Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/N0wKwHE3gZKLGtgDt2SEwWs-6KM.roa
File:                     N0wKwHE3gZKLGtgDt2SEwWs-6KM.roa (raw, json)
Hash identifier:          c8tYpHRPu1naGLJT9B0xeHtQmvMpW2fJ9j04HcJqKn8=
Subject key identifier:   37:4C:0A:C0:71:37:81:92:8B:1A:D8:03:B7:64:84:C1:6B:3E:E8:A3
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0B26
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/N0wKwHE3gZKLGtgDt2SEwWs-6KM.roa
Signing time:             Thu 16 Dec 2021 06:52:54 +0000
ROA not before:           Thu 16 Dec 2021 06:52:54 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17809
IP address blocks:        203.222.8.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2854 (0xb26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Dec 16 06:52:54 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=374C0AC0713781928B1AD803B76484C16B3EE8A3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:bf:e6:a6:e6:aa:8b:23:21:49:60:6c:3a:34:
                    1c:65:9a:38:dc:54:c7:39:9a:13:86:51:c5:e7:f7:
                    1a:2c:12:37:a0:e8:91:7c:94:56:0a:2e:92:82:b7:
                    35:b5:36:dc:fe:08:a0:cc:b2:00:3d:7d:65:e7:c2:
                    bb:6e:82:84:bc:7b:1f:f0:4f:0f:ba:41:5c:b7:77:
                    97:5d:dc:f2:a7:ab:4e:aa:79:f1:d9:f7:90:5b:d2:
                    c5:34:c5:1b:7b:c1:c7:e5:55:bb:cd:f6:aa:3d:33:
                    18:4f:f1:cb:f4:01:ec:84:4c:06:f6:09:c4:af:b5:
                    3b:1c:3b:ce:13:bf:3b:d4:5d:e5:9c:c0:3e:c0:46:
                    48:60:b1:16:89:c6:3c:7e:83:e2:29:81:e6:a0:a9:
                    9d:95:63:5d:31:06:3e:53:b2:d7:ff:05:03:6f:a7:
                    a1:28:01:c9:6f:53:be:e9:43:ee:6d:27:f5:32:d2:
                    9e:d7:49:f8:fc:33:13:b7:3b:4b:bb:ba:12:a1:b4:
                    b2:12:49:5a:f4:cc:85:27:6d:52:91:d1:eb:e1:2d:
                    ba:ec:72:8b:12:c7:8f:7e:35:33:3c:f9:19:b2:f9:
                    60:26:d2:0b:03:05:fb:cd:1b:b5:3f:5d:4b:46:f1:
                    5b:5f:b4:46:c9:7e:49:dd:15:60:92:bf:2c:d4:71:
                    c4:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:4C:0A:C0:71:37:81:92:8B:1A:D8:03:B7:64:84:C1:6B:3E:E8:A3
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/N0wKwHE3gZKLGtgDt2SEwWs-6KM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.222.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         84:4c:6f:fe:c2:39:29:05:b6:c8:81:49:86:30:25:a5:cc:6f:
         99:0d:5c:da:8c:1c:61:f5:be:03:22:3b:78:52:35:4e:8b:14:
         9e:c1:b7:f9:b5:d7:77:c6:9b:ca:6f:bc:e7:ec:7d:da:aa:f3:
         de:6d:bf:44:6b:b6:cb:91:2e:63:43:76:29:4d:01:da:05:2c:
         10:b9:85:98:4a:ea:8e:82:20:9a:67:77:4d:e5:99:99:79:4a:
         79:9f:a1:ec:10:60:3e:b8:09:8b:58:35:08:9a:7d:09:41:c7:
         83:7e:7b:db:77:24:58:32:1f:e5:e9:31:d9:98:13:f0:bb:eb:
         7b:a7:f2:47:ae:fc:1f:07:56:88:ae:b2:60:7e:7f:da:51:44:
         6d:c3:0f:d8:7d:67:d0:61:09:5d:10:16:30:5c:63:92:b3:a4:
         54:82:48:f0:51:c4:85:ee:0d:32:f2:49:1e:d2:0c:93:5b:05:
         99:9d:7a:ba:35:df:2a:fb:d6:0c:52:53:96:7f:63:a0:89:fa:
         9a:c9:8e:4c:b7:bb:5b:a0:5c:22:16:54:5a:c3:33:55:82:93:
         b5:75:18:44:f6:69:bf:2d:19:59:54:cd:5f:94:14:3d:d8:d9:
         af:ca:3e:7f:c7:b8:cf:ae:02:24:40:40:a4:51:69:34:fe:74:
         00:6b:85:6a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
NjUyNTRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM3NEMwQUMwNzEzNzgx
OTI4QjFBRDgwM0I3NjQ4NEMxNkIzRUU4QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7v+am5qqLIyFJYGw6NBxlmjjcVMc5mhOGUcXn9xosEjeg6JF8
lFYKLpKCtzW1Ntz+CKDMsgA9fWXnwrtugoS8ex/wTw+6QVy3d5dd3PKnq06qefHZ
95Bb0sU0xRt7wcflVbvN9qo9MxhP8cv0AeyETAb2CcSvtTscO84TvzvUXeWcwD7A
RkhgsRaJxjx+g+IpgeagqZ2VY10xBj5Tstf/BQNvp6EoAclvU77pQ+5tJ/Uy0p7X
Sfj8MxO3O0u7uhKhtLISSVr0zIUnbVKR0evhLbrscosSx49+NTM8+Rmy+WAm0gsD
BfvNG7U/XUtG8VtftEbJfkndFWCSvyzUccQ7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUN0wKwHE3gZKLGtgDt2SEwWs+6KMwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTjB3S3dIRTNnWktMR3RnRHQyU0V3
V3MtNktNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveCDAN
BgkqhkiG9w0BAQsFAAOCAQEAhExv/sI5KQW2yIFJhjAlpcxvmQ1c2owcYfW+AyI7
eFI1TosUnsG3+bXXd8abym+85+x92qrz3m2/RGu2y5EuY0N2KU0B2gUsELmFmErq
joIgmmd3TeWZmXlKeZ+h7BBgPrgJi1g1CJp9CUHHg35723ckWDIf5ekx2ZgT8Lvr
e6fyR678HwdWiK6yYH5/2lFEbcMP2H1n0GEJXRAWMFxjkrOkVIJI8FHEhe4NMvJJ
HtIMk1sFmZ16ujXfKvvWDFJTln9joIn6msmOTLe7W6BcIhZUWsMzVYKTtXUYRPZp
vy0ZWVTNX5QUPdjZr8o+f8e4z64CJEBApFFpNP50AGuFag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org