Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APPIER/yiPK0zPWliszkxX0opANTcVhXSM.roa
File:                     yiPK0zPWliszkxX0opANTcVhXSM.roa (raw, json)
Hash identifier:          3K0MgGr+jPfdH4brMPYJbK7/jxg13+e9aKGYkFILFx8=
Subject key identifier:   CA:23:CA:D3:33:D6:96:2B:33:93:15:F4:A2:90:0D:4D:C5:61:5D:23
Certificate issuer:       /CN=4640D988EC8146BA430596012122D1A1CFC1C36B
Certificate serial:       0A34
Authority key identifier: 46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/yiPK0zPWliszkxX0opANTcVhXSM.roa
Signing time:             Thu 01 Sep 2022 07:26:15 +0000
ROA not before:           Thu 01 Sep 2022 07:26:15 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     396982
IP address blocks:        103.122.16.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2612 (0xa34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4640D988EC8146BA430596012122D1A1CFC1C36B
        Validity
            Not Before: Sep  1 07:26:15 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=CA23CAD333D6962B339315F4A2900D4DC5615D23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:53:e7:39:70:a5:3a:80:84:1f:4c:51:6f:c6:
                    10:ca:e6:af:52:2a:10:5b:a7:9d:3e:a1:3d:39:6b:
                    39:ed:9c:b5:1b:f4:1d:0c:ef:b1:11:ca:a6:fe:6a:
                    83:08:c1:6c:ca:7e:5d:37:da:6f:64:8d:79:d4:26:
                    3d:6a:ea:5e:09:28:fb:bc:29:ce:2a:90:2f:3e:b8:
                    12:b1:9e:0e:76:26:0e:1e:64:f0:f5:47:93:e6:01:
                    0c:d3:ff:7d:ab:16:33:da:79:be:97:4e:07:10:77:
                    17:34:34:03:8d:bb:ee:72:2e:28:b0:e3:ea:fd:0b:
                    37:7a:72:50:a3:77:de:d1:e6:f2:18:dd:db:78:71:
                    30:59:1f:bd:de:95:53:e7:6b:a9:c1:75:ae:04:22:
                    e4:5e:f6:ee:33:93:e3:ba:7e:62:8d:4a:75:5d:8a:
                    de:be:7f:a1:2d:7d:21:6c:c6:44:27:41:e0:71:c4:
                    e5:1a:e1:fe:4f:2a:97:17:e2:ca:db:6c:08:9d:4e:
                    a4:1b:40:11:de:78:a8:43:88:ba:c1:a3:a2:aa:0a:
                    40:d0:a4:51:17:4d:f9:d4:ed:b7:87:83:90:d7:aa:
                    27:90:d9:f0:bd:de:2f:f6:97:70:1b:68:ec:1a:8e:
                    ac:21:91:1b:1e:26:a7:a9:c6:63:bd:eb:24:6a:07:
                    e2:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:23:CA:D3:33:D6:96:2B:33:93:15:F4:A2:90:0D:4D:C5:61:5D:23
            X509v3 Authority Key Identifier:
                keyid:46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/yiPK0zPWliszkxX0opANTcVhXSM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:5a:99:46:39:ed:80:d4:c9:c2:fd:aa:ce:b7:46:93:a7:4b:
         f1:02:95:4c:98:f4:fd:a4:02:91:c3:42:1b:00:e6:b1:60:82:
         76:55:6f:51:49:1b:08:10:5d:3c:ec:f7:9c:d1:6c:d2:7c:fa:
         c7:da:bf:9b:9d:b2:70:46:bb:55:49:d1:80:22:69:2d:90:52:
         41:9a:25:78:35:ac:ab:9b:d5:41:1c:e4:7f:f1:75:3f:b5:38:
         55:9d:09:97:9f:00:af:01:e2:9f:07:db:4f:20:75:32:e7:6e:
         13:43:7d:01:bd:e1:88:cf:d8:c8:e2:1e:ef:b7:be:cd:4a:f0:
         06:54:ef:75:62:2c:40:10:8f:4c:3c:64:96:56:30:99:03:b8:
         6f:e3:fb:0b:c9:b3:07:83:07:a8:3b:51:cc:c4:f4:80:87:3b:
         56:20:6e:88:8e:8a:ac:a5:e5:2c:01:38:f6:12:20:85:29:1a:
         47:6b:c0:43:a5:61:e4:42:03:e9:66:69:5e:08:bc:9e:fc:24:
         a1:e4:0f:8f:5d:9e:3a:70:27:3a:2f:8f:b1:e4:cb:c2:32:db:
         4b:58:47:6a:67:55:34:84:20:69:18:82:93:f0:32:5c:09:45:
         0e:1e:ac:b4:ab:31:eb:f8:96:e1:d7:cf:0a:18:87:eb:c8:fc:
         2c:87:79:fd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCjQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDY0
MEQ5ODhFQzgxNDZCQTQzMDU5NjAxMjEyMkQxQTFDRkMxQzM2QjAeFw0yMjA5MDEw
NzI2MTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENBMjNDQUQzMzNENjk2
MkIzMzkzMTVGNEEyOTAwRDREQzU2MTVEMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJU+c5cKU6gIQfTFFvxhDK5q9SKhBbp50+oT05azntnLUb9B0M
77ERyqb+aoMIwWzKfl032m9kjXnUJj1q6l4JKPu8Kc4qkC8+uBKxng52Jg4eZPD1
R5PmAQzT/32rFjPaeb6XTgcQdxc0NAONu+5yLiiw4+r9Czd6clCjd97R5vIY3dt4
cTBZH73elVPna6nBda4EIuRe9u4zk+O6fmKNSnVdit6+f6EtfSFsxkQnQeBxxOUa
4f5PKpcX4srbbAidTqQbQBHeeKhDiLrBo6KqCkDQpFEXTfnU7beHg5DXqieQ2fC9
3i/2l3AbaOwajqwhkRseJqepxmO96yRqB+LtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyiPK0zPWliszkxX0opANTcVhXSMwHwYDVR0jBBgwFoAURkDZiOyBRrpDBZYB
ISLRoc/Bw2swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVS
L1JrRFppT3lCUnJwREJaWUJJU0xSb2NfQncycy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvUmtEWmlPeUJScnBEQlpZQklTTFJvY19CdzJzLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVSL3lpUEswelBXbGlzemt4WDBv
cEFOVGNWaFhTTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn
ehAwDQYJKoZIhvcNAQELBQADggEBAI1amUY57YDUycL9qs63RpOnS/EClUyY9P2k
ApHDQhsA5rFggnZVb1FJGwgQXTzs95zRbNJ8+sfav5udsnBGu1VJ0YAiaS2QUkGa
JXg1rKub1UEc5H/xdT+1OFWdCZefAK8B4p8H208gdTLnbhNDfQG94YjP2MjiHu+3
vs1K8AZU73ViLEAQj0w8ZJZWMJkDuG/j+wvJsweDB6g7UczE9ICHO1YgboiOiqyl
5SwBOPYSIIUpGkdrwEOlYeRCA+lmaV4IvJ78JKHkD49dnjpwJzovj7Hky8Iy20tY
R2pnVTSEIGkYgpPwMlwJRQ4erLSrMev4luHXzwoYh+vI/CyHef0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org