Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CENTROID/PBIZ7FL9sUkEQMZO2F_b0qmwLc8.roa
File:                     PBIZ7FL9sUkEQMZO2F_b0qmwLc8.roa (raw, json)
Hash identifier:          thp6GBI34rizJa5np1bBGBadh6+859ZOf1fM+OqdVkg=
Subject key identifier:   3C:12:19:EC:52:FD:B1:49:04:40:C6:4E:D8:5F:DB:D2:A9:B0:2D:CF
Certificate issuer:       /CN=795A91ED40AAA15B9ABCA21C205B36EC74949FC8
Certificate serial:       0A00
Authority key identifier: 79:5A:91:ED:40:AA:A1:5B:9A:BC:A2:1C:20:5B:36:EC:74:94:9F:C8
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/eVqR7UCqoVuavKIcIFs27HSUn8g.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CENTROID/PBIZ7FL9sUkEQMZO2F_b0qmwLc8.roa
Signing time:             Thu 15 Sep 2022 02:49:19 +0000
ROA not before:           Thu 15 Sep 2022 02:49:19 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     135293
IP address blocks:        103.104.149.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2560 (0xa00)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=795A91ED40AAA15B9ABCA21C205B36EC74949FC8
        Validity
            Not Before: Sep 15 02:49:19 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=3C1219EC52FDB1490440C64ED85FDBD2A9B02DCF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ec:55:f6:3d:8f:0a:fe:31:47:e0:36:56:59:
                    2b:29:5a:fb:e7:15:bf:5e:ed:39:3e:ae:f5:f1:ab:
                    3c:08:32:dc:b5:5c:a3:63:18:c1:6e:13:92:bf:93:
                    db:ed:55:39:d3:52:48:e7:a1:bf:e3:db:da:9f:14:
                    50:ac:18:a2:f2:5a:58:3b:fb:90:6c:4a:a4:b2:e3:
                    f2:44:ea:60:c8:58:80:d6:7c:5c:d9:ad:67:54:cc:
                    d2:92:aa:66:dc:85:6b:58:f6:80:61:ce:2b:36:4f:
                    0c:73:ec:98:76:d0:88:d1:52:a7:03:eb:39:57:b4:
                    fe:ad:5f:56:76:72:96:7a:f4:d5:32:4f:d6:a4:9a:
                    17:85:1b:49:1f:31:b9:bc:2e:2c:26:ce:ef:e5:a5:
                    2c:1c:1e:56:a5:8a:57:76:0f:ee:13:43:e9:73:d5:
                    23:98:51:28:2e:ae:f1:6c:57:cf:fc:ad:bd:09:df:
                    02:b0:83:10:8c:0b:c9:b5:6a:15:4c:03:90:ab:e8:
                    b0:59:31:63:77:e3:1d:b0:cb:28:e0:f3:1c:5e:aa:
                    8d:16:6a:5e:f3:71:d9:f4:83:2f:66:f1:90:d8:ee:
                    75:d0:2d:51:dc:5e:3a:c2:01:22:d5:a2:bb:31:74:
                    3e:33:d5:fb:01:16:09:13:84:e7:49:a8:ca:de:dd:
                    f8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:12:19:EC:52:FD:B1:49:04:40:C6:4E:D8:5F:DB:D2:A9:B0:2D:CF
            X509v3 Authority Key Identifier:
