71:06
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzVE
NjNGMjg1NDI2RDlENTcyMDlENDJDNDZCOTEyNUIyM0E3OEVDMTAeFw0yNDAzMTIw
MDI1NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM0MDI4REZBNENCQjgy
Q0MyNzMwODYzNzBDRTcyREMxNzE5RENBQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp6n6XwFnDtksSPQmh14pRg9GVHAmaRbrCNJepAaDJuT1ymSQI
sGinoLbvnzvy0kLCFRiakAxLkE/FxIoMziyOUbVMwLCjcUMZyrBQUkf4HAfdiDCm
Yb9UDJ2nu9yjvMyZgUFbg30IOZ3VShzbxUcWxFROFNOubYY/6BDFdTyLm7/DOBxf
RoJkc8re7e2zO0/OlIHw7ffENEdbPYFipz+aUNc68kuE5Ml43NKNSzkLP2n883PD
tX3BAmEm7e8GYnlGslr8KKkaNU4nezMh87sHMsv0hoGHeF2UYJDtL6vQo/B84egR
qeHO7xgvWwLGRQURxXJtmPj/GKzsuQzjSuwPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxAKN+ky7gswnMIY3DOctwXGdyrIwHwYDVR0jBBgwFoAUNdY/KFQm2dVyCdQs
RrkSWyOnjsEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVDRC9O
ZFlfS0ZRbTJkVnlDZFFzUnJrU1d5T25qc0UuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05kWV9LRlFtMmRWeUNkUXNScmtTV3lPbmpzRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RVQ0QveEFLTi1reTdnc3duTUlZM0RPY3R3
WEdkeXJJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWdzbDAN
BgkqhkiG9w0BAQsFAAOCAQEAUtAal7mWswFUd5YgsWB548hn/Z4acHrW1eXJJQjL
3ODx79uRfkvXcuEfRYJLcIYZcl+WACQd8zJY+DiazyNGNW1cfWLwO55Qiz1SqrPm
nNbNEAaiE25wYjPuLtLj1D7/HIOdfgUjCEe2pb4Rliwb/DRggoioUcMuR+LW1m8f
tLEFteArWurszgcI/UW87WhDyUcuLA4vEKMH/8NA/2zXErPOj+OpA2OCkJeE8SdS
2ccAA0DnS8/sPCJ/iVl/Ctn5BVCZGvnMaOUW0d987whuZKKDUstLFxrXwvo5v8mk
baDp6kriPZ5bDKYWf28rC0mfk76en0bDtG+D1GW3hiBxBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:22 2024 by rpki-client on console-ams.rpki-client.org