Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Pq_nxWW-lYdsuyCejSU8GpcS-Bg.roa
File:                     Pq_nxWW-lYdsuyCejSU8GpcS-Bg.roa (raw, json)
Hash identifier:          ZnFOvpkpI/N7AvXDlTYxG8TL7pL/hVZh4mc/YCGgOic=
Subject key identifier:   3E:AF:E7:C5:65:BE:95:87:6C:BB:20:9E:8D:25:3C:1A:97:12:F8:18
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       099D
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Pq_nxWW-lYdsuyCejSU8GpcS-Bg.roa
Signing time:             Sun 07 Feb 2021 13:15:26 +0000
ROA not before:           Sun 07 Feb 2021 13:15:26 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17809
IP address blocks:        111.67.48.0/21 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2461 (0x99d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Feb  7 13:15:26 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=3EAFE7C565BE95876CBB209E8D253C1A9712F818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6b:8e:d5:bb:31:ed:e6:51:47:e5:cc:ad:ec:
                    e3:dc:d9:2b:ee:ec:66:f5:b2:d2:fa:66:c3:ba:59:
                    85:e2:bf:62:40:41:8c:2e:93:8d:c9:fc:24:85:3e:
                    2b:1a:e3:4c:b6:12:84:a8:b2:e7:5b:6c:1c:14:bf:
                    21:07:81:93:cf:ac:6f:58:10:1e:7d:cb:29:04:c9:
                    74:bb:c6:be:7c:2d:20:59:5a:b1:da:46:79:76:72:
                    be:90:55:15:1f:36:43:9c:15:61:1f:61:ad:65:49:
                    78:68:f5:45:42:52:87:6f:28:1c:a6:af:4e:e2:48:
                    65:42:b2:39:a4:d2:e5:a5:6c:87:10:56:86:8f:21:
                    af:f7:e1:b7:b6:80:33:7e:eb:f8:d6:42:11:ee:11:
                    b9:17:3b:19:3b:60:da:5c:d8:23:95:a5:94:e6:77:
                    ec:ac:c4:4f:fe:32:a2:44:8e:77:0b:4c:45:d8:74:
                    63:34:b6:d3:55:94:1c:71:2b:8f:bd:be:9d:bf:41:
                    43:7b:d7:0b:27:3b:9b:08:22:c5:7d:6d:95:ad:f7:
                    98:fc:98:fd:7c:15:6c:83:be:e1:e5:37:53:7a:14:
                    be:48:01:f3:9c:a0:ed:54:49:ee:6a:d4:f1:f4:2f:
                    d5:fc:4a:30:61:5b:d9:ff:76:2b:69:c3:25:48:5d:
                    ef:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:AF:E7:C5:65:BE:95:87:6C:BB:20:9E:8D:25:3C:1A:97:12:F8:18
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Pq_nxWW-lYdsuyCejSU8GpcS-Bg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  111.67.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         98:7c:23:40:76:cf:9e:ea:96:86:00:50:78:f2:30:b3:6e:73:
         57:95:31:8b:5e:af:b8:0c:22:c0:b0:99:c7:28:05:9f:df:ad:
         1e:9a:1e:a3:e1:10:c5:8b:97:26:e5:b9:a3:5a:9f:d9:3d:57:
         f7:e3:1d:12:20:40:3f:5f:9e:17:48:76:a9:1e:c2:30:6b:4e:
         3b:f0:68:28:80:9c:e1:6b:c8:a2:38:d4:38:3d:10:b8:85:b4:
         06:77:27:fc:05:7e:c1:18:d8:bf:e5:f5:9e:d2:b4:0a:55:2a:
         ce:a9:2d:bf:1c:1e:62:b1:70:14:08:96:27:b9:82:31:d5:82:
         41:dd:2f:2d:3a:ed:84:bd:20:8e:39:a9:de:4a:ae:a3:11:c3:
         3e:4a:1c:12:df:51:f8:23:aa:42:bd:1d:ef:29:3d:f2:de:ca:
         83:a9:34:09:4e:67:fe:e0:68:32:30:01:75:7a:48:d6:37:ce:
         96:4b:dc:72:9f:3b:b2:46:79:aa:3e:c8:78:bf:0a:25:d5:2f:
         50:64:29:7b:ea:df:f0:0e:e1:aa:13:86:9c:24:ce:8f:d7:4d:
         75:92:c1:0e:38:7d:23:2d:ed:6d:5d:20:82:85:ff:8f:d0:e4:
         2e:e9:28:b4:77:e8:d9:ea:42:09:6a:52:52:35:15:30:62:c8:
         7c:dc:82:2d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCZ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTAyMDcx
MzE1MjZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNFQUZFN0M1NjVCRTk1
ODc2Q0JCMjA5RThEMjUzQzFBOTcxMkY4MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFa47VuzHt5lFH5cyt7OPc2Svu7Gb1stL6ZsO6WYXiv2JAQYwu
k43J/CSFPisa40y2EoSosudbbBwUvyEHgZPPrG9YEB59yykEyXS7xr58LSBZWrHa
Rnl2cr6QVRUfNkOcFWEfYa1lSXho9UVCUodvKBymr07iSGVCsjmk0uWlbIcQVoaP
Ia/34be2gDN+6/jWQhHuEbkXOxk7YNpc2COVpZTmd+ysxE/+MqJEjncLTEXYdGM0
ttNVlBxxK4+9vp2/QUN71wsnO5sIIsV9bZWt95j8mP18FWyDvuHlN1N6FL5IAfOc
oO1USe5q1PH0L9X8SjBhW9n/ditpwyVIXe95AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPq/nxWW+lYdsuyCejSU8GpcS+BgwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvUHFfbnhXVy1sWWRzdXlDZWpTVThH
cGNTLUJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA29DMDAN
BgkqhkiG9w0BAQsFAAOCAQEAmHwjQHbPnuqWhgBQePIws25zV5Uxi16vuAwiwLCZ
xygFn9+tHpoeo+EQxYuXJuW5o1qf2T1X9+MdEiBAP1+eF0h2qR7CMGtOO/BoKICc
4WvIojjUOD0QuIW0Bncn/AV+wRjYv+X1ntK0ClUqzqktvxweYrFwFAiWJ7mCMdWC
Qd0vLTrthL0gjjmp3kquoxHDPkocEt9R+COqQr0d7yk98t7Kg6k0CU5n/uBoMjAB
dXpI1jfOlkvccp87skZ5qj7IeL8KJdUvUGQpe+rf8A7hqhOGnCTOj9dNdZLBDjh9
Iy3tbV0ggoX/j9DkLukotHfo2epCCWpSUjUVMGLIfNyCLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org