Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/OhFHh8Jt-qoBm4LriILetULo8r4.roa
File:                     OhFHh8Jt-qoBm4LriILetULo8r4.roa (raw, json)
Hash identifier:          rML7zLlHpimhTYK2KwqL5+whO/aYH8TODLO69X/2pVQ=
Subject key identifier:   3A:11:47:87:C2:6D:FA:AA:01:9B:82:EB:88:82:DE:B5:42:E8:F2:BE
Certificate issuer:       /CN=A5A6AC38EE68C364CF79188F06427E9C766D4C1A
Certificate serial:       05
Authority key identifier: A5:A6:AC:38:EE:68:C3:64:CF:79:18:8F:06:42:7E:9C:76:6D:4C:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/paasOO5ow2TPeRiPBkJ-nHZtTBo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/OhFHh8Jt-qoBm4LriILetULo8r4.roa
Signing time:             Fri 09 Dec 2022 02:36:05 +0000
ROA not before:           Fri 09 Dec 2022 02:36:05 +0000
ROA not after:            Tue 05 Dec 2023 15:30:09 +0000
asID:                     134823
IP address blocks:        103.51.90.0/23 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5A6AC38EE68C364CF79188F06427E9C766D4C1A
        Validity
            Not Before: Dec  9 02:36:05 2022 GMT
            Not After : Dec  5 15:30:09 2023 GMT
        Subject: CN=3A114787C26DFAAA019B82EB8882DEB542E8F2BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:fd:07:b8:9a:21:8a:12:d9:78:77:ec:d5:0b:
                    83:85:8d:0a:b0:7f:00:cc:98:5e:03:86:ab:de:b4:
                    c1:3b:46:76:41:3b:e7:db:40:16:39:5f:b0:79:da:
                    5a:0b:d4:dc:df:41:e7:f9:08:35:b0:d2:19:5c:fd:
                    eb:dc:56:0a:37:b6:3b:26:64:1c:48:75:49:7c:57:
                    e7:25:38:c8:e4:c8:a5:38:f9:ba:21:6f:c0:54:96:
                    43:56:12:c8:5a:04:a4:d9:d9:a5:c2:2a:18:24:00:
                    91:e7:39:07:88:07:a2:15:a2:ad:3e:08:2c:53:0f:
                    b9:df:bd:70:76:ef:a7:c5:d8:3e:7a:74:71:45:ce:
                    58:e7:68:de:3b:39:b9:0d:4d:e5:7a:e6:36:55:02:
                    7b:e0:fd:6f:1d:ef:67:4c:32:09:2b:0e:e8:e5:d5:
                    6c:7f:64:39:d9:d0:7a:cd:63:f7:b4:bd:51:26:12:
                    75:13:56:df:23:0d:51:a5:fa:b3:8c:40:50:aa:79:
                    68:e8:8f:8b:5b:70:71:d1:b8:fe:67:f2:83:98:1f:
                    0a:80:08:62:2e:76:12:2b:da:28:88:d8:11:b7:f9:
                    91:d5:bf:b6:28:1b:85:e1:e6:8c:47:82:c6:8b:21:
                    a7:1b:bb:6a:3b:af:29:14:81:3c:58:ad:26:f9:7a:
                    a5:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:11:47:87:C2:6D:FA:AA:01:9B:82:EB:88:82:DE:B5:42:E8:F2:BE
            X509v3 Authority Key Identifier:
                keyid:A5:A6:AC:38:EE:68:C3:64:CF:79:18:8F:06:42:7E:9C:76:6D:4C:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/paasOO5ow2TPeRiPBkJ-nHZtTBo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/OhFHh8Jt-qoBm4LriILetULo8r4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.51.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:1e:85:da:69:ad:ee:72:d1:89:fc:ae:db:87:e8:25:27:d9:
