Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CWTW/yQLH40YBnf6pBpD0Xpdwn7wABqY.roa
File:                     yQLH40YBnf6pBpD0Xpdwn7wABqY.roa (raw, json)
Hash identifier:          VcTkrMiV/nCH52fArn6bMB8QgwJt5pz8aqeLUGUurWA=
Subject key identifier:   C9:02:C7:E3:46:01:9D:FE:A9:06:90:F4:5E:97:70:9F:BC:00:06:A6
Certificate issuer:       /CN=996D67023ED27754ACB1B568433D4376C88200F5
Certificate serial:       F3
Authority key identifier: 99:6D:67:02:3E:D2:77:54:AC:B1:B5:68:43:3D:43:76:C8:82:00:F5
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/mW1nAj7Sd1SssbVoQz1DdsiCAPU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CWTW/yQLH40YBnf6pBpD0Xpdwn7wABqY.roa
Signing time:             Fri 04 Mar 2022 08:29:04 +0000
ROA not before:           Fri 04 Mar 2022 08:29:04 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131646
IP address blocks:        103.161.78.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 243 (0xf3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=996D67023ED27754ACB1B568433D4376C88200F5
        Validity
            Not Before: Mar  4 08:29:04 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=C902C7E346019DFEA90690F45E97709FBC0006A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:ae:59:73:70:6f:3c:4b:69:94:87:ad:7b:f0:
                    2e:8f:8a:40:09:16:47:3b:dc:c7:cc:2b:33:43:23:
                    e4:50:6a:3d:88:ca:07:1b:6a:11:8f:89:2d:9c:8a:
                    62:da:1a:a6:f3:a6:b1:ca:8c:5c:a7:ef:09:3a:93:
                    db:4e:f2:7b:8a:44:0e:da:69:c1:fe:de:44:98:02:
                    3d:1a:1c:da:af:24:39:63:6a:bc:6c:0b:a8:73:a3:
                    79:47:a9:57:b8:46:b5:4a:9e:0a:0e:07:97:4e:d1:
                    20:76:23:5e:a2:93:85:52:65:b0:7a:0a:91:33:56:
                    27:02:ac:ec:5f:c9:37:53:71:a5:ee:09:ce:2e:35:
                    38:e4:67:6e:79:5a:a0:f0:39:1a:eb:ba:0e:46:f9:
                    37:3a:45:3f:31:d8:53:df:b7:f5:20:01:5d:b2:ef:
                    16:4b:1a:58:38:e5:cb:45:b7:63:15:38:ab:ee:ee:
                    81:7a:51:7d:6a:62:2b:3a:23:fe:5e:c6:8b:d8:27:
                    d5:e8:fa:1f:71:03:eb:88:0c:50:e4:0e:bc:d5:d5:
                    9f:81:44:d6:34:c7:1c:19:de:ef:13:e6:96:6c:df:
                    59:21:de:2e:7e:d8:87:2a:b2:86:93:f4:73:dc:45:
                    a6:23:08:bb:56:31:1c:50:c5:14:13:5b:d7:b8:c0:
                    7b:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:02:C7:E3:46:01:9D:FE:A9:06:90:F4:5E:97:70:9F:BC:00:06:A6
            X509v3 Authority Key Identifier:
