Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZpegpvXgob_OKOBZ4DTHBzIuTUc.roa
File:                     ZpegpvXgob_OKOBZ4DTHBzIuTUc.roa (raw, json)
Hash identifier:          4WG5LeiwVGRmIAXz8bor8bUEMv9z7QIPTy+hHTHyVHM=
Subject key identifier:   66:97:A0:A6:F5:E0:A1:BF:CE:28:E0:59:E0:34:C7:07:32:2E:4D:47
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0CFA
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZpegpvXgob_OKOBZ4DTHBzIuTUc.roa
Signing time:             Wed 26 Apr 2023 10:31:25 +0000
ROA not before:           Wed 26 Apr 2023 10:31:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        203.222.0.0/19 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3322 (0xcfa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Apr 26 10:31:25 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=6697A0A6F5E0A1BFCE28E059E034C707322E4D47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:74:5f:53:75:4d:0d:dd:4b:61:63:d6:4e:20:
                    83:fb:6d:15:2e:06:9c:58:c2:89:dc:1e:87:86:eb:
                    e1:c7:81:4f:52:67:ee:a4:a3:47:35:c3:0d:c1:08:
                    17:00:37:a6:7b:e5:25:81:47:58:19:2d:9a:c8:e8:
                    28:e9:4d:a4:11:95:c5:49:eb:80:7a:e4:ca:1b:70:
                    56:93:8c:b5:91:4c:47:e7:fd:bf:3c:3a:e5:24:bd:
                    1f:9d:79:76:f5:f3:57:96:4f:2e:dc:a4:8b:9a:07:
                    e6:93:fa:25:ee:72:4b:42:33:d3:ff:fd:2b:ff:a7:
                    ec:e9:0d:db:78:f7:3a:78:e0:5a:40:dd:a8:43:ce:
                    e7:76:d9:b6:8b:12:62:2a:1d:56:dd:1a:f8:cc:61:
                    22:f1:42:92:47:09:18:bd:01:54:58:29:35:25:1d:
                    b7:ea:1d:9d:90:d1:40:4f:e8:6f:97:76:ba:8b:a6:
                    f0:2d:4b:38:72:83:bc:db:98:c5:57:3f:01:43:bb:
                    ea:38:73:ad:bc:45:87:b3:e3:9e:f8:d9:e9:33:04:
                    ce:3e:85:a8:64:13:bd:60:b9:0e:74:63:77:48:14:
                    87:91:7b:36:b1:72:61:5c:92:ea:29:40:89:ed:db:
                    ee:77:4d:c2:d2:ba:17:cd:c3:7d:d8:e0:20:90:31:
                    5d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:97:A0:A6:F5:E0:A1:BF:CE:28:E0:59:E0:34:C7:07:32:2E:4D:47
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZpegpvXgob_OKOBZ4DTHBzIuTUc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.222.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         85:be:8a:9d:24:1a:42:1b:96:a7:0a:f2:06:9d:77:85:94:b6:
         00:c9:99:04:d6:39:b3:67:66:2e:e4:b8:e4:08:3b:e0:25:8a:
         34:79:8b:6e:47:f4:65:06:a1:29:b2:ba:83:a8:9d:a9:df:0e:
         2a:40:b2:8d:48:e9:79:2c:c1:f5:92:79:6c:50:98:dc:ee:df:
         2a:ba:2a:9e:30:71:af:61:68:46:83:20:90:2a:e8:63:0a:94:
         f7:8d:b7:02:f0:f5:f3:7f:19:c4:08:bc:78:93:91:cd:22:78:
         e1:32:45:e1:4d:29:da:a9:ae:54:5e:fe:5b:3d:49:4e:c7:26:
         33:b1:eb:48:8b:19:c5:f1:60:4e:a0:91:fe:a3:1b:a2:49:4d:
         81:7e:f6:36:76:ca:b2:70:eb:59:3c:4c:37:56:cb:78:90:ee:
         37:65:54:7d:c6:5b:1d:b6:e7:f3:46:0b:b8:57:d2:c8:83:6d:
         b5:fd:d3:a1:df:69:85:e6:e2:53:07:b1:c5:d3:19:04:c6:fd:
         77:6c:41:5a:fd:74:d9:38:e5:48:3c:8a:95:b0:ae:46:0a:44:
         b7:c6:e3:48:ab:5d:f4:02:6e:db:eb:31:9f:ff:9d:af:12:50:
         30:51:c9:30:ab:c5:f3:49:bd:bd:2d:54:2a:05:89:4d:d8:46:
         7e:36:5e:b1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY2OTdBMEE2RjVFMEEx
QkZDRTI4RTA1OUUwMzRDNzA3MzIyRTRENDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbdF9TdU0N3UthY9ZOIIP7bRUuBpxYwoncHoeG6+HHgU9SZ+6k
o0c1ww3BCBcAN6Z75SWBR1gZLZrI6CjpTaQRlcVJ64B65MobcFaTjLWRTEfn/b88
OuUkvR+deXb181eWTy7cpIuaB+aT+iXucktCM9P//Sv/p+zpDdt49zp44FpA3ahD
zud22baLEmIqHVbdGvjMYSLxQpJHCRi9AVRYKTUlHbfqHZ2Q0UBP6G+XdrqLpvAt
Szhyg7zbmMVXPwFDu+o4c628RYez45742ekzBM4+hahkE71guQ50Y3dIFIeRezax
cmFckuopQInt2+53TcLSuhfNw33Y4CCQMV3zAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZpegpvXgob/OKOBZ4DTHBzIuTUcwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWnBlZ3B2WGdvYl9PS09CWjREVEhC
ekl1VFVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcveADAN
BgkqhkiG9w0BAQsFAAOCAQEAhb6KnSQaQhuWpwryBp13hZS2AMmZBNY5s2dmLuS4
5Ag74CWKNHmLbkf0ZQahKbK6g6idqd8OKkCyjUjpeSzB9ZJ5bFCY3O7fKroqnjBx
r2FoRoMgkCroYwqU9423AvD1838ZxAi8eJORzSJ44TJF4U0p2qmuVF7+Wz1JTscm
M7HrSIsZxfFgTqCR/qMboklNgX72NnbKsnDrWTxMN1bLeJDuN2VUfcZbHbbn80YL
uFfSyINttf3Tod9phebiUwexxdMZBMb9d2xBWv102TjlSDyKlbCuRgpEt8bjSKtd
9AJu2+sxn/+drxJQMFHJMKvF80m9vS1UKgWJTdhGfjZesQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org