Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ASNET/nL87tgwDMIc4rgZCOsHd9_ctCaM.roa
File:                     nL87tgwDMIc4rgZCOsHd9_ctCaM.roa (raw, json)
Hash identifier:          77YPiFjPuc1Dau/o/2myrX4xHi9kW97HK+SQasT8wo0=
Subject key identifier:   9C:BF:3B:B6:0C:03:30:87:38:AE:06:42:3A:C1:DD:F7:F7:2D:09:A3
Certificate issuer:       /CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
Certificate serial:       094A
Authority key identifier: 70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/nL87tgwDMIc4rgZCOsHd9_ctCaM.roa
Signing time:             Wed 29 Sep 2021 02:50:34 +0000
ROA not before:           Wed 29 Sep 2021 02:50:34 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9264
IP address blocks:        103.130.252.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2378 (0x94a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
        Validity
            Not Before: Sep 29 02:50:34 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=9CBF3BB60C03308738AE06423AC1DDF7F72D09A3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:4a:54:9e:df:29:4c:61:24:68:f8:0e:87:3e:
                    af:cc:10:03:a2:a1:e4:db:d7:1b:79:e5:a2:f2:ea:
                    aa:3d:83:b5:fd:b9:8d:b1:a7:89:63:58:6d:d1:5e:
                    63:5e:b9:73:a6:e2:b8:b6:64:c5:84:ac:7b:48:07:
                    dc:76:a9:51:83:b7:18:4f:21:08:50:12:fc:1c:32:
                    a4:1c:77:69:a2:27:78:14:85:b2:4c:5f:9d:54:bf:
                    ff:47:7a:dd:0d:6e:65:55:d1:d8:b1:aa:74:94:23:
                    7e:02:3c:f2:1a:61:cf:dd:a6:23:53:8b:14:51:61:
                    e7:c9:14:b2:9b:52:0a:58:60:e9:1f:4e:00:b8:89:
                    5e:ca:d3:ef:2a:b9:f6:54:47:52:c5:35:db:ec:b6:
                    63:06:dd:9a:9a:35:9b:c3:fb:5a:42:f2:5f:18:32:
                    a7:12:d7:04:54:67:98:03:31:e6:68:b6:18:6f:c0:
                    09:c4:f9:77:ec:61:44:83:c5:7c:a7:35:04:45:80:
                    0f:af:a5:d5:3f:77:05:6b:51:e4:5d:8d:56:b1:59:
                    85:04:5e:ce:16:5f:8a:a2:13:80:68:c0:54:91:1a:
                    d4:c4:bf:5f:49:97:c1:d4:1a:7e:e9:99:4a:ff:c7:
                    cc:5d:fe:ae:71:07:98:4b:12:b1:df:19:a9:54:78:
                    31:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:BF:3B:B6:0C:03:30:87:38:AE:06:42:3A:C1:DD:F7:F7:2D:09:A3
            X509v3 Authority Key Identifier:
                keyid:70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/cJhPAIyij2R120JjU7_RxDPYvBo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/nL87tgwDMIc4rgZCOsHd9_ctCaM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         97:b2:3d:f7:28:a8:e0:d4:11:72:a8:6d:e5:85:26:12:e8:c9:
         63:ac:3b:e8:3d:e7:35:26:44:f2:08:4d:c9:55:77:66:56:84:
         cd:af:9f:37:c8:5d:93:09:d6:24:6f:42:88:0e:dd:9f:69:41:
         a1:fb:c5:97:cd:48:e1:17:5e:eb:0c:86:88:e1:ef:64:54:38:
         6c:a8:3f:dc:ba:00:56:f9:f9:2f:49:b8:0c:50:2f:b5:57:fe:
         50:1e:87:62:08:5c:55:46:5a:a9:4c:27:0b:2d:a5:fb:45:12:
         f7:5c:b1:87:9c:8c:a6:68:99:4f:56:4d:0a:00:8b:f9:1b:fb:
         35:e0:fa:4e:c5:23:b6:7b:52:df:2e:75:ec:19:eb:03:89:7f:
         b5:37:56:50:fa:9b:dd:3d:ed:34:f5:e9:cb:c5:ea:f2:38:af:
         57:ff:09:94:5f:97:6d:13:7b:08:4e:06:ca:0d:03:f5:db:b0:
         5a:4e:a6:53:89:8f:14:85:ab:2c:29:7a:bd:0a:c0:ff:80:62:
         bc:84:7f:d7:5c:bd:18:93:c2:c3:a9:52:8a:a6:5e:30:b2:ed:
         d0:11:08:d1:b4:84:ac:79:fa:aa:6c:a3:92:90:03:07:ef:6a:
         07:19:52:4b:93:dd:cb:a4:3d:31:a8:a1:6b:bf:81:81:8c:51:
         31:60:bd:3b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCUowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA5
ODRGMDA4Q0EyOEY2NDc1REI0MjYzNTNCRkQxQzQzM0Q4QkMxQTAeFw0yMTA5Mjkw
MjUwMzRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlDQkYzQkI2MEMwMzMw
ODczOEFFMDY0MjNBQzFEREY3RjcyRDA5QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYSlSe3ylMYSRo+A6HPq/MEAOioeTb1xt55aLy6qo9g7X9uY2x
p4ljWG3RXmNeuXOm4ri2ZMWErHtIB9x2qVGDtxhPIQhQEvwcMqQcd2miJ3gUhbJM
X51Uv/9Het0NbmVV0dixqnSUI34CPPIaYc/dpiNTixRRYefJFLKbUgpYYOkfTgC4
iV7K0+8qufZUR1LFNdvstmMG3ZqaNZvD+1pC8l8YMqcS1wRUZ5gDMeZothhvwAnE
+XfsYUSDxXynNQRFgA+vpdU/dwVrUeRdjVaxWYUEXs4WX4qiE4BowFSRGtTEv19J
l8HUGn7pmUr/x8xd/q5xB5hLErHfGalUeDELAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUnL87tgwDMIc4rgZCOsHd9/ctCaMwHwYDVR0jBBgwFoAUcJhPAIyij2R120Jj
U7/RxDPYvBowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVNORVQv
Y0poUEFJeWlqMlIxMjBKalU3X1J4RFBZdkJvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9jSmhQQUl5aWoyUjEyMEpqVTdfUnhEUFl2Qm8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BU05FVC9uTDg3dGd3RE1JYzRyZ1pDT3NI
ZDlfY3RDYU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ4L8
MA0GCSqGSIb3DQEBCwUAA4IBAQCXsj33KKjg1BFyqG3lhSYS6MljrDvoPec1JkTy
CE3JVXdmVoTNr583yF2TCdYkb0KIDt2faUGh+8WXzUjhF17rDIaI4e9kVDhsqD/c
ugBW+fkvSbgMUC+1V/5QHodiCFxVRlqpTCcLLaX7RRL3XLGHnIymaJlPVk0KAIv5
G/s14PpOxSO2e1LfLnXsGesDiX+1N1ZQ+pvdPe009enLxeryOK9X/wmUX5dtE3sI
TgbKDQP127BaTqZTiY8UhassKXq9CsD/gGK8hH/XXL0Yk8LDqVKKpl4wsu3QEQjR
tISsefqqbKOSkAMH72oHGVJLk93LpD0xqKFrv4GBjFExYL07
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org