Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/qNSsZGag7yOJk3U2MgpAmF61IDI.roa
File:                     qNSsZGag7yOJk3U2MgpAmF61IDI.roa (raw, json)
Hash identifier:          8ZgV5YIifPsENpDvi0jK7Mbxa/ouwL7dfDlvlhXrFjA=
Subject key identifier:   A8:D4:AC:64:66:A0:EF:23:89:93:75:36:32:0A:40:98:5E:B5:20:32
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0C2B
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/qNSsZGag7yOJk3U2MgpAmF61IDI.roa
Signing time:             Mon 07 Nov 2022 06:13:06 +0000
ROA not before:           Mon 07 Nov 2022 06:13:06 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38851
IP address blocks:        119.15.216.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3115 (0xc2b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Nov  7 06:13:06 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A8D4AC6466A0EF2389937536320A40985EB52032
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:3d:f3:64:ce:ef:ef:a8:75:87:f9:ef:5f:4c:
                    4b:84:f0:e2:9a:fa:a2:1e:74:68:05:dd:9d:36:7d:
                    b5:48:39:59:ac:3c:f9:e1:bb:5b:8b:54:83:85:90:
                    59:6e:65:4f:6c:7e:6e:bd:8e:79:d4:eb:98:66:b6:
                    1a:d2:3b:20:b1:8b:12:a1:9d:cd:6b:e2:99:8f:1a:
                    d5:8d:13:8e:f7:06:d8:48:59:3a:2a:45:36:4b:75:
                    6c:dd:a0:ef:84:3e:61:fa:98:a0:5c:83:40:89:aa:
                    e5:86:4b:2a:59:4d:6c:90:10:47:65:80:ae:17:10:
                    47:a8:62:f2:3c:43:ec:1a:50:e7:dd:bf:e8:38:38:
                    9c:16:71:78:e8:d0:a6:b1:b8:d3:ef:f7:45:08:26:
                    c9:54:15:5e:4a:65:a1:3f:bc:81:d8:3f:d9:65:ef:
                    a5:11:c0:c2:fa:d0:fc:70:89:56:ae:3a:59:72:66:
                    4f:8d:b7:3f:9b:e7:01:92:37:44:42:ba:64:20:e5:
                    70:eb:b6:30:01:1d:2c:0e:0e:fc:85:b0:12:8b:86:
                    a7:d2:2a:cb:f5:df:ec:ea:93:5e:8a:f9:fd:3d:b5:
                    66:2e:01:da:d6:4e:c0:1f:6c:bd:3f:16:30:96:66:
                    b5:a4:d1:7b:24:d1:60:8a:25:f2:89:43:43:66:ce:
                    5b:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:D4:AC:64:66:A0:EF:23:89:93:75:36:32:0A:40:98:5E:B5:20:32
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/qNSsZGag7yOJk3U2MgpAmF61IDI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.15.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         46:ef:57:a9:fc:95:2a:6e:e4:0c:ea:43:da:ea:a8:4e:0e:c0:
         f3:7c:4b:e8:02:68:b5:b1:03:80:4f:ac:bc:e2:12:91:16:d9:
         2b:a9:48:57:6b:51:24:43:27:a3:8d:d5:86:cb:93:f3:66:6a:
         ac:3c:00:fc:64:45:12:a5:e0:d7:cc:af:38:b5:d3:28:48:00:
         da:10:84:c7:6d:dc:0f:6e:9c:eb:3c:fa:fd:2e:e6:22:b2:01:
         e4:f0:91:e4:ce:9e:ca:eb:60:1f:39:f5:57:ee:b9:31:2c:6a:
         c7:6f:3b:c3:fe:d7:71:34:cb:66:32:a6:0a:d4:50:5a:79:5f:
         fe:0c:78:6c:5b:a0:03:39:35:ce:6f:5f:4c:9c:4f:93:43:68:
         47:e9:01:d6:e1:d9:80:9c:2f:38:16:67:06:44:f9:b1:6c:dd:
         cb:b3:f9:1c:9c:b2:35:2c:97:cb:96:3f:53:a8:87:34:69:37:
         16:40:6c:b2:39:7f:a9:44:9d:26:59:8a:a2:89:07:3a:77:6d:
         6f:8d:24:a7:02:51:33:31:99:6e:9c:f6:0c:cd:0a:4c:4f:f3:
         74:be:89:e0:1e:94:8b:d7:21:4f:c0:9d:72:00:4d:e1:ff:63:
         80:d1:f3:1e:78:f2:3e:6e:bf:0a:51:9d:1f:b4:ab:ac:a6:03:
         c7:07:28:ce
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDCswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMjExMDcw
NjEzMDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEE4RDRBQzY0NjZBMEVG
MjM4OTkzNzUzNjMyMEE0MDk4NUVCNTIwMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrPfNkzu/vqHWH+e9fTEuE8OKa+qIedGgF3Z02fbVIOVmsPPnh
u1uLVIOFkFluZU9sfm69jnnU65hmthrSOyCxixKhnc1r4pmPGtWNE473BthIWToq
RTZLdWzdoO+EPmH6mKBcg0CJquWGSypZTWyQEEdlgK4XEEeoYvI8Q+waUOfdv+g4
OJwWcXjo0KaxuNPv90UIJslUFV5KZaE/vIHYP9ll76URwML60PxwiVauOllyZk+N
tz+b5wGSN0RCumQg5XDrtjABHSwODvyFsBKLhqfSKsv13+zqk16K+f09tWYuAdrW
TsAfbL0/FjCWZrWk0Xsk0WCKJfKJQ0Nmzls3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqNSsZGag7yOJk3U2MgpAmF61IDIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvcU5Tc1pHYWc3eU9KazNVMk1ncEFt
RjYxSURJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3cP2DAN
BgkqhkiG9w0BAQsFAAOCAQEARu9XqfyVKm7kDOpD2uqoTg7A83xL6AJotbEDgE+s
vOISkRbZK6lIV2tRJEMno43VhsuT82ZqrDwA/GRFEqXg18yvOLXTKEgA2hCEx23c
D26c6zz6/S7mIrIB5PCR5M6eyutgHzn1V+65MSxqx287w/7XcTTLZjKmCtRQWnlf
/gx4bFugAzk1zm9fTJxPk0NoR+kB1uHZgJwvOBZnBkT5sWzdy7P5HJyyNSyXy5Y/
U6iHNGk3FkBssjl/qUSdJlmKookHOndtb40kpwJRMzGZbpz2DM0KTE/zdL6J4B6U
i9chT8CdcgBN4f9jgNHzHnjyPm6/ClGdH7SrrKYDxwcozg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org