Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/hMvbbTZNb8rx_lRfRK_alM9QGxY.roa
File:                     hMvbbTZNb8rx_lRfRK_alM9QGxY.roa (raw, json)
Hash identifier:          OAyQXWVp+NlAqKrCwwYBTSxRzRgnfcaVxvGWk7kI4XU=
Subject key identifier:   84:CB:DB:6D:36:4D:6F:CA:F1:FE:54:5F:44:AF:DA:94:CF:50:1B:16
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0CDA
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/hMvbbTZNb8rx_lRfRK_alM9QGxY.roa
Signing time:             Wed 26 Apr 2023 07:07:02 +0000
ROA not before:           Wed 26 Apr 2023 07:07:02 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        203.222.0.0/19 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3290 (0xcda)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Apr 26 07:07:02 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=84CBDB6D364D6FCAF1FE545F44AFDA94CF501B16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:da:60:30:9f:c4:94:db:ae:c7:7c:d0:fd:d8:
                    c0:c7:4e:81:df:1c:a8:1b:60:6f:e1:1c:df:24:77:
                    16:e2:3a:fd:3f:6f:e7:a9:68:0c:da:77:1c:2b:c1:
                    3c:a7:bf:25:35:9f:30:cb:80:54:06:07:98:f6:43:
                    86:5e:a2:9f:9b:ba:67:99:49:72:61:80:71:e0:40:
                    48:4e:f2:1e:bf:83:f5:57:47:66:79:cf:b0:3a:bb:
                    77:22:1b:f7:a4:7f:56:58:05:6a:fd:a5:39:a1:03:
                    ad:13:6b:b7:29:58:0f:8e:ff:ce:5f:93:fb:17:d6:
                    90:f5:9b:f9:63:a1:fc:02:e0:61:23:00:51:90:f0:
                    ef:43:f5:36:02:c0:df:90:6b:ff:a5:22:fa:ae:28:
                    21:7f:79:6e:3e:7b:36:1e:ac:d1:2c:5f:17:22:31:
                    65:62:39:5d:53:d7:91:f7:d2:e6:02:2b:82:76:0d:
                    74:f7:d4:95:18:06:62:20:c9:f2:e6:2e:91:67:9a:
                    4e:bc:f6:b1:19:36:f1:43:89:65:87:8c:bc:e7:9e:
                    5e:fd:e9:82:41:fe:65:39:57:3e:0c:8d:a8:eb:1a:
                    a0:eb:57:cf:b9:51:af:94:db:0b:14:33:7d:55:2c:
                    24:85:74:16:16:48:59:90:36:33:b0:a6:9e:c9:40:
                    dc:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:CB:DB:6D:36:4D:6F:CA:F1:FE:54:5F:44:AF:DA:94:CF:50:1B:16
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/hMvbbTZNb8rx_lRfRK_alM9QGxY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.222.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         54:bf:b1:f0:60:e3:f8:79:79:87:0a:d6:3c:d8:b1:fa:84:2b:
         87:a6:28:9f:c2:d3:0c:12:4f:59:5e:96:db:6a:07:a5:7a:7d:
         15:05:6b:77:61:f1:4f:ac:c1:04:5f:29:6e:7b:15:af:ba:38:
         20:e8:95:09:94:6f:69:f6:3b:12:d2:ca:91:3c:c5:12:ac:6a:
         f9:5c:65:c0:46:10:ea:62:51:dd:9b:75:9f:d6:8c:15:06:f3:
         25:cd:16:52:64:63:d9:86:28:c5:cd:77:e5:26:de:28:76:5e:
         dc:fd:9b:b1:ab:38:f6:19:b0:d7:38:e2:e5:ed:d4:d1:3d:e6:
         c0:0f:c9:3d:55:66:1c:19:b5:65:35:b2:c2:88:78:42:33:77:
         60:93:33:02:30:3a:64:a3:36:cb:ef:79:da:6a:85:71:2c:f2:
         ee:39:18:95:84:7e:c0:06:ca:65:c1:61:33:0a:8e:8c:c7:78:
         99:2f:f7:2b:b4:08:15:8c:f9:c8:e5:c9:cf:76:83:b2:e7:64:
         b6:71:e6:ea:e4:29:3f:9d:6a:de:64:6b:8c:04:56:22:67:ed:
         3e:5e:ca:2d:65:23:50:15:c5:75:d9:52:87:5a:8a:81:44:d8:
         6e:9a:a9:f2:26:ef:fa:dc:6a:e5:49:ce:79:12:e3:cd:19:06:
         ef:a9:4c:e5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYw
NzA3MDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg0Q0JEQjZEMzY0RDZG
Q0FGMUZFNTQ1RjQ0QUZEQTk0Q0Y1MDFCMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDd2mAwn8SU267HfND92MDHToHfHKgbYG/hHN8kdxbiOv0/b+ep
aAzadxwrwTynvyU1nzDLgFQGB5j2Q4Zeop+bumeZSXJhgHHgQEhO8h6/g/VXR2Z5
z7A6u3ciG/ekf1ZYBWr9pTmhA60Ta7cpWA+O/85fk/sX1pD1m/ljofwC4GEjAFGQ
8O9D9TYCwN+Qa/+lIvquKCF/eW4+ezYerNEsXxciMWViOV1T15H30uYCK4J2DXT3
1JUYBmIgyfLmLpFnmk689rEZNvFDiWWHjLznnl796YJB/mU5Vz4MjajrGqDrV8+5
Ua+U2wsUM31VLCSFdBYWSFmQNjOwpp7JQNw/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhMvbbTZNb8rx/lRfRK/alM9QGxYwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvaE12YmJUWk5iOHJ4X2xSZlJLX2Fs
TTlRR3hZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcveADAN
BgkqhkiG9w0BAQsFAAOCAQEAVL+x8GDj+Hl5hwrWPNix+oQrh6Yon8LTDBJPWV6W
22oHpXp9FQVrd2HxT6zBBF8pbnsVr7o4IOiVCZRvafY7EtLKkTzFEqxq+VxlwEYQ
6mJR3Zt1n9aMFQbzJc0WUmRj2YYoxc135SbeKHZe3P2bsas49hmw1zji5e3U0T3m
wA/JPVVmHBm1ZTWywoh4QjN3YJMzAjA6ZKM2y+952mqFcSzy7jkYlYR+wAbKZcFh
MwqOjMd4mS/3K7QIFYz5yOXJz3aDsudktnHm6uQpP51q3mRrjARWImftPl7KLWUj
UBXFddlSh1qKgUTYbpqp8ibv+txq5UnOeRLjzRkG76lM5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org