Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Yqh98gESTi3PZSKYbggVwGXVbWg.roa
File:                     Yqh98gESTi3PZSKYbggVwGXVbWg.roa (raw, json)
Hash identifier:          wgGN8Me2eL4I+Zkc4lwaPPbV4RAhCUljZuU7YqUu8QM=
Subject key identifier:   62:A8:7D:F2:01:12:4E:2D:CF:65:22:98:6E:08:15:C0:65:D5:6D:68
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0CCB
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Yqh98gESTi3PZSKYbggVwGXVbWg.roa
Signing time:             Wed 26 Apr 2023 06:35:01 +0000
ROA not before:           Wed 26 Apr 2023 06:35:01 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        210.209.128.0/18 maxlen: 18

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3275 (0xccb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Apr 26 06:35:01 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=62A87DF201124E2DCF6522986E0815C065D56D68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:b8:5b:ae:f4:f7:3a:63:e1:3e:f9:12:4c:00:
                    ba:eb:ea:14:23:6e:16:71:6b:4e:35:ed:68:9f:60:
                    d8:d5:d4:82:33:bf:ff:95:0b:b0:ff:f4:6a:fd:3b:
                    d5:0a:ab:03:ad:83:5a:81:c4:8e:82:fe:7b:b8:f2:
                    9c:f7:48:78:6c:2b:7f:40:b7:5f:60:27:95:c0:93:
                    7d:21:ff:5a:33:74:d7:03:3e:e8:ed:70:c8:44:c0:
                    6b:37:86:10:8a:84:3f:33:33:e6:f9:20:f5:45:27:
                    6b:ae:8c:42:f1:3a:00:0c:d8:80:62:37:51:12:f4:
                    82:5b:7e:83:06:65:61:b6:3c:4f:25:1f:f7:c9:4a:
                    f3:cf:25:8f:87:a8:a1:91:31:ba:8f:04:4b:3e:9b:
                    16:93:64:49:be:34:77:b8:8b:39:72:16:7e:dc:52:
                    a4:c4:78:8b:e0:cf:a7:be:e1:9a:9d:37:99:7b:ff:
                    3c:ae:0a:fe:89:0c:ff:ae:f5:88:05:59:b3:13:0d:
                    08:2b:05:4d:ca:22:3b:3f:32:19:16:ef:90:c5:b0:
                    aa:52:55:ba:9c:d4:8e:4a:b8:3b:3c:d3:00:d8:87:
                    45:d7:8f:4a:a4:04:d7:21:44:ce:05:3a:98:9d:c1:
                    ab:4e:cb:1d:bb:06:24:5e:dd:51:80:4b:e3:0c:b1:
                    54:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:A8:7D:F2:01:12:4E:2D:CF:65:22:98:6E:08:15:C0:65:D5:6D:68
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Yqh98gESTi3PZSKYbggVwGXVbWg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.209.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         46:02:37:f7:ab:36:89:fa:a5:bb:3f:7d:5c:39:70:b0:22:7b:
         1a:27:8d:43:59:34:93:d3:36:f1:96:9c:66:20:88:54:60:ef:
         7d:66:6e:b4:fe:f2:ee:d9:96:6b:04:b9:e0:44:23:b3:38:75:
         68:95:cc:fd:86:ec:0e:0f:e2:bc:18:48:25:4c:0d:d5:af:6d:
         a3:ed:c2:fd:a6:c4:b8:8b:a1:80:41:4b:c2:da:79:c0:6b:f5:
         14:dc:1a:4e:f9:33:3c:3d:97:a1:11:8a:42:17:4e:5d:d2:17:
         21:14:f2:d2:19:f2:f6:10:47:6f:e4:ea:07:c8:da:2c:9e:90:
         55:e9:33:93:98:58:fd:69:ac:5b:f6:45:1c:49:57:2c:37:e0:
         ba:ce:74:24:c7:fb:08:20:ec:21:b7:49:6e:0a:52:0b:6e:93:
         ea:cd:7c:ee:13:6b:05:0d:fc:d5:26:ee:e6:ef:d8:33:8e:88:
         7d:eb:f0:74:7c:f1:b5:38:af:a6:3c:19:01:54:18:30:b4:a3:
         42:82:e1:30:ce:89:65:51:f9:cb:8a:62:23:32:68:ff:ee:20:
         c5:a8:19:a4:8c:3e:50:43:23:ba:d3:74:7a:59:78:a2:d8:f6:
         c0:eb:6f:e2:4b:c2:04:90:9f:bc:07:fd:35:6a:1f:b6:53:a9:
         92:dd:c0:16
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NjM1MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYyQTg3REYyMDExMjRF
MkRDRjY1MjI5ODZFMDgxNUMwNjVENTZENjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDouFuu9Pc6Y+E++RJMALrr6hQjbhZxa0417WifYNjV1IIzv/+V
C7D/9Gr9O9UKqwOtg1qBxI6C/nu48pz3SHhsK39At19gJ5XAk30h/1ozdNcDPujt
cMhEwGs3hhCKhD8zM+b5IPVFJ2uujELxOgAM2IBiN1ES9IJbfoMGZWG2PE8lH/fJ
SvPPJY+HqKGRMbqPBEs+mxaTZEm+NHe4izlyFn7cUqTEeIvgz6e+4ZqdN5l7/zyu
Cv6JDP+u9YgFWbMTDQgrBU3KIjs/MhkW75DFsKpSVbqc1I5KuDs80wDYh0XXj0qk
BNchRM4FOpidwatOyx27BiRe3VGAS+MMsVT9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYqh98gESTi3PZSKYbggVwGXVbWgwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWXFoOThnRVNUaTNQWlNLWWJnZ1Z3
R1hWYldnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLRgDAN
BgkqhkiG9w0BAQsFAAOCAQEARgI396s2ifqluz99XDlwsCJ7GieNQ1k0k9M28Zac
ZiCIVGDvfWZutP7y7tmWawS54EQjszh1aJXM/YbsDg/ivBhIJUwN1a9to+3C/abE
uIuhgEFLwtp5wGv1FNwaTvkzPD2XoRGKQhdOXdIXIRTy0hny9hBHb+TqB8jaLJ6Q
Vekzk5hY/WmsW/ZFHElXLDfgus50JMf7CCDsIbdJbgpSC26T6s187hNrBQ381Sbu
5u/YM46IfevwdHzxtTivpjwZAVQYMLSjQoLhMM6JZVH5y4piIzJo/+4gxagZpIw+
UEMjutN0ell4otj2wOtv4kvCBJCfvAf9NWoftlOpkt3AFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org