Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ARf-dzEUFXEfzPUTy2luqK6xCpc.roa
File:                     ARf-dzEUFXEfzPUTy2luqK6xCpc.roa (raw, json)
Hash identifier:          oNQg3tuHnbSPF2pmJTas9wbo16R0WNLGgkxfRMKAQFQ=
Subject key identifier:   01:17:FE:77:31:14:15:71:1F:CC:F5:13:CB:69:6E:A8:AE:B1:0A:97
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0CAF
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ARf-dzEUFXEfzPUTy2luqK6xCpc.roa
Signing time:             Wed 26 Apr 2023 06:04:09 +0000
ROA not before:           Wed 26 Apr 2023 06:04:09 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        113.61.128.0/18 maxlen: 18

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3247 (0xcaf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Apr 26 06:04:09 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=0117FE77311415711FCCF513CB696EA8AEB10A97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a3:09:33:a2:14:7e:aa:e5:6a:e3:6e:03:b5:
                    7c:3d:0d:3d:1d:14:de:5c:49:aa:5c:cd:04:7e:c7:
                    ea:d3:93:8b:50:f8:cf:a6:1d:18:32:7f:0e:4d:57:
                    b7:1a:61:7c:eb:b6:8d:38:4a:33:4e:0f:e9:b2:5f:
                    78:7a:16:9e:f6:b7:ba:c4:6a:2a:fb:ec:e2:88:11:
                    dc:83:70:45:55:14:34:9d:d5:93:ae:4f:85:a9:83:
                    15:11:c0:d1:90:96:1e:1f:42:36:f2:78:cb:fe:6d:
                    0b:d9:ea:74:33:2a:da:ba:2c:c2:3f:0f:56:eb:be:
                    45:bc:e4:38:57:51:3d:81:58:1c:47:cc:9f:18:98:
                    06:81:79:31:2e:96:0b:7d:39:75:25:1e:ec:3e:cc:
                    78:fa:5f:45:aa:9a:84:77:06:1d:58:c6:1a:91:51:
                    f4:f9:21:d6:b1:e0:f0:b5:9f:0d:df:85:d9:95:08:
                    cd:a2:37:bb:1d:28:6d:af:4f:e2:9a:5a:a2:60:9d:
                    cf:28:41:71:a6:13:c0:58:52:a2:0b:34:04:bf:37:
                    85:3d:a8:3e:57:31:ac:96:cc:83:14:a1:50:f0:cd:
                    30:a7:54:06:7b:64:87:2e:df:ba:e7:aa:6f:9f:e1:
                    78:fc:19:ed:af:1e:fb:f6:b1:32:85:2a:dd:d3:14:
                    18:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:17:FE:77:31:14:15:71:1F:CC:F5:13:CB:69:6E:A8:AE:B1:0A:97
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ARf-dzEUFXEfzPUTy2luqK6xCpc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.61.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         93:b9:ce:a4:c8:22:96:8b:ee:8b:78:96:42:17:de:a7:60:dc:
         bd:6c:4a:55:60:1f:98:3c:fa:f1:2a:37:25:ca:2a:79:55:ef:
         ad:fb:96:c9:3b:de:29:93:f6:37:cc:78:fa:1f:2c:eb:97:3b:
         9d:dc:6e:e9:82:f0:61:fb:e6:71:b1:4a:8a:a6:a4:8e:df:28:
         97:60:a2:8e:40:de:e8:eb:6e:97:7d:c6:50:0c:18:2f:16:1a:
         35:9e:fc:90:89:93:fe:e7:ab:ff:f7:d0:3e:d7:be:8d:3c:4c:
         79:81:be:9d:5c:2b:3e:f4:40:2d:59:89:1d:2a:6c:5b:a5:4b:
         e9:f8:92:a6:d9:00:6d:54:65:a2:df:34:a2:bd:c7:bd:7d:a4:
         89:be:b4:fd:9d:f0:c5:a6:b8:f4:3c:d7:f5:63:0b:f8:36:31:
         ab:46:4a:66:67:20:03:2f:37:79:bf:3b:57:ea:4d:e7:3e:32:
         69:d9:5a:42:1f:fd:e6:7b:27:ed:68:16:3f:05:34:2c:67:42:
         ef:63:ad:ba:f8:a9:37:84:b9:b3:be:54:b8:9e:a6:33:55:2d:
         2e:bb:5e:da:d3:6e:91:ec:3c:b6:d6:91:ef:2c:5d:29:6c:78:
         f3:70:e1:96:ad:15:4c:0f:03:dc:03:a9:7e:8a:2e:11:6c:9d:
         46:85:d1:6f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjA0MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDAxMTdGRTc3MzExNDE1
NzExRkNDRjUxM0NCNjk2RUE4QUVCMTBBOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOowkzohR+quVq424DtXw9DT0dFN5cSapczQR+x+rTk4tQ+M+m
HRgyfw5NV7caYXzrto04SjNOD+myX3h6Fp72t7rEair77OKIEdyDcEVVFDSd1ZOu
T4WpgxURwNGQlh4fQjbyeMv+bQvZ6nQzKtq6LMI/D1brvkW85DhXUT2BWBxHzJ8Y
mAaBeTEulgt9OXUlHuw+zHj6X0WqmoR3Bh1YxhqRUfT5Idax4PC1nw3fhdmVCM2i
N7sdKG2vT+KaWqJgnc8oQXGmE8BYUqILNAS/N4U9qD5XMayWzIMUoVDwzTCnVAZ7
ZIcu37rnqm+f4Xj8Ge2vHvv2sTKFKt3TFBiZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUARf+dzEUFXEfzPUTy2luqK6xCpcwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvQVJmLWR6RVVGWEVmelBVVHkybHVx
SzZ4Q3BjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnE9gDAN
BgkqhkiG9w0BAQsFAAOCAQEAk7nOpMgilovui3iWQhfep2DcvWxKVWAfmDz68So3
JcoqeVXvrfuWyTveKZP2N8x4+h8s65c7ndxu6YLwYfvmcbFKiqakjt8ol2CijkDe
6Otul33GUAwYLxYaNZ78kImT/uer//fQPte+jTxMeYG+nVwrPvRALVmJHSpsW6VL
6fiSptkAbVRlot80or3HvX2kib60/Z3wxaa49DzX9WML+DYxq0ZKZmcgAy83eb87
V+pN5z4yadlaQh/95nsn7WgWPwU0LGdC72OtuvipN4S5s75UuJ6mM1UtLrte2tNu
kew8ttaR7yxdKWx483Dhlq0VTA8D3AOpfoouEWydRoXRbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org