Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/LNpcGmPzwuC9UAmeIGAwMbjQFGs.roa
File:                     LNpcGmPzwuC9UAmeIGAwMbjQFGs.roa (raw, json)
Hash identifier:          K2MuoWvjsWgKH182u4xf5TZC+3oS6kgYa860h0zqwS4=
Subject key identifier:   2C:DA:5C:1A:63:F3:C2:E0:BD:50:09:9E:20:60:30:31:B8:D0:14:6B
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0CC9
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/LNpcGmPzwuC9UAmeIGAwMbjQFGs.roa
Signing time:             Wed 26 Apr 2023 06:34:10 +0000
ROA not before:           Wed 26 Apr 2023 06:34:10 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        203.222.28.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3273 (0xcc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Apr 26 06:34:10 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=2CDA5C1A63F3C2E0BD50099E20603031B8D0146B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:84:22:c5:9c:f6:3f:e1:90:d0:14:56:45:2e:
                    56:24:b9:58:25:47:05:60:92:15:ad:f2:f4:6e:c5:
                    7b:65:ac:b0:38:bb:2a:b6:0d:65:48:87:19:19:1d:
                    81:6e:b5:0c:ea:42:54:73:f0:45:8a:a6:b9:87:23:
                    31:47:83:68:41:db:8c:46:c2:0a:bf:ec:92:c4:53:
                    82:43:3c:10:45:1a:e7:59:8e:8a:f5:7d:d4:8c:10:
                    2e:48:56:bb:1b:a5:dd:2a:cd:9e:c1:ad:ae:c0:a5:
                    42:23:f4:b6:03:1a:7a:2e:ed:41:86:d3:88:9a:89:
                    4b:0b:f2:d2:2a:6c:8c:fd:f6:bd:e1:fe:38:a8:da:
                    d5:f2:67:0a:b3:df:33:f1:fd:35:60:90:42:fd:61:
                    90:08:a2:39:7f:d0:8b:3e:90:c5:6f:1e:7a:e6:64:
                    51:1a:12:38:1f:04:9f:52:28:fc:42:50:05:5e:78:
                    b3:8c:62:ba:45:5f:5e:07:13:c3:ca:84:b7:9a:9f:
                    9a:ec:84:18:7f:31:c7:2f:61:55:34:bc:28:d9:8e:
                    a6:3f:cb:7f:f1:d7:43:8e:29:b5:38:b8:8b:6e:15:
                    34:9e:8b:73:5a:8d:59:73:0c:f6:f4:d9:34:93:71:
                    4a:5b:59:88:68:a4:34:f0:db:fe:15:ec:12:87:fc:
                    f8:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:DA:5C:1A:63:F3:C2:E0:BD:50:09:9E:20:60:30:31:B8:D0:14:6B
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/LNpcGmPzwuC9UAmeIGAwMbjQFGs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.222.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:80:e0:5e:15:cc:37:9b:68:60:2f:1e:a3:c0:fb:56:96:c8:
         7f:c2:44:2a:dd:d9:89:d0:1c:eb:4c:13:68:7f:c4:a3:eb:e3:
         b5:d8:44:4f:a4:ed:c3:c6:b9:9d:e6:1a:82:90:c5:69:b5:11:
         5e:93:1c:29:88:ad:29:1f:49:ac:10:a8:91:f5:0a:6d:b6:4c:
         b9:75:ff:20:c4:8d:d5:cd:7a:6f:f2:57:13:2e:d6:73:40:df:
         10:11:59:1d:a1:02:7f:62:7f:cf:4a:60:f7:06:b9:fa:a7:02:
         a8:88:16:16:e3:fe:4c:91:41:5e:e8:91:bb:46:5c:36:f1:b5:
         f6:43:0d:b7:7e:32:e7:f4:30:4a:8b:be:48:05:9e:61:ee:c2:
         eb:5f:d3:b6:eb:f3:49:56:b0:77:40:7f:b8:3d:21:98:b8:e6:
         8c:4e:f1:09:58:8c:ef:77:27:d3:d7:48:f4:7b:47:8a:95:00:
         72:a5:cc:b8:ea:5e:b8:00:b7:72:e3:76:3b:96:a2:69:15:53:
         40:58:d9:2b:3c:f0:c0:2b:8a:35:ec:eb:62:ac:48:3d:9f:f4:
         79:e3:14:22:88:48:64:6f:d9:ff:8a:9d:88:ac:2b:6f:28:39:
         23:ab:a4:b8:67:7a:60:c1:31:ba:b2:0d:20:76:a1:b0:30:a6:
         65:b2:b9:ea
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjM0MTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJDREE1QzFBNjNGM0My
RTBCRDUwMDk5RTIwNjAzMDMxQjhEMDE0NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6hCLFnPY/4ZDQFFZFLlYkuVglRwVgkhWt8vRuxXtlrLA4uyq2
DWVIhxkZHYFutQzqQlRz8EWKprmHIzFHg2hB24xGwgq/7JLEU4JDPBBFGudZjor1
fdSMEC5IVrsbpd0qzZ7Bra7ApUIj9LYDGnou7UGG04iaiUsL8tIqbIz99r3h/jio
2tXyZwqz3zPx/TVgkEL9YZAIojl/0Is+kMVvHnrmZFEaEjgfBJ9SKPxCUAVeeLOM
YrpFX14HE8PKhLean5rshBh/MccvYVU0vCjZjqY/y3/x10OOKbU4uItuFTSei3Na
jVlzDPb02TSTcUpbWYhopDTw2/4V7BKH/PgNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULNpcGmPzwuC9UAmeIGAwMbjQFGswHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTE5wY0dtUHp3dUM5VUFtZUlHQXdN
YmpRRkdzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveHDAN
BgkqhkiG9w0BAQsFAAOCAQEAWYDgXhXMN5toYC8eo8D7VpbIf8JEKt3ZidAc60wT
aH/Eo+vjtdhET6Ttw8a5neYagpDFabURXpMcKYitKR9JrBCokfUKbbZMuXX/IMSN
1c16b/JXEy7Wc0DfEBFZHaECf2J/z0pg9wa5+qcCqIgWFuP+TJFBXuiRu0ZcNvG1
9kMNt34y5/QwSou+SAWeYe7C61/TtuvzSVawd0B/uD0hmLjmjE7xCViM73cn09dI
9HtHipUAcqXMuOpeuAC3cuN2O5aiaRVTQFjZKzzwwCuKNezrYqxIPZ/0eeMUIohI
ZG/Z/4qdiKwrbyg5I6ukuGd6YMExurINIHahsDCmZbK56g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org