         f5:38:8f:ac:b8:84:e5:d2:c0:a8:e6:10:b3:53:f4:19:51:1f:
         f6:2c:ef:d2:be:3a:f0:04:b5:45:0d:29:85:37:db:22:a9:c0:
         a1:2a:cf:3d:01:58:11:4f:6a:7c:1b:f9:61:cb:9d:c2:e8:f3:
         7a:6f:78:75:22:a6:8d:ad:0e:bb:91:3f:35:c1:df:92:b6:b2:
         6c:30:77:c5:3f:f9:40:7e:2e:91:59:6e:63:e9:61:82:44:8c:
         99:ea:9e:96:6e:1d:9d:a2:37:3b:42:15:90:66:20:cc:9b:3e:
         78:e7:e3:34:ce:65:de:3f:c6:d0:b2:cd:91:c0:a9:76:d2:c0:
         86:34:c9:7e:9c:c2:7b:c8:f1:9d:89:91:f1:a2:fc:ef:b5:63:
         e8:89:60:4a:80:c7:a1:4e:6d:e4:4f:99:46:aa:25:91:f7:08:
         ad:b1:de:eb:3b:42:00:26:52:da:b2:c9:d1:fe:7e:fa:06:95:
         4f:99:1d:84:49:ba:2c:0e:7c:83:b1:01:84:06:02:10:5f:70:
         4f:b7:49:ba:32:40:12:2a:f6:2f:fb:91:7d:fa:3a:8b:bc:65:
         0d:d1:51:a1:dc:2d:e5:71:40:80:ca:91:b0:02:0a:01:f0:75:
         7f:25:26:91
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBNUE2
QUMzOEVFNjhDMzY0Q0Y3OTE4OEYwNjQyN0U5Qzc2NkQ0QzFBMB4XDTIyMTIwOTAy
MzYwNVoXDTIzMTIwNTE1MzAwOVowMzExMC8GA1UEAxMoM0ExMTQ3ODdDMjZERkFB
QTAxOUI4MkVCODg4MkRFQjU0MkU4RjJCRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPT9B7iaIYoS2Xh37NULg4WNCrB/AMyYXgOGq960wTtGdkE759tA
FjlfsHnaWgvU3N9B5/kINbDSGVz969xWCje2OyZkHEh1SXxX5yU4yOTIpTj5uiFv
wFSWQ1YSyFoEpNnZpcIqGCQAkec5B4gHohWirT4ILFMPud+9cHbvp8XYPnp0cUXO
WOdo3js5uQ1N5XrmNlUCe+D9bx3vZ0wyCSsO6OXVbH9kOdnQes1j97S9USYSdRNW
3yMNUaX6s4xAUKp5aOiPi1twcdG4/mfyg5gfCoAIYi52EivaKIjYEbf5kdW/tigb
heHmjEeCxoshpxu7ajuvKRSBPFitJvl6pVMCAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBQ6EUeHwm36qgGbguuIgt61QujyvjAfBgNVHSMEGDAWgBSlpqw47mjDZM95GI8G
Qn6cdm1MGjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GA1UdHwRYMFYwVKBS
oFCGTnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9CUklDS1NJ
TkMvcGFhc09PNW93MlRQZVJpUEJrSi1uSFp0VEJvLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9wYWFzT081b3cyVFBlUmlQQmtKLW5IWnRUQm8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnwYIKwYBBQUHAQsEgZIwgY8wWgYIKwYBBQUHMAuGTnJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9CUklDS1NJTkMvT2hGSGg4SnQtcW9C
bTRMcmlJTGV0VUxvOHI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3
bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWczWjANBgkqhkiG9w0BAQsFAAOCAQEAIR6F2mmt7nLRifyu24foJSfZ9TiP
rLiE5dLAqOYQs1P0GVEf9izv0r468AS1RQ0phTfbIqnAoSrPPQFYEU9qfBv5Ycud
wujzem94dSKmja0Ou5E/NcHfkraybDB3xT/5QH4ukVluY+lhgkSMmeqelm4dnaI3
O0IVkGYgzJs+eOfjNM5l3j/G0LLNkcCpdtLAhjTJfpzCe8jxnYmR8aL877Vj6Ilg
SoDHoU5t5E+ZRqolkfcIrbHe6ztCACZS2rLJ0f5++gaVT5kdhEm6LA58g7EBhAYC
EF9wT7dJujJAEir2L/uRffo6i7xlDdFRodwt5XFAgMqRsAIKAfB1fyUmkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org