Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ASNET/kjKHZJEg-xwg5uk06r2rk_IPXic.roa
File:                     kjKHZJEg-xwg5uk06r2rk_IPXic.roa (raw, json)
Hash identifier:          zCw8DvcPsOPPYJLjI+KOwBQKdf6gto3kyDaoVNXHTUA=
Subject key identifier:   92:32:87:64:91:20:FB:1C:20:E6:E9:34:EA:BD:AB:93:F2:0F:5E:27
Certificate issuer:       /CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
Certificate serial:       08A9
Authority key identifier: 70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/kjKHZJEg-xwg5uk06r2rk_IPXic.roa
Signing time:             Mon 08 Feb 2021 02:55:02 +0000
ROA not before:           Mon 08 Feb 2021 02:55:02 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9264
IP address blocks:        103.130.252.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2217 (0x8a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
        Validity
            Not Before: Feb  8 02:55:02 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=923287649120FB1C20E6E934EABDAB93F20F5E27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fb:43:66:f2:87:b0:d7:ef:88:6e:84:3e:ec:
                    61:f1:d9:ee:7e:6e:61:fa:25:c2:88:49:a5:19:77:
                    5e:56:3c:9f:00:5c:f5:a9:94:12:65:84:55:05:4a:
                    48:d2:85:30:5a:ea:7b:ee:be:f8:c0:51:62:25:36:
                    6d:84:f2:32:cc:cd:31:85:50:f5:86:68:1a:a6:2e:
                    f8:b5:e2:2f:b8:07:86:88:d7:e8:cf:de:d8:d1:0e:
                    25:72:a1:7e:ef:d2:99:1a:d3:87:6f:ee:eb:aa:1f:
                    a6:1d:a7:c9:6a:54:63:3f:c6:3a:dd:4e:ff:eb:7f:
                    dc:e8:b1:16:81:aa:c9:6f:75:d1:71:cf:25:ca:45:
                    4f:e1:93:bf:d7:05:ef:d5:1a:b9:15:35:af:83:57:
                    a8:8c:ca:d9:67:0d:a0:6a:35:39:9c:96:21:f0:68:
                    1f:ac:f2:3d:35:4c:ed:10:aa:b1:35:b4:b1:f9:f8:
                    ad:7a:99:a6:f3:44:63:0c:e9:ef:f2:0e:46:b9:b5:
                    85:b7:5e:e3:2d:7c:88:95:40:0c:84:85:3e:bd:7f:
                    c1:b3:b6:a3:21:cf:49:65:b9:e6:7e:37:95:72:4b:
                    dd:e8:a9:b1:04:96:3a:81:85:20:9b:4a:3a:8e:be:
                    16:38:0d:c9:c4:6c:9b:62:bb:03:72:74:52:21:4a:
                    bb:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:32:87:64:91:20:FB:1C:20:E6:E9:34:EA:BD:AB:93:F2:0F:5E:27
            X509v3 Authority Key Identifier:
                keyid:70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/cJhPAIyij2R120JjU7_RxDPYvBo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/kjKHZJEg-xwg5uk06r2rk_IPXic.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         96:ee:0c:7c:4d:70:4f:ea:9d:49:47:8d:59:d3:fa:1a:4c:11:
         aa:ab:ce:c7:a9:6c:0c:10:22:19:d1:92:fe:7d:95:12:24:22:
         bc:91:17:68:16:09:2a:69:6d:2e:81:d5:69:0e:ef:aa:e8:97:
         5b:4a:63:84:39:8f:ef:53:b8:23:a6:c7:04:64:d0:f8:51:47:
         f7:6f:3c:40:00:6e:c9:de:ab:1f:2b:e4:e9:35:b0:c2:9a:70:
         9f:6a:b4:01:74:2c:31:a4:79:db:c5:e1:aa:fa:c5:bc:78:8b:
         bf:81:00:0c:e9:25:3b:f8:4f:5d:03:09:c6:d0:2e:8a:0c:ac:
         3f:b2:72:5b:b1:b9:e3:25:ea:f4:d2:ba:d0:95:35:02:c8:86:
         92:1e:cd:3b:86:39:2d:42:8a:7d:6a:39:f3:b9:e8:62:84:f9:
         06:db:08:9d:23:21:1a:6e:ce:21:44:16:82:09:14:d1:2c:52:
         9b:37:9a:b2:d7:8b:1e:6f:a1:17:97:e2:a1:24:59:69:f7:07:
         90:d8:60:27:a8:9f:7e:33:13:4b:10:51:94:e3:c3:4b:63:e1:
         3b:62:fd:af:95:9b:27:f1:64:1b:27:36:2d:cd:74:1b:2a:29:
         da:e9:3c:6d:01:e1:07:64:75:84:27:87:bc:f2:36:23:b7:ec:
         f3:88:fe:41
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA5
ODRGMDA4Q0EyOEY2NDc1REI0MjYzNTNCRkQxQzQzM0Q4QkMxQTAeFw0yMTAyMDgw
MjU1MDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDkyMzI4NzY0OTEyMEZC
MUMyMEU2RTkzNEVBQkRBQjkzRjIwRjVFMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI+0Nm8oew1++IboQ+7GHx2e5+bmH6JcKISaUZd15WPJ8AXPWp
lBJlhFUFSkjShTBa6nvuvvjAUWIlNm2E8jLMzTGFUPWGaBqmLvi14i+4B4aI1+jP
3tjRDiVyoX7v0pka04dv7uuqH6Ydp8lqVGM/xjrdTv/rf9zosRaBqslvddFxzyXK
RU/hk7/XBe/VGrkVNa+DV6iMytlnDaBqNTmcliHwaB+s8j01TO0QqrE1tLH5+K16
mabzRGMM6e/yDka5tYW3XuMtfIiVQAyEhT69f8GztqMhz0llueZ+N5VyS93oqbEE
ljqBhSCbSjqOvhY4DcnEbJtiuwNydFIhSrupAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUkjKHZJEg+xwg5uk06r2rk/IPXicwHwYDVR0jBBgwFoAUcJhPAIyij2R120Jj
U7/RxDPYvBowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVNORVQv
Y0poUEFJeWlqMlIxMjBKalU3X1J4RFBZdkJvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9jSmhQQUl5aWoyUjEyMEpqVTdfUnhEUFl2Qm8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BU05FVC9raktIWkpFZy14d2c1dWswNnIy
cmtfSVBYaWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ4L8
MA0GCSqGSIb3DQEBCwUAA4IBAQCW7gx8TXBP6p1JR41Z0/oaTBGqq87HqWwMECIZ
0ZL+fZUSJCK8kRdoFgkqaW0ugdVpDu+q6JdbSmOEOY/vU7gjpscEZND4UUf3bzxA
AG7J3qsfK+TpNbDCmnCfarQBdCwxpHnbxeGq+sW8eIu/gQAM6SU7+E9dAwnG0C6K
DKw/snJbsbnjJer00rrQlTUCyIaSHs07hjktQop9ajnzuehihPkG2widIyEabs4h
RBaCCRTRLFKbN5qy14seb6EXl+KhJFlp9weQ2GAnqJ9+MxNLEFGU48NLY+E7Yv2v
lZsn8WQbJzYtzXQbKina6TxtAeEHZHWEJ4e88jYjt+zziP5B
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org