Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/BWIGpghLsNEVPnzW68vEd2BC_bU.roa
File:                     BWIGpghLsNEVPnzW68vEd2BC_bU.roa (raw, json)
Hash identifier:          qKKbXKAXU0Nf569gHghRPQc14QOsoeRLQtsqIjECXbQ=
Subject key identifier:   05:62:06:A6:08:4B:B0:D1:15:3E:7C:D6:EB:CB:C4:77:60:42:FD:B5
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0AF8
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/BWIGpghLsNEVPnzW68vEd2BC_bU.roa
Signing time:             Thu 16 Dec 2021 06:38:35 +0000
ROA not before:           Thu 16 Dec 2021 06:38:35 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17809
IP address blocks:        121.254.64.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2808 (0xaf8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Dec 16 06:38:35 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=056206A6084BB0D1153E7CD6EBCBC4776042FDB5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:e3:2a:98:bd:a6:d8:bc:8c:d5:d0:6f:ad:e3:
                    a9:4a:26:32:fa:78:9d:7c:64:bf:80:e7:ee:05:64:
                    fb:4e:4b:8b:fe:88:e7:32:8b:85:3f:7a:2b:66:9a:
                    b1:8f:1b:81:3d:3f:1a:8a:5f:8e:a1:48:07:7f:21:
                    05:dd:9a:97:a9:75:39:a2:9b:9e:68:e1:97:29:f5:
                    ee:10:2b:89:4a:11:e6:45:84:6d:cc:f8:66:d0:c3:
                    ea:18:37:b7:43:97:d7:89:e5:2e:17:f4:ee:7c:e3:
                    62:90:55:34:3a:1c:b3:fa:d8:5d:0a:f3:07:77:d8:
                    bd:e2:b2:1d:dc:a4:35:6f:e8:c0:74:9f:d9:51:66:
                    6f:1a:d3:1b:11:dc:7a:26:0c:f9:87:62:db:71:0f:
                    9c:97:16:0d:4b:2b:1b:c2:8c:a2:0f:e8:3e:07:c2:
                    d8:fa:46:74:05:ab:dd:15:98:e6:48:9b:47:04:f8:
                    96:b8:fa:7e:21:5b:37:d6:a0:e4:57:22:ec:12:6d:
                    a0:b7:e0:46:60:56:ef:97:a9:e1:45:c4:6d:42:c2:
                    4c:a1:50:8c:ff:aa:99:da:61:32:4f:0d:5f:a1:36:
                    7f:02:7f:0c:a9:f1:8b:a7:f8:3d:f3:bd:6e:35:a1:
                    4c:77:87:58:65:a2:b8:10:c7:41:23:24:ec:30:68:
                    e0:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:62:06:A6:08:4B:B0:D1:15:3E:7C:D6:EB:CB:C4:77:60:42:FD:B5
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/BWIGpghLsNEVPnzW68vEd2BC_bU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.254.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2c:29:1c:97:73:dd:21:df:a5:fd:f5:49:ce:b6:a3:c3:4e:8b:
         a3:ce:0e:35:68:34:a6:14:c9:84:86:6d:60:17:17:49:69:55:
         23:18:d4:d6:9e:dc:1f:9e:b1:18:7b:59:31:87:34:4b:46:d7:
         10:40:20:2d:79:2e:bf:f9:e4:1a:f3:72:a2:70:0d:88:7c:6a:
         41:dd:af:cf:2c:43:d4:1a:89:90:9f:08:68:ba:5d:6d:b6:f9:
         a5:5f:0e:7c:ba:01:e4:06:ba:e6:b9:65:36:3d:89:4c:91:40:
         ee:cb:ef:96:ed:1b:ac:88:93:4c:e0:40:c2:21:b4:93:1d:51:
         a2:14:dc:16:4c:c5:77:27:bf:b1:1b:42:07:80:21:b3:3a:d3:
         29:0e:f2:e2:78:e8:a1:a5:a1:67:3b:2a:06:31:bc:be:11:2e:
         79:61:74:36:59:69:35:86:df:2d:6c:c5:a4:1d:58:83:35:e7:
         2a:d6:b7:57:70:91:b2:59:41:9b:15:20:02:d7:da:72:2e:7d:
         ec:84:ae:e1:81:0a:57:81:2b:26:b1:14:16:54:3f:60:63:fb:
         e4:7b:05:09:62:08:93:64:9f:c9:69:89:82:36:b1:76:23:99:
         ea:43:b7:60:d3:66:3d:2d:82:61:72:59:ac:1f:3a:1c:cf:b3:
         51:38:d2:d2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjM4MzVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA1NjIwNkE2MDg0QkIw
RDExNTNFN0NENkVCQ0JDNDc3NjA0MkZEQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz4yqYvabYvIzV0G+t46lKJjL6eJ18ZL+A5+4FZPtOS4v+iOcy
i4U/eitmmrGPG4E9PxqKX46hSAd/IQXdmpepdTmim55o4Zcp9e4QK4lKEeZFhG3M
+GbQw+oYN7dDl9eJ5S4X9O5842KQVTQ6HLP62F0K8wd32L3ish3cpDVv6MB0n9lR
Zm8a0xsR3HomDPmHYttxD5yXFg1LKxvCjKIP6D4Hwtj6RnQFq90VmOZIm0cE+Ja4
+n4hWzfWoORXIuwSbaC34EZgVu+XqeFFxG1CwkyhUIz/qpnaYTJPDV+hNn8Cfwyp
8Yun+D3zvW41oUx3h1hlorgQx0EjJOwwaOADAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUBWIGpghLsNEVPnzW68vEd2BC/bUwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvQldJR3BnaExzTkVWUG56VzY4dkVk
MkJDX2JVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+QDAN
BgkqhkiG9w0BAQsFAAOCAQEALCkcl3PdId+l/fVJzrajw06Lo84ONWg0phTJhIZt
YBcXSWlVIxjU1p7cH56xGHtZMYc0S0bXEEAgLXkuv/nkGvNyonANiHxqQd2vzyxD
1BqJkJ8IaLpdbbb5pV8OfLoB5Aa65rllNj2JTJFA7svvlu0brIiTTOBAwiG0kx1R
ohTcFkzFdye/sRtCB4AhszrTKQ7y4njooaWhZzsqBjG8vhEueWF0NllpNYbfLWzF
pB1YgzXnKta3V3CRsllBmxUgAtfaci597ISu4YEKV4ErJrEUFlQ/YGP75HsFCWII
k2SfyWmJgjaxdiOZ6kO3YNNmPS2CYXJZrB86HM+zUTjS0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org