                keyid:99:6D:67:02:3E:D2:77:54:AC:B1:B5:68:43:3D:43:76:C8:82:00:F5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CWTW/mW1nAj7Sd1SssbVoQz1DdsiCAPU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mW1nAj7Sd1SssbVoQz1DdsiCAPU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CWTW/yQLH40YBnf6pBpD0Xpdwn7wABqY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.161.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6a:55:7f:d8:fa:58:9d:9e:50:b5:81:33:7c:b4:46:11:8c:15:
         13:4d:8c:e0:09:60:f1:51:69:94:3c:39:d6:24:bb:f4:92:b5:
         f0:60:38:cf:06:48:1b:e9:a9:70:f1:b3:5b:50:78:0d:9d:c8:
         ad:70:ff:ee:0e:fc:82:f4:f9:17:11:aa:e7:0a:68:27:72:46:
         67:18:9b:35:90:ca:df:eb:6b:30:bc:88:11:84:9f:35:fe:ff:
         ac:8f:0f:50:94:d9:08:80:51:07:b4:a3:6e:46:ac:c9:8f:f7:
         1a:7a:fe:5a:0a:55:63:b1:6f:9a:3e:c4:d0:1a:94:af:3e:9e:
         05:bd:fa:3f:1d:44:5e:55:01:37:58:02:5c:7d:6e:b9:2e:c9:
         ad:35:bb:06:5c:26:9d:a6:e6:61:a2:65:3b:df:9a:61:6b:87:
         21:21:02:b2:44:91:80:0d:01:5e:30:d0:21:0b:4b:ab:62:48:
         0c:bf:0f:41:87:32:1f:49:57:e0:b1:79:9a:41:fa:52:fc:aa:
         8b:df:1f:c6:5f:6c:41:aa:b0:a0:83:6d:d2:4a:c3:b4:1e:4b:
         4e:56:dc:e3:a2:31:e8:63:1e:74:24:57:e8:51:0e:46:1c:43:
         39:07:c9:f5:1b:8e:ce:14:a3:33:78:f0:e0:2b:a9:0c:3c:c7:
         e7:65:a1:b5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk2
RDY3MDIzRUQyNzc1NEFDQjFCNTY4NDMzRDQzNzZDODgyMDBGNTAeFw0yMjAzMDQw
ODI5MDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEM5MDJDN0UzNDYwMTlE
RkVBOTA2OTBGNDVFOTc3MDlGQkMwMDA2QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDarllzcG88S2mUh6178C6PikAJFkc73MfMKzNDI+RQaj2Iygcb
ahGPiS2cimLaGqbzprHKjFyn7wk6k9tO8nuKRA7aacH+3kSYAj0aHNqvJDljarxs
C6hzo3lHqVe4RrVKngoOB5dO0SB2I16ik4VSZbB6CpEzVicCrOxfyTdTcaXuCc4u
NTjkZ255WqDwORrrug5G+Tc6RT8x2FPft/UgAV2y7xZLGlg45ctFt2MVOKvu7oF6
UX1qYis6I/5exovYJ9Xo+h9xA+uIDFDkDrzV1Z+BRNY0xxwZ3u8T5pZs31kh3i5+
2IcqsoaT9HPcRaYjCLtWMRxQxRQTW9e4wHs9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUyQLH40YBnf6pBpD0Xpdwn7wABqYwHwYDVR0jBBgwFoAUmW1nAj7Sd1SssbVo
Qz1DdsiCAPUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1dUVy9t
VzFuQWo3U2QxU3NzYlZvUXoxRGRzaUNBUFUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L21XMW5BajdTZDFTc3NiVm9RejFEZHNpQ0FQVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0NXVFcveVFMSDQwWUJuZjZwQnBEMFhwZHdu
N3dBQnFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWehTjAN
BgkqhkiG9w0BAQsFAAOCAQEAalV/2PpYnZ5QtYEzfLRGEYwVE02M4Alg8VFplDw5
1iS79JK18GA4zwZIG+mpcPGzW1B4DZ3IrXD/7g78gvT5FxGq5wpoJ3JGZxibNZDK
3+trMLyIEYSfNf7/rI8PUJTZCIBRB7SjbkasyY/3Gnr+WgpVY7Fvmj7E0BqUrz6e
Bb36Px1EXlUBN1gCXH1uuS7JrTW7BlwmnabmYaJlO9+aYWuHISECskSRgA0BXjDQ
IQtLq2JIDL8PQYcyH0lX4LF5mkH6Uvyqi98fxl9sQaqwoINt0krDtB5LTlbc46Ix
6GMedCRX6FEORhxDOQfJ9RuOzhSjM3jw4CupDDzH52WhtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org