Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ISOl5Xb24fjGhhdRJaptn2pk4ds.roa
File:                     ISOl5Xb24fjGhhdRJaptn2pk4ds.roa (raw, json)
Hash identifier:          3iLKXEokozWlnriHMIKiLSOWAoH9/m0jis8cHoBpRQQ=
Subject key identifier:   21:23:A5:E5:76:F6:E1:F8:C6:86:17:51:25:AA:6D:9F:6A:64:E1:DB
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0D48
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ISOl5Xb24fjGhhdRJaptn2pk4ds.roa
Signing time:             Wed 03 May 2023 01:03:01 +0000
ROA not before:           Wed 03 May 2023 01:03:01 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        182.155.128.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3400 (0xd48)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: May  3 01:03:01 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=2123A5E576F6E1F8C686175125AA6D9F6A64E1DB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:53:13:97:ec:56:ec:a4:a8:93:12:51:70:a7:
                    1d:9f:97:19:ec:98:e4:39:8e:27:a0:f0:cf:75:47:
                    f6:de:bc:3b:0c:ca:51:de:87:a0:77:d8:1f:b3:c5:
                    eb:55:5e:76:5a:7b:49:43:13:33:d4:6a:59:e0:5e:
                    84:35:81:68:42:c1:d9:8c:36:7a:d1:ad:c6:b6:8b:
                    b8:44:1e:ac:c4:cd:8e:d5:73:4b:13:76:cd:cf:ac:
                    e9:52:72:3d:ac:01:d7:56:e5:10:d3:3b:5e:fd:f7:
                    9b:4e:d1:c4:bb:06:ff:d3:17:01:1c:4e:ed:eb:00:
                    6e:0d:49:de:ad:b9:7a:d2:a5:e8:48:8f:47:96:02:
                    49:ee:e8:81:3e:67:2f:44:39:e5:e0:97:f3:fe:a5:
                    ac:a8:a0:41:42:4f:e5:6e:ba:e7:74:1c:c8:15:db:
                    e0:5e:90:7b:73:ce:20:fa:79:ce:3e:5a:c2:63:d7:
                    31:80:03:93:6b:8f:de:06:03:a6:48:fe:d6:59:fd:
                    74:64:59:d0:9d:16:2f:9f:80:05:91:c5:07:74:f6:
                    b7:aa:b9:a4:a1:f1:60:c9:f7:b1:55:19:ee:57:d7:
                    93:91:96:da:e8:8a:89:80:39:7c:8f:df:37:51:74:
                    98:11:c9:df:62:ed:5f:65:44:6a:bd:07:31:03:6b:
                    d6:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:23:A5:E5:76:F6:E1:F8:C6:86:17:51:25:AA:6D:9F:6A:64:E1:DB
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ISOl5Xb24fjGhhdRJaptn2pk4ds.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.155.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         af:c7:ca:38:b4:03:67:60:9e:63:4f:16:32:6c:06:a3:b9:5e:
         b1:70:eb:ad:37:64:50:ef:cf:8e:52:8b:06:2c:1e:df:01:02:
         16:16:26:78:c5:c3:21:fe:64:a0:4f:db:c5:28:3e:e1:52:69:
         0b:41:cd:30:fa:0f:f1:6f:80:a9:b0:24:d8:0a:e9:e5:e1:b4:
         7e:0f:2c:b0:fd:dc:5a:0d:b5:c2:be:ea:5a:c2:51:0c:3e:1d:
         8a:3d:b5:a6:75:b3:9f:46:9c:5a:14:92:03:4e:dc:75:06:04:
         34:cc:66:71:ed:56:85:b1:a3:34:30:a0:5a:5a:19:f7:0d:5d:
         7c:0a:80:78:74:74:9d:3d:58:4e:10:fb:c2:a7:b9:01:e7:e4:
         22:5d:3b:8b:ac:66:e6:f0:10:b2:61:a3:84:0c:03:48:03:57:
         32:b8:a4:d2:bf:72:e3:dc:bb:63:81:c0:e1:69:8a:bf:4c:93:
         ae:8d:1a:ee:62:52:1c:b6:77:fd:2e:68:97:15:e0:d1:3a:62:
         05:d5:22:ca:06:fc:26:ee:a8:c0:bf:14:78:91:c4:2c:aa:eb:
         f7:24:50:48:3a:0d:2c:0d:9d:3c:3e:fe:e5:1e:ab:c4:88:08:
         ff:eb:bd:e3:d1:50:31:1e:80:e7:4d:92:17:67:74:00:83:89:
         3f:50:dd:a3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDUgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA1MDMw
MTAzMDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIxMjNBNUU1NzZGNkUx
RjhDNjg2MTc1MTI1QUE2RDlGNkE2NEUxREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrUxOX7FbspKiTElFwpx2flxnsmOQ5jieg8M91R/bevDsMylHe
h6B32B+zxetVXnZae0lDEzPUalngXoQ1gWhCwdmMNnrRrca2i7hEHqzEzY7Vc0sT
ds3PrOlScj2sAddW5RDTO17995tO0cS7Bv/TFwEcTu3rAG4NSd6tuXrSpehIj0eW
Aknu6IE+Zy9EOeXgl/P+payooEFCT+Vuuud0HMgV2+BekHtzziD6ec4+WsJj1zGA
A5Nrj94GA6ZI/tZZ/XRkWdCdFi+fgAWRxQd09requaSh8WDJ97FVGe5X15ORltro
iomAOXyP3zdRdJgRyd9i7V9lRGq9BzEDa9aLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUISOl5Xb24fjGhhdRJaptn2pk4dswHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvSVNPbDVYYjI0ZmpHaGhkUkphcHRu
MnBrNGRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbabgDAN
BgkqhkiG9w0BAQsFAAOCAQEAr8fKOLQDZ2CeY08WMmwGo7lesXDrrTdkUO/PjlKL
Biwe3wECFhYmeMXDIf5koE/bxSg+4VJpC0HNMPoP8W+AqbAk2Arp5eG0fg8ssP3c
Wg21wr7qWsJRDD4dij21pnWzn0acWhSSA07cdQYENMxmce1WhbGjNDCgWloZ9w1d
fAqAeHR0nT1YThD7wqe5AefkIl07i6xm5vAQsmGjhAwDSANXMrik0r9y49y7Y4HA
4WmKv0yTro0a7mJSHLZ3/S5olxXg0TpiBdUiygb8Ju6owL8UeJHELKrr9yRQSDoN
LA2dPD7+5R6rxIgI/+u949FQMR6A502SF2d0AIOJP1Ddow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org