Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/4DuPAcvAl0PSmAqVPj9qTal94Ok.roa
File:                     4DuPAcvAl0PSmAqVPj9qTal94Ok.roa (raw, json)
Hash identifier:          Sqx8fVbE7EUd4zDj3e/wbPRl6ldBSDwBlXRS5ka/90Q=
Subject key identifier:   E0:3B:8F:01:CB:C0:97:43:D2:98:0A:95:3E:3F:6A:4D:A9:7D:E0:E9
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0AFC
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/4DuPAcvAl0PSmAqVPj9qTal94Ok.roa
Signing time:             Sun 07 Feb 2021 12:59:30 +0000
ROA not before:           Sun 07 Feb 2021 12:59:30 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38851
IP address blocks:        103.5.100.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2812 (0xafc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Feb  7 12:59:30 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E03B8F01CBC09743D2980A953E3F6A4DA97DE0E9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:77:84:d7:15:0c:c9:80:fb:ec:ca:fc:e1:b2:
                    46:dc:81:25:0c:25:4c:a2:04:1f:47:ee:75:c0:f2:
                    ba:32:83:66:69:d2:e2:84:b6:e7:93:a0:76:4b:7a:
                    fb:2c:53:37:1f:8e:07:18:91:67:c8:08:cd:09:c1:
                    71:74:f2:06:71:12:34:1d:5a:8a:b2:16:0e:6c:b3:
                    b0:32:67:5a:f2:79:11:dd:ce:4e:55:4b:a3:53:44:
                    d5:59:8b:a0:84:fc:1b:b5:54:09:13:5e:3b:c8:4f:
                    e4:70:71:b4:4b:b5:0e:c3:17:eb:a9:14:a5:0f:5c:
                    bf:5d:06:29:fe:97:cf:d9:9a:e8:9d:c6:7d:b1:9d:
                    85:01:1b:28:b2:af:04:61:1e:3a:42:e0:74:13:1d:
                    0b:fa:a3:ee:da:10:ed:c9:9a:79:36:0a:af:16:a1:
                    51:15:2c:28:44:8a:80:18:84:fb:a6:61:87:bc:64:
                    c1:c9:67:8a:52:b1:13:0c:38:61:f6:27:f9:1f:9d:
                    a8:de:03:fd:af:63:46:c9:c1:f6:15:9d:96:5c:83:
                    d0:48:63:38:a0:1a:f6:6e:65:2b:cf:c0:df:54:c0:
                    cb:66:a2:a8:ae:96:53:61:e3:94:07:dc:d0:ba:27:
                    49:53:20:d4:50:8b:2c:3d:54:70:0d:b1:f6:e5:c9:
                    ab:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:3B:8F:01:CB:C0:97:43:D2:98:0A:95:3E:3F:6A:4D:A9:7D:E0:E9
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/4DuPAcvAl0PSmAqVPj9qTal94Ok.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.5.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         af:1a:bf:32:75:43:19:f4:cb:ed:a0:49:d8:8f:91:59:dd:09:
         94:58:bc:16:7d:e8:a8:c6:74:a3:6e:82:91:c8:7a:d6:9c:bc:
         f8:21:9a:6a:d8:90:36:f3:00:c0:22:0f:91:64:2c:70:0b:3e:
         91:e4:13:cd:dc:61:55:42:5f:55:f4:f6:2f:33:94:35:c7:a8:
         c8:cf:53:b5:12:c3:91:39:88:88:b1:71:bd:a8:92:50:8d:86:
         06:d1:91:45:db:e0:4a:71:1e:38:56:0b:11:97:61:11:0b:95:
         99:83:4f:5a:82:91:91:a1:ff:74:d8:c7:3c:c5:dd:6e:78:f4:
         dd:2d:62:a8:4b:ee:6e:b4:6e:78:fd:8e:a3:7b:dc:14:5f:02:
         4f:0a:ca:37:4c:19:44:20:a8:6f:67:17:96:35:35:be:ac:d3:
         c7:3f:03:7c:3d:01:76:f0:8b:74:d8:b4:74:07:3b:a6:9d:9f:
         92:4e:70:55:f8:d0:fa:aa:aa:71:5c:53:6e:35:6a:e5:0d:57:
         e4:fc:35:c7:e9:61:bb:5a:b2:34:6c:d2:37:32:2e:87:b8:1a:
         ac:c1:42:63:fc:61:5f:e2:72:a4:a7:78:5f:93:82:6d:b8:03:
         80:9e:58:da:24:4b:89:fd:37:a4:6c:81:1f:c4:55:a7:9b:c0:
         51:a1:d8:d9
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCvwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTAyMDcx
MjU5MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEUwM0I4RjAxQ0JDMDk3
NDNEMjk4MEE5NTNFM0Y2QTREQTk3REUwRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsd4TXFQzJgPvsyvzhskbcgSUMJUyiBB9H7nXA8royg2Zp0uKE
tueToHZLevssUzcfjgcYkWfICM0JwXF08gZxEjQdWoqyFg5ss7AyZ1ryeRHdzk5V
S6NTRNVZi6CE/Bu1VAkTXjvIT+RwcbRLtQ7DF+upFKUPXL9dBin+l8/Zmuidxn2x
nYUBGyiyrwRhHjpC4HQTHQv6o+7aEO3Jmnk2Cq8WoVEVLChEioAYhPumYYe8ZMHJ
Z4pSsRMMOGH2J/kfnajeA/2vY0bJwfYVnZZcg9BIYzigGvZuZSvPwN9UwMtmoqiu
llNh45QH3NC6J0lTINRQiyw9VHANsfblyasVAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU4DuPAcvAl0PSmAqVPj9qTal94OkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy80RHVQQWN2QWwwUFNt
QXFWUGo5cVRhbDk0T2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZwVkMA0GCSqGSIb3DQEBCwUAA4IBAQCvGr8ydUMZ9MvtoEnYj5FZ3QmUWLwW
feioxnSjboKRyHrWnLz4IZpq2JA28wDAIg+RZCxwCz6R5BPN3GFVQl9V9PYvM5Q1
x6jIz1O1EsOROYiIsXG9qJJQjYYG0ZFF2+BKcR44VgsRl2ERC5WZg09agpGRof90
2Mc8xd1uePTdLWKoS+5utG54/Y6je9wUXwJPCso3TBlEIKhvZxeWNTW+rNPHPwN8
PQF28It02LR0BzumnZ+STnBV+ND6qqpxXFNuNWrlDVfk/DXH6WG7WrI0bNI3Mi6H
uBqswUJj/GFf4nKkp3hfk4JtuAOAnljaJEuJ/TekbIEfxFWnm8BRodjZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org