Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/4SnFr22Cr5aCGfPEhF0dYGL4314.roa
File:                     4SnFr22Cr5aCGfPEhF0dYGL4314.roa (raw, json)
Hash identifier:          EnwP/6aWhaBYD6cdi6EAFVjlBjDIQzmUpXx5t1yvw3g=
Subject key identifier:   E1:29:C5:AF:6D:82:AF:96:82:19:F3:C4:84:5D:1D:60:62:F8:DF:5E
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0CE8
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/4SnFr22Cr5aCGfPEhF0dYGL4314.roa
Signing time:             Wed 26 Apr 2023 10:31:20 +0000
ROA not before:           Wed 26 Apr 2023 10:31:20 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        121.254.96.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3304 (0xce8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Apr 26 10:31:20 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=E129C5AF6D82AF968219F3C4845D1D6062F8DF5E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:60:bd:f0:29:47:d6:e4:37:82:a7:fa:7f:84:
                    f2:54:49:32:13:3d:73:a9:52:c0:96:8c:98:5a:0a:
                    05:63:b1:5c:59:b4:7b:41:f4:c9:13:42:1c:02:4d:
                    80:04:5b:4b:78:f4:85:2d:a0:19:25:cd:49:2d:2c:
                    fb:64:bc:f7:9b:69:11:2b:f1:5f:68:0e:b0:8c:0f:
                    10:7c:5f:5f:ae:e8:96:41:62:01:c9:69:87:d5:0a:
                    d8:15:f7:0f:8e:36:76:9b:50:6d:28:5f:bb:29:64:
                    22:16:7f:53:25:8b:3f:d8:66:5e:8b:a1:bf:eb:0e:
                    34:98:4c:a4:09:70:d1:15:8e:90:81:9e:38:83:38:
                    a5:06:a2:ec:fa:6b:c9:21:db:f8:95:9f:6a:9c:22:
                    d1:21:48:8c:06:43:b7:df:a0:8c:00:75:f1:d5:7c:
                    03:0f:a9:75:6e:2d:cb:4d:52:e8:e7:90:fe:ff:35:
                    cb:c1:5e:a2:a5:de:10:da:94:97:79:d3:0b:35:56:
                    3f:9b:7b:67:54:69:96:a1:28:cd:49:19:97:29:ab:
                    55:27:6f:2a:d4:15:a8:8e:20:ab:69:10:a9:be:43:
                    1a:69:99:b7:72:a2:54:51:0a:9a:cd:b4:e4:21:a1:
                    21:1f:fb:df:be:2c:eb:be:2b:df:77:e3:9c:ca:e8:
                    46:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:29:C5:AF:6D:82:AF:96:82:19:F3:C4:84:5D:1D:60:62:F8:DF:5E
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/4SnFr22Cr5aCGfPEhF0dYGL4314.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.254.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8d:8c:b1:d3:c8:9a:6b:5e:b9:64:99:4f:fa:c0:9c:2a:6e:0d:
         fb:a0:5e:d1:33:63:80:fa:f0:ee:a0:e1:04:03:c7:1b:07:f3:
         f2:08:85:d8:bd:88:3e:a2:d0:fd:d3:44:2b:fe:58:4d:15:c6:
         1f:03:64:8b:8a:26:0f:c0:c2:66:4e:ff:49:8c:07:48:f4:ea:
         fd:be:51:f3:7f:2a:12:40:42:9d:47:eb:57:aa:01:22:e8:46:
         59:86:d1:f5:02:e3:4e:40:8d:3e:dc:ee:96:31:08:e3:80:f2:
         c2:79:7a:66:ae:22:81:d2:be:48:36:88:7d:84:b3:98:7f:63:
         82:7c:11:2c:22:56:bc:8b:54:36:9a:45:2b:5a:84:98:1a:c7:
         1b:93:54:29:0d:d6:92:3d:ac:08:cc:13:e4:32:8c:28:97:ee:
         cd:62:c8:6e:61:1f:e2:f7:57:2c:c5:f5:26:5a:e6:f8:22:79:
         96:1d:48:41:52:c9:8c:a3:a3:e6:23:7f:ba:06:e3:63:b6:19:
         59:6e:89:06:00:7a:50:c4:f5:f5:74:af:9e:70:2c:23:c3:68:
         36:40:8b:cd:d7:a8:bf:f3:5c:c6:aa:65:7c:ea:d6:8d:4c:91:
         ef:1a:78:d6:b7:ba:f0:b0:a0:bb:8b:ee:ee:d0:5b:f9:7e:b0:
         16:f1:aa:21
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUxMjlDNUFGNkQ4MkFG
OTY4MjE5RjNDNDg0NUQxRDYwNjJGOERGNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHYL3wKUfW5DeCp/p/hPJUSTITPXOpUsCWjJhaCgVjsVxZtHtB
9MkTQhwCTYAEW0t49IUtoBklzUktLPtkvPebaREr8V9oDrCMDxB8X1+u6JZBYgHJ
aYfVCtgV9w+ONnabUG0oX7spZCIWf1Mliz/YZl6Lob/rDjSYTKQJcNEVjpCBnjiD
OKUGouz6a8kh2/iVn2qcItEhSIwGQ7ffoIwAdfHVfAMPqXVuLctNUujnkP7/NcvB
XqKl3hDalJd50ws1Vj+be2dUaZahKM1JGZcpq1UnbyrUFaiOIKtpEKm+Qxppmbdy
olRRCprNtOQhoSEf+9++LOu+K99345zK6EarAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU4SnFr22Cr5aCGfPEhF0dYGL4314wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvNFNuRnIyMkNyNWFDR2ZQRWhGMGRZ
R0w0MzE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHn+YDAN
BgkqhkiG9w0BAQsFAAOCAQEAjYyx08iaa165ZJlP+sCcKm4N+6Be0TNjgPrw7qDh
BAPHGwfz8giF2L2IPqLQ/dNEK/5YTRXGHwNki4omD8DCZk7/SYwHSPTq/b5R838q
EkBCnUfrV6oBIuhGWYbR9QLjTkCNPtzuljEI44Dywnl6Zq4igdK+SDaIfYSzmH9j
gnwRLCJWvItUNppFK1qEmBrHG5NUKQ3Wkj2sCMwT5DKMKJfuzWLIbmEf4vdXLMX1
Jlrm+CJ5lh1IQVLJjKOj5iN/ugbjY7YZWW6JBgB6UMT19XSvnnAsI8NoNkCLzdeo
v/NcxqplfOrWjUyR7xp41re68LCgu4vu7tBb+X6wFvGqIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org