Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/8gkHVOE7YxqhRsqx3W8sV-A9C5s.roa
File:                     8gkHVOE7YxqhRsqx3W8sV-A9C5s.roa (raw, json)
Hash identifier:          Rn8rbsTKx2z6igOv25rKaL3jw1bqJJqpJBcbljzGlNE=
Subject key identifier:   F2:09:07:54:E1:3B:63:1A:A1:46:CA:B1:DD:6F:2C:57:E0:3D:0B:9B
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/8gkHVOE7YxqhRsqx3W8sV-A9C5s.roa
Signing time:             Thu 15 Sep 2022 02:37:21 +0000
ROA not before:           Thu 15 Sep 2022 02:37:21 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        113.61.176.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3068 (0xbfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Sep 15 02:37:21 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=F2090754E13B631AA146CAB1DD6F2C57E03D0B9B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:9a:4d:62:43:ad:ec:18:bc:3e:fc:24:2a:cb:
                    f8:e6:af:d1:b7:41:34:9a:18:26:96:1b:0e:6e:39:
                    36:21:16:9a:e5:c2:63:84:a8:be:3c:55:ca:de:ff:
                    d2:bc:57:56:01:50:fa:d2:9b:8e:7a:7a:0b:19:ee:
                    a1:52:8a:52:54:d1:92:a2:77:bc:74:40:08:79:08:
                    81:5d:33:6c:4e:3d:72:cb:a1:c6:9b:16:e7:03:8e:
                    f5:50:2a:99:a4:2d:f1:d9:3a:12:c2:89:04:ce:2a:
                    35:e5:9d:e4:dd:40:bb:18:a5:3e:ca:bd:16:77:e7:
                    3b:75:d8:c6:c7:01:35:e0:cc:4b:89:8e:a7:50:f2:
                    d5:07:b1:58:d1:b1:62:89:8d:e9:75:6f:53:bd:a9:
                    e6:b3:1e:1c:d8:e7:d9:fb:b3:72:15:a7:1e:4e:9b:
                    c3:63:cc:f4:86:24:3b:f6:e9:72:d4:2f:7e:e6:a2:
                    d7:c7:2f:53:94:76:c6:3c:bc:9a:29:f7:83:85:20:
                    d1:b7:35:00:12:86:74:0f:e1:32:01:86:bf:91:93:
                    de:49:25:eb:15:88:d0:76:06:af:26:0f:cb:d1:8a:
                    5e:41:aa:5f:3e:92:6e:c9:8d:6b:11:6a:b3:86:69:
                    3c:82:87:5a:6d:7b:44:1b:90:dd:3e:b8:b1:4f:d3:
                    02:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:09:07:54:E1:3B:63:1A:A1:46:CA:B1:DD:6F:2C:57:E0:3D:0B:9B
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/8gkHVOE7YxqhRsqx3W8sV-A9C5s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.61.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3e:ae:55:bc:36:52:7e:73:39:55:0d:74:32:85:e4:95:d9:77:
         73:c9:88:e3:16:2b:71:d5:66:9f:c2:10:06:7b:cd:3f:80:ac:
         10:bd:69:ec:b0:be:14:1b:05:e2:de:1b:4f:6e:41:7e:30:e6:
         44:12:21:7f:66:b5:b4:78:c7:f2:3c:25:37:b6:4c:a1:9a:f4:
         d7:54:4d:d7:2a:b0:7e:a5:2a:4d:14:94:dd:12:94:bf:f4:2d:
         f1:97:9b:79:f9:e8:b3:f6:8f:b2:ea:dd:5d:b9:b2:6a:d7:cd:
         4e:07:fb:dc:0d:27:b2:3e:1c:6b:22:0f:ed:d6:e5:73:f2:d0:
         d4:11:15:0f:11:89:54:a6:1d:8a:b6:de:e0:3a:ef:92:33:98:
         b6:9f:6d:64:da:e0:83:ab:c2:33:35:4f:c1:e7:a3:cc:12:60:
         0a:d5:e6:bc:85:17:db:d1:ef:ce:58:8e:3f:98:ba:db:6b:ac:
         a0:ea:f3:e7:d9:62:5f:54:72:1b:51:f7:dc:ff:1f:69:5c:31:
         33:61:81:0c:ff:05:7c:7b:2c:a7:be:27:a7:ea:24:fb:9b:75:
         db:60:92:75:cc:62:30:0f:c0:80:b9:b0:cf:ee:19:fa:d2:61:
         91:26:38:60:1c:62:7d:02:3d:d3:92:3c:17:bf:b6:ca:1c:ed:
         65:55:83:19
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MjFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEYyMDkwNzU0RTEzQjYz
MUFBMTQ2Q0FCMURENkYyQzU3RTAzRDBCOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNmk1iQ63sGLw+/CQqy/jmr9G3QTSaGCaWGw5uOTYhFprlwmOE
qL48Vcre/9K8V1YBUPrSm456egsZ7qFSilJU0ZKid7x0QAh5CIFdM2xOPXLLocab
FucDjvVQKpmkLfHZOhLCiQTOKjXlneTdQLsYpT7KvRZ35zt12MbHATXgzEuJjqdQ
8tUHsVjRsWKJjel1b1O9qeazHhzY59n7s3IVpx5Om8NjzPSGJDv26XLUL37motfH
L1OUdsY8vJop94OFING3NQAShnQP4TIBhr+Rk95JJesViNB2Bq8mD8vRil5Bql8+
km7JjWsRarOGaTyCh1pte0QbkN0+uLFP0wJVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU8gkHVOE7YxqhRsqx3W8sV+A9C5swHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvOGdrSFZPRTdZeHFoUnNxeDNXOHNW
LUE5QzVzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHE9sDAN
BgkqhkiG9w0BAQsFAAOCAQEAPq5VvDZSfnM5VQ10MoXkldl3c8mI4xYrcdVmn8IQ
BnvNP4CsEL1p7LC+FBsF4t4bT25BfjDmRBIhf2a1tHjH8jwlN7ZMoZr011RN1yqw
fqUqTRSU3RKUv/Qt8Zebefnos/aPsurdXbmyatfNTgf73A0nsj4cayIP7dblc/LQ
1BEVDxGJVKYdirbe4DrvkjOYtp9tZNrgg6vCMzVPweejzBJgCtXmvIUX29HvzliO
P5i622usoOrz59liX1RyG1H33P8faVwxM2GBDP8FfHssp74np+ok+5t122CSdcxi
MA/AgLmwz+4Z+tJhkSY4YBxifQI905I8F7+2yhztZVWDGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org