                keyid:79:5A:91:ED:40:AA:A1:5B:9A:BC:A2:1C:20:5B:36:EC:74:94:9F:C8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CENTROID/eVqR7UCqoVuavKIcIFs27HSUn8g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/eVqR7UCqoVuavKIcIFs27HSUn8g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CENTROID/PBIZ7FL9sUkEQMZO2F_b0qmwLc8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.104.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:e2:13:42:62:fa:ad:91:bc:44:93:ee:29:4b:c2:6b:3e:08:
         c8:fe:03:44:67:96:2e:3a:d9:98:99:84:bd:54:5a:56:a8:a6:
         41:fb:32:1e:f4:8e:10:93:0a:1b:8f:ac:2c:b8:27:ef:61:2d:
         8d:fb:a9:2a:70:72:19:61:d7:13:77:4f:dd:51:60:66:f3:62:
         1a:df:f7:17:d5:bb:0f:74:91:d7:cb:c7:b9:af:da:c1:7c:75:
         1f:f1:a5:14:b3:76:a7:b5:07:5f:ad:0b:4b:b0:2e:5d:75:2b:
         a8:6d:e8:cb:72:c0:9d:9d:83:a8:e9:34:3f:0f:97:f7:74:b6:
         64:4b:86:04:7e:d3:d9:0e:de:48:08:9d:6c:87:97:2c:57:b7:
         4e:b8:00:5b:00:37:75:30:fa:23:cc:41:5f:6c:c0:30:60:fd:
         de:78:f1:41:ce:a0:4b:c4:62:ec:db:70:0b:5d:a1:3b:af:54:
         fc:db:1b:36:a6:2c:fc:45:2c:a7:b0:bb:06:90:82:5e:a5:b7:
         bc:4a:e6:f2:f8:e8:e7:59:4e:83:e2:29:e9:35:c0:ac:a4:88:
         8d:c4:22:0b:e4:35:cb:f3:d4:26:65:1a:0b:b9:8e:53:c9:1d:
         bc:85:ad:91:ec:a3:2b:c3:7d:49:3f:58:c0:f3:8f:f8:dd:7e:
         6e:5a:79:a1
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCgAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzk1
QTkxRUQ0MEFBQTE1QjlBQkNBMjFDMjA1QjM2RUM3NDk0OUZDODAeFw0yMjA5MTUw
MjQ5MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNDMTIxOUVDNTJGREIx
NDkwNDQwQzY0RUQ4NUZEQkQyQTlCMDJEQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK7FX2PY8K/jFH4DZWWSspWvvnFb9e7Tk+rvXxqzwIMty1XKNj
GMFuE5K/k9vtVTnTUkjnob/j29qfFFCsGKLyWlg7+5BsSqSy4/JE6mDIWIDWfFzZ
rWdUzNKSqmbchWtY9oBhzis2Twxz7Jh20IjRUqcD6zlXtP6tX1Z2cpZ69NUyT9ak
mheFG0kfMbm8Liwmzu/lpSwcHlalild2D+4TQ+lz1SOYUSgurvFsV8/8rb0J3wKw
gxCMC8m1ahVMA5Cr6LBZMWN34x2wyyjg8xxeqo0Wal7zcdn0gy9m8ZDY7nXQLVHc
XjrCASLVorsxdD4z1fsBFgkThOdJqMre3fg/AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUPBIZ7FL9sUkEQMZO2F/b0qmwLc8wHwYDVR0jBBgwFoAUeVqR7UCqoVuavKIc
IFs27HSUn8gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0VOVFJP
SUQvZVZxUjdVQ3FvVnVhdktJY0lGczI3SFNVbjhnLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9lVnFSN1VDcW9WdWF2S0ljSUZzMjdIU1VuOGcuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DRU5UUk9JRC9QQklaN0ZMOXNVa0VR
TVpPMkZfYjBxbXdMYzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ2iVMA0GCSqGSIb3DQEBCwUAA4IBAQAP4hNCYvqtkbxEk+4pS8JrPgjI/gNE
Z5YuOtmYmYS9VFpWqKZB+zIe9I4Qkwobj6wsuCfvYS2N+6kqcHIZYdcTd0/dUWBm
82Ia3/cX1bsPdJHXy8e5r9rBfHUf8aUUs3antQdfrQtLsC5ddSuobejLcsCdnYOo
6TQ/D5f3dLZkS4YEftPZDt5ICJ1sh5csV7dOuABbADd1MPojzEFfbMAwYP3eePFB
zqBLxGLs23ALXaE7r1T82xs2piz8RSynsLsGkIJepbe8Suby+OjnWU6D4inpNcCs
pIiNxCIL5DXL89QmZRoLuY5TyR28ha2R7KMrw31JP1jA84/43X5uWnmh
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org