Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/yAll1fJxqNY_si24isF7uLE0R_o.roa
File:                     yAll1fJxqNY_si24isF7uLE0R_o.roa (raw, json)
Hash identifier:          fOMvgBGAQijZBIghN4YvgCFdlBwnbx68JwLX53UmnP4=
Subject key identifier:   C8:09:65:D5:F2:71:A8:D6:3F:B2:2D:B8:8A:C1:7B:B8:B1:34:47:FA
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       21D7
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/yAll1fJxqNY_si24isF7uLE0R_o.roa
Signing time:             Mon 26 Aug 2024 05:33:23 +0000
ROA not before:           Mon 26 Aug 2024 05:33:23 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     24164
IP address blocks:        114.198.165.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 10 Feb 2025 14:18:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8663 (0x21d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Aug 26 05:33:23 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=C80965D5F271A8D63FB22DB88AC17BB8B13447FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c9:01:16:67:7c:90:fc:0d:c1:57:9d:5a:ab:
                    11:38:ee:7d:66:0b:fa:d4:7e:2c:97:fd:5a:a2:22:
                    32:10:7a:0a:a6:f1:c0:74:37:6b:e9:70:35:eb:28:
                    30:b5:64:5e:f3:57:d7:92:94:42:2c:3b:7f:7e:00:
                    a0:e0:6f:90:a8:8c:53:61:ee:e7:18:f4:ff:b0:90:
                    a6:08:08:eb:ad:0b:dd:a5:7d:11:62:e7:f6:6a:f0:
                    ff:ff:4c:ab:44:28:5f:91:52:41:fb:56:dd:ac:99:
                    f0:65:f8:25:0b:ff:1d:6a:42:f2:02:0c:f6:a2:52:
                    2d:a2:c9:53:06:0f:18:b6:80:65:43:31:97:00:71:
                    d0:47:70:38:ce:d3:cb:d6:1e:1e:6a:99:da:f1:fc:
                    d1:06:de:39:9a:e5:90:69:5d:e9:0c:0f:d8:f2:ac:
                    40:7f:2a:98:88:64:84:0d:5a:f9:04:7a:ca:6a:47:
                    4f:d2:63:90:82:df:df:f5:5b:eb:9a:83:46:00:28:
                    8e:d8:ea:8b:5c:0c:7a:73:a6:43:93:b8:62:d0:16:
                    9f:f0:ba:ff:a0:02:74:18:72:72:4f:7e:07:67:03:
                    54:57:40:4f:eb:9d:43:69:87:2d:95:ab:44:bd:a9:
                    21:ac:5c:4c:16:83:58:d9:de:19:87:df:35:17:a7:
                    ee:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:09:65:D5:F2:71:A8:D6:3F:B2:2D:B8:8A:C1:7B:B8:B1:34:47:FA
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/yAll1fJxqNY_si24isF7uLE0R_o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.198.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:6e:ce:a1:07:cd:0d:e5:84:8d:73:f1:5a:5d:31:cc:b2:f3:
         ec:49:29:3c:db:4a:33:41:ec:75:b2:f2:b4:15:a0:9a:66:04:
         d8:da:f9:23:55:fb:d6:11:4c:92:aa:6f:ef:1b:1e:ad:9b:f0:
         45:9f:1e:1c:c6:42:c2:ef:6f:95:80:66:ec:1e:a0:0d:21:38:
         be:e6:3c:14:86:24:4d:56:a0:2d:50:9f:14:03:65:47:39:9a:
         0c:9d:21:14:25:f7:2e:59:79:67:77:b0:4d:84:56:75:66:c4:
         f7:d3:5f:cb:c5:76:42:07:8a:19:76:33:4a:37:e0:b5:a7:4b:
         c3:ac:da:a5:03:d4:09:8c:9a:9f:09:30:f0:50:84:32:1a:52:
         7b:fb:28:4e:c1:b8:0d:e9:56:67:08:a0:40:e4:39:19:9b:ae:
         0c:1f:52:b5:1e:19:98:d7:07:be:cc:01:da:8a:a2:b4:48:80:
         0e:f7:7e:23:e0:f4:16:11:a9:c9:33:3f:72:24:2f:eb:3c:56:
         1e:40:4f:d4:a7:14:b4:a2:29:c1:04:42:d2:03:1a:54:2e:5e:
         62:0b:a2:6e:87:1a:f9:31:65:8f:1a:42:d3:0d:cc:78:e1:e5:
         08:fb:8e:e9:b6:69:a4:5d:fd:7a:b0:ab:12:d6:de:30:e7:31:
         54:9e:cf:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNDA4MjYw
NTMzMjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM4MDk2NUQ1RjI3MUE4
RDYzRkIyMkRCODhBQzE3QkI4QjEzNDQ3RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQyQEWZ3yQ/A3BV51aqxE47n1mC/rUfiyX/VqiIjIQegqm8cB0
N2vpcDXrKDC1ZF7zV9eSlEIsO39+AKDgb5CojFNh7ucY9P+wkKYICOutC92lfRFi
5/Zq8P//TKtEKF+RUkH7Vt2smfBl+CUL/x1qQvICDPaiUi2iyVMGDxi2gGVDMZcA
cdBHcDjO08vWHh5qmdrx/NEG3jma5ZBpXekMD9jyrEB/KpiIZIQNWvkEespqR0/S
Y5CC39/1W+uag0YAKI7Y6otcDHpzpkOTuGLQFp/wuv+gAnQYcnJPfgdnA1RXQE/r
nUNphy2Vq0S9qSGsXEwWg1jZ3hmH3zUXp+4FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyAll1fJxqNY/si24isF7uLE0R/owHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3lBbGwxZkp4cU5ZX3NpMjRp
c0Y3dUxFMFJfby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABy
xqUwDQYJKoZIhvcNAQELBQADggEBAI5uzqEHzQ3lhI1z8VpdMcyy8+xJKTzbSjNB
7HWy8rQVoJpmBNja+SNV+9YRTJKqb+8bHq2b8EWfHhzGQsLvb5WAZuweoA0hOL7m
PBSGJE1WoC1QnxQDZUc5mgydIRQl9y5ZeWd3sE2EVnVmxPfTX8vFdkIHihl2M0o3
4LWnS8Os2qUD1AmMmp8JMPBQhDIaUnv7KE7BuA3pVmcIoEDkORmbrgwfUrUeGZjX
B77MAdqKorRIgA73fiPg9BYRqckzP3IkL+s8Vh5AT9SnFLSiKcEEQtIDGlQuXmIL
om6HGvkxZY8aQtMNzHjh5Qj7jum2aaRd/XqwqxLW3jDnMVSez5s=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:58:12 2025 by rpki-client