Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/OoY4p6edqEr8NVbykE7k-bI2gcc.roa
File:                     OoY4p6edqEr8NVbykE7k-bI2gcc.roa (raw, json)
Hash identifier:          YKXsepVqMwe0b1/LIsH2q1FdONwdYfYNiV8yYsL+XjQ=
Subject key identifier:   3A:86:38:A7:A7:9D:A8:4A:FC:35:56:F2:90:4E:E4:F9:B2:36:81:C7
Certificate issuer:       /CN=EB7F4A8B7B210DB9208ED580357045E5971DE0D3
Certificate serial:       01A3
Authority key identifier: EB:7F:4A:8B:7B:21:0D:B9:20:8E:D5:80:35:70:45:E5:97:1D:E0:D3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/OoY4p6edqEr8NVbykE7k-bI2gcc.roa
Signing time:             Thu 15 Sep 2022 02:49:05 +0000
ROA not before:           Thu 15 Sep 2022 02:49:05 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131618
IP address blocks:        103.161.6.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 419 (0x1a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB7F4A8B7B210DB9208ED580357045E5971DE0D3
        Validity
            Not Before: Sep 15 02:49:05 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=3A8638A7A79DA84AFC3556F2904EE4F9B23681C7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:8c:37:2d:50:de:30:d3:8b:7d:6a:ed:19:60:
                    a2:18:8e:35:32:6c:4d:b9:85:d5:2c:9c:fb:3f:3a:
                    a7:73:8f:be:35:8d:62:2a:2b:17:c4:d6:e3:6a:58:
                    f1:44:7d:35:de:b6:96:92:60:99:7a:1e:60:ff:fa:
                    74:2f:1f:de:19:47:17:a5:ae:c9:47:25:e4:b8:14:
                    05:b6:c0:b2:56:6d:03:11:29:2e:5e:d0:55:05:d5:
                    3d:bf:f8:a8:31:08:e6:4a:8a:56:14:33:6f:66:9d:
                    37:54:2a:15:06:d8:3a:e8:00:90:ce:7d:a2:d1:c7:
                    a9:98:34:98:0b:01:30:b5:72:68:ea:4a:fb:59:18:
                    c0:e3:c8:3b:89:30:79:40:eb:b6:89:f2:1d:b0:a1:
                    ef:7c:9f:91:56:5f:32:db:72:c5:40:5e:62:f4:81:
                    0f:76:b0:c2:2f:6c:2f:8a:e4:b1:86:29:e3:af:80:
                    66:23:ad:29:92:d6:03:58:b7:55:e1:af:9b:ca:71:
                    c3:f4:36:95:5f:2d:14:23:dd:b9:18:24:d1:9c:2c:
                    36:f3:54:92:f5:37:db:f1:43:41:4d:74:5d:ec:f5:
                    42:ed:f7:a7:77:08:a7:eb:ae:93:69:ff:64:f2:97:
                    12:97:cb:55:6e:b1:43:ef:6e:05:5e:ee:62:80:4d:
                    55:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:86:38:A7:A7:9D:A8:4A:FC:35:56:F2:90:4E:E4:F9:B2:36:81:C7
            X509v3 Authority Key Identifier:
                keyid:EB:7F:4A:8B:7B:21:0D:B9:20:8E:D5:80:35:70:45:E5:97:1D:E0:D3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/OoY4p6edqEr8NVbykE7k-bI2gcc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.161.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0a:69:40:2f:fb:5e:cb:21:f9:f6:d0:7b:82:93:b3:36:89:78:
         fc:36:ff:fd:12:3e:b7:83:c5:6f:f1:91:eb:06:f8:f0:b2:6e:
         56:55:be:6b:f8:4e:0e:70:53:23:0d:f8:22:f6:98:4c:da:95:
         34:32:cd:e0:eb:22:c6:ff:b3:81:2b:fb:66:b4:91:fe:8d:d6:
         02:c5:bb:9d:f0:c4:68:02:ad:a8:5c:98:c6:e1:63:4d:3b:3f:
         d0:2b:b3:d6:9e:3b:c7:41:4f:33:f7:b5:38:63:31:f6:50:7e:
         6d:69:83:24:73:b0:b0:0d:f4:d7:44:09:2e:80:f4:90:75:6a:
         eb:a6:36:9c:ac:e8:d4:2f:17:59:a2:9e:ef:56:78:c8:3c:ea:
         50:60:6a:f8:89:7b:0e:75:0f:c3:44:23:a4:c9:2a:1f:59:ce:
         d7:d7:49:80:67:e9:cc:cf:93:52:b9:20:ba:aa:d5:a7:60:36:
         29:75:6b:58:c2:62:fa:96:4e:7e:b9:8d:6d:8a:36:57:c1:c1:
         a4:52:a8:3a:29:a7:13:88:ff:d2:b2:6b:0c:ba:fa:44:5c:ed:
         30:0c:67:79:1c:b1:e5:9b:04:49:70:0b:e8:54:e1:63:e0:56:
         35:21:e2:a9:36:17:82:d1:69:96:18:95:39:6f:31:93:ac:f6:
         83:a5:22:30
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICAaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI3
RjRBOEI3QjIxMERCOTIwOEVENTgwMzU3MDQ1RTU5NzFERTBEMzAeFw0yMjA5MTUw
MjQ5MDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNBODYzOEE3QTc5REE4
NEFGQzM1NTZGMjkwNEVFNEY5QjIzNjgxQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWjDctUN4w04t9au0ZYKIYjjUybE25hdUsnPs/Oqdzj741jWIq
KxfE1uNqWPFEfTXetpaSYJl6HmD/+nQvH94ZRxelrslHJeS4FAW2wLJWbQMRKS5e
0FUF1T2/+KgxCOZKilYUM29mnTdUKhUG2DroAJDOfaLRx6mYNJgLATC1cmjqSvtZ
GMDjyDuJMHlA67aJ8h2woe98n5FWXzLbcsVAXmL0gQ92sMIvbC+K5LGGKeOvgGYj
rSmS1gNYt1Xhr5vKccP0NpVfLRQj3bkYJNGcLDbzVJL1N9vxQ0FNdF3s9ULt96d3
CKfrrpNp/2TylxKXy1VusUPvbgVe7mKATVXLAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUOoY4p6edqEr8NVbykE7k+bI2gccwHwYDVR0jBBgwFoAU639Ki3shDbkgjtWA
NXBF5Zcd4NMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FSTFdB
VENILzYzOUtpM3NoRGJrZ2p0V0FOWEJGNVpjZDROTS5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvNjM5S2kzc2hEYmtnanRXQU5YQkY1WmNkNE5NLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FSTFdBVENIL09vWTRwNmVkcUVy
OE5WYnlrRTdrLWJJMmdjYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFnoQYwDQYJKoZIhvcNAQELBQADggEBAAppQC/7Xssh+fbQe4KTszaJePw2
//0SPreDxW/xkesG+PCyblZVvmv4Tg5wUyMN+CL2mEzalTQyzeDrIsb/s4Er+2a0
kf6N1gLFu53wxGgCrahcmMbhY007P9Ars9aeO8dBTzP3tThjMfZQfm1pgyRzsLAN
9NdECS6A9JB1auumNpys6NQvF1minu9WeMg86lBgaviJew51D8NEI6TJKh9ZztfX
SYBn6czPk1K5ILqq1adgNil1a1jCYvqWTn65jW2KNlfBwaRSqDoppxOI/9Kyawy6
+kRc7TAMZ3kcseWbBElwC+hU4WPgVjUh4qk2F4LRaZYYlTlvMZOs9oOlIjA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org