Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/2FxuN4W4EsrVwpnJaD9brPr11DY.roa
File:                     2FxuN4W4EsrVwpnJaD9brPr11DY.roa (raw, json)
Hash identifier:          rSSYSpnm0IUDKkm/WNkGx8XsTGfWQ30onxDIggU+Cgw=
Subject key identifier:   D8:5C:6E:37:85:B8:12:CA:D5:C2:99:C9:68:3F:5B:AC:FA:F5:D4:36
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       06F2
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/2FxuN4W4EsrVwpnJaD9brPr11DY.roa
Signing time:             Wed 29 Sep 2021 02:53:47 +0000
ROA not before:           Wed 29 Sep 2021 02:53:47 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131668
IP address blocks:        103.147.22.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1778 (0x6f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Sep 29 02:53:47 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=D85C6E3785B812CAD5C299C9683F5BACFAF5D436
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c2:e9:ef:c0:5a:04:c8:67:34:7b:c0:36:6a:
                    39:83:46:8f:10:8a:b1:a6:a3:4d:7c:ca:83:37:99:
                    8b:7d:00:a0:05:ec:ca:2b:47:62:0e:4c:dd:45:70:
                    73:16:a8:77:8f:52:f6:d6:c3:f1:dc:97:4e:89:42:
                    26:5d:17:00:8e:fe:65:ab:45:3d:1b:3b:8d:6c:a9:
                    86:b6:43:05:91:0d:95:3f:41:f7:9f:1b:74:d6:56:
                    4d:b7:4d:87:33:d5:e9:98:9f:7f:65:77:69:4a:15:
                    94:82:54:5f:15:94:43:6f:53:3f:78:34:ee:53:84:
                    34:b7:94:94:ab:14:74:46:12:cb:bb:1a:10:99:f1:
                    06:90:3a:a7:d3:81:9a:db:86:a5:cb:20:5f:db:8e:
                    03:f1:45:20:2b:fe:e5:8c:82:65:1d:a7:fd:d9:48:
                    e7:27:6e:3a:86:70:28:f9:53:1b:5d:e5:98:1a:df:
                    88:76:6d:ce:d2:23:e4:cd:79:a1:54:dd:56:79:7b:
                    55:d5:5d:34:4f:e2:c4:48:92:fd:0f:36:47:f3:fd:
                    27:c6:ce:a3:c0:cf:24:46:2b:b0:cf:07:2f:68:72:
                    66:14:55:31:65:fb:25:83:de:fb:0f:79:86:b3:17:
                    f2:7c:ca:2c:5b:62:57:d7:f5:6e:f7:92:1c:f5:92:
                    07:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:5C:6E:37:85:B8:12:CA:D5:C2:99:C9:68:3F:5B:AC:FA:F5:D4:36
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/2FxuN4W4EsrVwpnJaD9brPr11DY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         77:b4:fd:51:e6:ab:10:1f:b2:6e:17:7e:3e:b5:a7:11:c7:9e:
         28:41:96:08:65:4f:b0:a2:34:30:4f:b2:5e:f8:ce:21:a8:eb:
         f9:8b:c8:91:fc:e8:54:cd:38:94:56:42:72:59:16:b5:5a:39:
         af:c9:dc:c8:9c:05:f7:f7:0a:24:3f:2a:0d:61:09:a6:e7:2c:
         18:33:e8:88:8a:36:98:a8:42:d7:63:12:0f:de:b1:3e:25:21:
         31:8e:09:6a:a0:a8:98:5c:73:c4:e2:77:4f:bc:4a:4d:4c:4f:
         a4:01:5c:ca:14:6d:99:73:11:e2:bb:38:d7:71:f0:11:2d:f1:
         17:5d:06:81:20:16:7a:64:f2:6e:52:db:e2:29:a3:33:a7:84:
         50:25:f9:61:01:ec:e7:41:4d:24:a7:df:d2:04:88:d4:7f:0b:
         ba:ca:c5:d9:f5:90:ea:f2:24:20:3c:99:f6:7f:2d:81:9c:6b:
         cd:31:ae:cf:a3:f2:55:76:f1:68:62:b4:d0:b8:7b:bb:3e:14:
         f0:48:0a:d2:86:0d:47:0a:bd:1b:d1:f4:87:c7:79:63:0e:8a:
         40:49:cb:10:55:03:b1:eb:9c:6c:d1:67:7e:cf:b4:a4:db:ef:
         5c:f6:9e:b2:ba:2f:8a:21:28:b6:6e:01:8e:5b:0f:61:a1:cf:
         85:e9:83:dd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICBvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMTA5Mjkw
MjUzNDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQ4NUM2RTM3ODVCODEy
Q0FENUMyOTlDOTY4M0Y1QkFDRkFGNUQ0MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzwunvwFoEyGc0e8A2ajmDRo8QirGmo018yoM3mYt9AKAF7Mor
R2IOTN1FcHMWqHePUvbWw/Hcl06JQiZdFwCO/mWrRT0bO41sqYa2QwWRDZU/Qfef
G3TWVk23TYcz1emYn39ld2lKFZSCVF8VlENvUz94NO5ThDS3lJSrFHRGEsu7GhCZ
8QaQOqfTgZrbhqXLIF/bjgPxRSAr/uWMgmUdp/3ZSOcnbjqGcCj5Uxtd5Zga34h2
bc7SI+TNeaFU3VZ5e1XVXTRP4sRIkv0PNkfz/SfGzqPAzyRGK7DPBy9ocmYUVTFl
+yWD3vsPeYazF/J8yixbYlfX9W73khz1kgfpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2FxuN4W4EsrVwpnJaD9brPr11DYwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvMkZ4dU40VzRFc3JWd3BuSmFEOWJy
UHIxMURZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeTFjAN
BgkqhkiG9w0BAQsFAAOCAQEAd7T9UearEB+ybhd+PrWnEceeKEGWCGVPsKI0ME+y
XvjOIajr+YvIkfzoVM04lFZCclkWtVo5r8ncyJwF9/cKJD8qDWEJpucsGDPoiIo2
mKhC12MSD96xPiUhMY4JaqComFxzxOJ3T7xKTUxPpAFcyhRtmXMR4rs413HwES3x
F10GgSAWemTyblLb4imjM6eEUCX5YQHs50FNJKff0gSI1H8LusrF2fWQ6vIkIDyZ
9n8tgZxrzTGuz6PyVXbxaGK00Lh7uz4U8EgK0oYNRwq9G9H0h8d5Yw6KQEnLEFUD
seucbNFnfs+0pNvvXPaesroviiEotm4BjlsPYaHPhemD3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org