Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/vcDBpLkbK8-l9pxSe_dH5a-Afas.roa
File:                     vcDBpLkbK8-l9pxSe_dH5a-Afas.roa (raw, json)
Hash identifier:          kPhRAEH8Na3687m+uJZHiAnBjfhjctH6bbhThRIfK1M=
Subject key identifier:   BD:C0:C1:A4:B9:1B:2B:CF:A5:F6:9C:52:7B:F7:47:E5:AF:80:7D:AB
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0D38
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/vcDBpLkbK8-l9pxSe_dH5a-Afas.roa
Signing time:             Wed 26 Apr 2023 10:31:40 +0000
ROA not before:           Wed 26 Apr 2023 10:31:40 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17809
IP address blocks:        203.222.0.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3384 (0xd38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Apr 26 10:31:40 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=BDC0C1A4B91B2BCFA5F69C527BF747E5AF807DAB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:94:5c:ab:80:aa:78:67:87:4b:0b:e0:39:57:
                    06:1e:99:80:92:b7:d2:87:9c:9d:cf:69:98:e8:e3:
                    1a:26:6c:7b:52:87:4d:43:d5:20:8b:f9:18:da:91:
                    8a:01:e7:3a:86:58:0f:3d:2f:46:be:65:fd:f2:94:
                    63:9f:0c:ce:c3:92:0e:d3:e4:62:9c:88:c1:fb:e4:
                    c7:43:0d:43:9b:bc:c0:ff:ed:7d:f3:a9:43:9f:19:
                    e3:5f:9c:27:88:55:79:ef:27:af:d2:b5:99:aa:3c:
                    be:dc:6f:64:11:f2:b3:7a:5c:8c:17:ff:e9:35:94:
                    f7:cd:b6:d8:43:dd:cc:81:52:2f:cd:08:5b:d3:77:
                    1e:0b:c4:f1:87:26:7f:4b:59:6a:4b:ea:58:e6:c2:
                    49:1f:e1:2f:ca:53:98:93:46:a5:69:92:f6:6b:63:
                    e3:e1:23:c2:5d:89:0b:91:58:28:fe:e1:fd:97:6d:
                    2f:a5:f3:2f:3e:ec:5e:74:c1:5a:3f:87:7b:0f:40:
                    54:f1:5a:d5:95:ba:93:12:55:48:cd:e9:3c:23:79:
                    cd:fd:0a:3f:e1:02:bd:c7:0c:7e:8a:01:a8:bd:ac:
                    7e:91:8d:35:d1:f1:13:13:18:bf:b3:1a:e4:9a:5b:
                    7b:1a:51:81:06:21:45:71:b8:46:1f:cf:f9:e7:e1:
                    da:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:C0:C1:A4:B9:1B:2B:CF:A5:F6:9C:52:7B:F7:47:E5:AF:80:7D:AB
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/vcDBpLkbK8-l9pxSe_dH5a-Afas.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.222.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         95:f8:2a:0b:51:88:54:37:8f:b5:22:fd:e6:34:3b:11:fc:7f:
         ee:26:e0:ba:cc:62:95:f6:6e:c0:64:4a:ac:3d:2b:66:ec:b8:
         41:b2:d6:b1:3d:40:f6:11:87:c1:cd:03:5a:73:ff:d9:26:94:
         5d:04:a5:c7:5f:15:be:27:36:b0:bc:7d:af:df:41:af:36:ff:
         d8:eb:76:d7:7d:a0:ee:23:26:00:67:ec:0a:41:85:0b:b7:b4:
         7a:ad:bb:3a:17:bc:e7:42:c3:ba:d8:be:f4:be:71:f2:fb:34:
         31:1a:ce:c2:0d:aa:c7:14:6c:95:ee:51:8b:57:d9:3b:89:18:
         dc:52:72:2a:78:39:3b:ce:8e:3f:b1:a1:79:e8:53:ac:1e:76:
         97:83:02:a7:21:30:7f:f0:12:92:78:3c:4b:43:18:5e:a8:dd:
         53:3c:92:db:f8:1c:29:04:41:da:c3:79:d6:69:14:d2:4c:57:
         25:4f:af:87:6c:db:31:70:c2:8c:ac:cf:15:5a:48:c4:a0:7c:
         19:a8:da:b1:bb:43:9e:57:e9:1f:eb:46:85:b2:ea:d0:15:c0:
         1d:19:ca:30:64:f4:62:8f:a9:e3:3c:bd:05:bc:f0:25:92:78:
         e1:f5:29:a8:9e:b7:a7:b3:5f:33:de:72:af:06:58:c7:64:9a:
         06:75:00:0a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA0MjYx
MDMxNDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJEQzBDMUE0QjkxQjJC
Q0ZBNUY2OUM1MjdCRjc0N0U1QUY4MDdEQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSlFyrgKp4Z4dLC+A5VwYemYCSt9KHnJ3PaZjo4xombHtSh01D
1SCL+RjakYoB5zqGWA89L0a+Zf3ylGOfDM7Dkg7T5GKciMH75MdDDUObvMD/7X3z
qUOfGeNfnCeIVXnvJ6/StZmqPL7cb2QR8rN6XIwX/+k1lPfNtthD3cyBUi/NCFvT
dx4LxPGHJn9LWWpL6ljmwkkf4S/KU5iTRqVpkvZrY+PhI8JdiQuRWCj+4f2XbS+l
8y8+7F50wVo/h3sPQFTxWtWVupMSVUjN6Twjec39Cj/hAr3HDH6KAai9rH6RjTXR
8RMTGL+zGuSaW3saUYEGIUVxuEYfz/nn4dqDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUvcDBpLkbK8+l9pxSe/dH5a+AfaswHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvdmNEQnBMa2JLOC1sOXB4U2VfZEg1
YS1BZmFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veADAN
BgkqhkiG9w0BAQsFAAOCAQEAlfgqC1GIVDePtSL95jQ7Efx/7ibgusxilfZuwGRK
rD0rZuy4QbLWsT1A9hGHwc0DWnP/2SaUXQSlx18Vvic2sLx9r99Brzb/2Ot2132g
7iMmAGfsCkGFC7e0eq27Ohe850LDuti+9L5x8vs0MRrOwg2qxxRsle5Ri1fZO4kY
3FJyKng5O86OP7GheehTrB52l4MCpyEwf/ASkng8S0MYXqjdUzyS2/gcKQRB2sN5
1mkU0kxXJU+vh2zbMXDCjKzPFVpIxKB8GajasbtDnlfpH+tGhbLq0BXAHRnKMGT0
Yo+p4zy9BbzwJZJ44fUpqJ63p7NfM95yrwZYx2SaBnUACg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org