Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/QBu1EnaicU_j86LuvFougZtKnVo.roa
File:                     QBu1EnaicU_j86LuvFougZtKnVo.roa (raw, json)
Hash identifier:          4J29CCq649WWX6EIyHrOLna4HT4bya+46z7DPoX+P7M=
Subject key identifier:   40:1B:B5:12:76:A2:71:4F:E3:F3:A2:EE:BC:5A:2E:81:9B:4A:9D:5A
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0BFC
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/QBu1EnaicU_j86LuvFougZtKnVo.roa
Signing time:             Thu 15 Sep 2022 02:37:19 +0000
ROA not before:           Thu 15 Sep 2022 02:37:19 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        203.222.16.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3068 (0xbfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Sep 15 02:37:19 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=401BB51276A2714FE3F3A2EEBC5A2E819B4A9D5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ea:18:95:0b:c2:01:d3:6f:f2:2e:69:35:14:
                    ad:77:ee:15:51:e3:a2:95:c6:78:c0:92:1f:d1:1e:
                    a9:67:be:d8:a2:4f:1d:46:f3:fe:8b:49:0d:e8:c9:
                    fd:1b:2e:f2:f3:14:91:3e:fb:ad:a9:8a:cd:66:e7:
                    10:a0:43:9d:90:b7:df:a7:98:71:c8:0b:c8:a7:00:
                    82:22:c8:fd:08:ac:34:5c:29:f3:e7:d8:e2:0a:1a:
                    dc:cf:d4:77:ed:15:f4:8a:de:d9:0d:ec:3e:30:9f:
                    34:bb:43:3c:b8:0d:b7:ac:46:c3:03:76:73:b1:48:
                    e0:bd:6a:63:46:e7:8e:41:ae:a7:b9:63:a6:f8:76:
                    36:50:bb:38:00:f2:50:a5:e5:0b:94:98:e1:1e:9b:
                    47:e9:b9:80:68:44:d3:4c:45:06:c0:93:af:54:82:
                    08:f5:40:f4:3b:b1:68:f0:5d:c6:f7:5e:13:f7:9f:
                    db:47:f8:29:7d:54:39:50:b2:70:cd:09:9c:5c:d8:
                    fc:03:d9:e0:e5:16:2f:de:54:ca:c3:37:74:52:fc:
                    39:cb:2d:2d:d0:d8:0d:a7:02:80:c8:03:e0:f1:73:
                    3a:c0:3d:4a:15:c9:48:e7:73:41:08:ce:5b:86:ac:
                    cb:89:9e:83:56:fd:5e:62:2e:23:d8:88:d1:c1:6a:
                    64:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:1B:B5:12:76:A2:71:4F:E3:F3:A2:EE:BC:5A:2E:81:9B:4A:9D:5A
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/QBu1EnaicU_j86LuvFougZtKnVo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.222.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:9f:62:a3:73:c7:4f:81:1d:d7:4c:b2:55:b7:35:c3:8d:1b:
         1b:6a:78:22:1e:12:50:d0:5e:74:ff:c3:90:d7:28:be:22:64:
         84:4a:a0:f1:6d:8e:d6:6d:db:91:1b:99:6b:24:7b:39:e7:5f:
         91:e4:cc:bf:0f:ad:d2:26:cf:67:54:79:62:57:17:9a:5f:bb:
         0b:25:63:cc:8c:09:a1:23:ff:d6:26:46:c9:0e:73:74:ec:72:
         79:68:b9:f6:41:87:15:7e:4f:83:dc:b6:73:d0:ee:bb:63:6f:
         0c:c4:07:f3:ab:ac:8e:c1:34:ca:d8:a8:38:07:64:c5:16:0d:
         48:7a:d3:a8:4c:b2:57:8f:ff:86:87:79:e6:06:64:aa:3b:dd:
         2e:d8:16:b7:35:67:fa:4c:a6:22:7a:2c:cf:50:d2:73:18:c3:
         15:0b:aa:07:45:87:66:51:52:0f:cb:23:75:f6:3f:a3:3c:21:
         6a:ab:cc:5e:95:e1:be:2a:ce:fb:0d:40:74:b1:03:8c:c1:e0:
         bf:63:d3:05:28:5d:d7:d3:cc:27:cd:5c:90:a5:57:38:97:cf:
         7b:3d:d6:1e:f2:99:c5:3b:ce:db:af:a8:7d:59:f5:09:e1:27:
         be:ff:b2:0b:d1:23:f1:ad:58:42:7f:20:0c:86:9b:8b:16:e4:
         7f:ec:24:3b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjA5MTUw
MjM3MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQwMUJCNTEyNzZBMjcx
NEZFM0YzQTJFRUJDNUEyRTgxOUI0QTlENUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm6hiVC8IB02/yLmk1FK137hVR46KVxnjAkh/RHqlnvtiiTx1G
8/6LSQ3oyf0bLvLzFJE++62pis1m5xCgQ52Qt9+nmHHIC8inAIIiyP0IrDRcKfPn
2OIKGtzP1HftFfSK3tkN7D4wnzS7Qzy4DbesRsMDdnOxSOC9amNG545Brqe5Y6b4
djZQuzgA8lCl5QuUmOEem0fpuYBoRNNMRQbAk69Uggj1QPQ7sWjwXcb3XhP3n9tH
+Cl9VDlQsnDNCZxc2PwD2eDlFi/eVMrDN3RS/DnLLS3Q2A2nAoDIA+DxczrAPUoV
yUjnc0EIzluGrMuJnoNW/V5iLiPYiNHBamTTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQBu1EnaicU/j86LuvFougZtKnVowHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvUUJ1MUVuYWljVV9qODZMdXZGb3Vn
WnRLblZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveEDAN
BgkqhkiG9w0BAQsFAAOCAQEANZ9io3PHT4Ed10yyVbc1w40bG2p4Ih4SUNBedP/D
kNcoviJkhEqg8W2O1m3bkRuZayR7OedfkeTMvw+t0ibPZ1R5YlcXml+7CyVjzIwJ
oSP/1iZGyQ5zdOxyeWi59kGHFX5Pg9y2c9Duu2NvDMQH86usjsE0ytioOAdkxRYN
SHrTqEyyV4//hod55gZkqjvdLtgWtzVn+kymInosz1DScxjDFQuqB0WHZlFSD8sj
dfY/ozwhaqvMXpXhvirO+w1AdLEDjMHgv2PTBShd19PMJ81ckKVXOJfPez3WHvKZ
xTvO26+ofVn1CeEnvv+yC9Ej8a1YQn8gDIabixbkf+wkOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org