Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FANTASY/qOVfdtP6Ub0l-8w8wfK88q2WokU.roa
File:                     qOVfdtP6Ub0l-8w8wfK88q2WokU.roa (raw, json)
Hash identifier:          +2uJf3keJOcNdizTlb5FSTCsn7aVkKvIeUk3X4g+cO4=
Subject key identifier:   A8:E5:5F:76:D3:FA:51:BD:25:FB:CC:3C:C1:F2:BC:F2:AD:96:A2:45
Certificate issuer:       /CN=59DEF2CF828F0D9AB6AD94F426131764D254CC5C
Certificate serial:       0173
Authority key identifier: 59:DE:F2:CF:82:8F:0D:9A:B6:AD:94:F4:26:13:17:64:D2:54:CC:5C
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Wd7yz4KPDZq2rZT0JhMXZNJUzFw.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FANTASY/qOVfdtP6Ub0l-8w8wfK88q2WokU.roa
Signing time:             Mon 13 Apr 2020 09:19:57 +0000
ROA not before:           Mon 13 Apr 2020 09:19:57 +0000
ROA not after:            Tue 02 Feb 2021 02:23:38 +0000
asID:                     131671
IP address blocks:        103.146.212.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 371 (0x173)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59DEF2CF828F0D9AB6AD94F426131764D254CC5C
        Validity
            Not Before: Apr 13 09:19:57 2020 GMT
            Not After : Feb  2 02:23:38 2021 GMT
        Subject: CN=A8E55F76D3FA51BD25FBCC3CC1F2BCF2AD96A245
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:f2:23:16:c4:b7:bc:e7:f1:3a:6f:e4:01:45:
                    79:19:47:71:cd:f4:72:3e:2e:29:0a:f7:44:22:44:
                    d2:c4:d1:d5:61:a1:13:62:c1:25:da:f8:49:99:33:
                    2d:bc:6d:d7:dd:2d:98:12:1a:e9:f4:13:64:76:d2:
                    55:3a:f9:b3:2b:61:26:fa:6d:01:c9:87:18:a3:af:
                    2c:2f:4b:bf:eb:99:06:9a:6a:0b:20:8a:7b:c5:d2:
                    47:41:ed:83:08:75:fa:ce:7b:51:16:3b:c3:0f:a2:
                    dc:00:f6:7f:d7:8b:0d:96:50:d9:87:03:65:3e:e0:
                    38:07:ed:36:97:30:a0:6d:a6:19:0b:5d:ed:3b:5f:
                    d6:20:1f:73:19:d6:0d:38:7e:2d:97:03:cb:8e:da:
                    cc:e9:12:d7:fb:6e:8d:7f:72:90:91:c2:70:f7:f7:
                    19:a3:e2:6e:74:95:36:ae:ba:cc:17:79:cf:8a:78:
                    6b:3b:83:f4:d0:f1:39:f2:17:5f:fd:bb:13:2e:ac:
                    56:e0:06:9e:12:fc:ec:b5:20:cc:e8:70:57:01:5a:
                    c0:43:bd:2d:06:70:08:56:4d:aa:47:99:f1:f5:fe:
                    16:df:e3:37:60:c0:80:5b:25:72:49:b9:a8:8d:37:
                    f8:76:66:ef:1c:40:c8:cd:5f:75:3c:5f:5e:8e:50:
                    92:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:E5:5F:76:D3:FA:51:BD:25:FB:CC:3C:C1:F2:BC:F2:AD:96:A2:45
            X509v3 Authority Key Identifier:
                keyid:59:DE:F2:CF:82:8F:0D:9A:B6:AD:94:F4:26:13:17:64:D2:54:CC:5C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FANTASY/Wd7yz4KPDZq2rZT0JhMXZNJUzFw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Wd7yz4KPDZq2rZT0JhMXZNJUzFw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FANTASY/qOVfdtP6Ub0l-8w8wfK88q2WokU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.146.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:7a:43:d5:ac:92:a6:2d:da:75:ea:1e:49:b7:34:46:c2:87:
         54:79:6e:31:9e:98:5e:7e:ce:09:70:80:37:b0:e0:b8:f3:3e:
         f7:7d:f0:62:0b:0e:1e:c3:c6:d3:c2:93:b5:ae:41:c3:0e:a0:
         d6:a9:9f:fa:29:ca:24:1f:13:07:60:c9:f7:77:54:5b:9a:6d:
         2c:1a:7f:bd:c9:12:b8:f1:d5:43:19:dd:30:8e:71:4e:ec:5e:
         e7:b8:6e:a0:c2:06:e3:12:d1:1f:3d:b5:bf:eb:66:46:38:3c:
         b1:4e:cc:ed:99:46:52:73:ca:31:0e:33:19:f7:98:3c:3c:67:
         f0:bd:9b:e5:15:52:06:ba:06:4e:38:a8:de:9d:73:d1:0c:9f:
         e4:af:a1:e1:ec:ea:57:18:92:60:7b:64:81:b0:46:e7:d0:3e:
         76:f6:c5:19:76:72:c2:6f:b0:ec:6e:43:46:f5:bb:6d:fe:b7:
         6d:4d:ce:6a:c8:99:59:bc:18:74:36:22:4a:65:5b:ba:80:a1:
         48:2a:b4:a0:8e:b2:08:41:a1:ce:ac:0d:03:8e:26:ce:05:e0:
         59:0c:c3:65:c0:3e:51:3a:37:a8:39:f6:bb:fd:71:9b:7d:c9:
         c7:52:b5:6e:7c:51:7e:8e:59:0c:4f:ec:3c:ad:94:05:eb:60:
         0b:07:db:bf
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAXMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTlE
RUYyQ0Y4MjhGMEQ5QUI2QUQ5NEY0MjYxMzE3NjREMjU0Q0M1QzAeFw0yMDA0MTMw
OTE5NTdaFw0yMTAyMDIwMjIzMzhaMDMxMTAvBgNVBAMTKEE4RTU1Rjc2RDNGQTUx
QkQyNUZCQ0MzQ0MxRjJCQ0YyQUQ5NkEyNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDp8iMWxLe85/E6b+QBRXkZR3HN9HI+LikK90QiRNLE0dVhoRNi
wSXa+EmZMy28bdfdLZgSGun0E2R20lU6+bMrYSb6bQHJhxijrywvS7/rmQaaagsg
invF0kdB7YMIdfrOe1EWO8MPotwA9n/Xiw2WUNmHA2U+4DgH7TaXMKBtphkLXe07
X9YgH3MZ1g04fi2XA8uO2szpEtf7bo1/cpCRwnD39xmj4m50lTauuswXec+KeGs7
g/TQ8TnyF1/9uxMurFbgBp4S/Oy1IMzocFcBWsBDvS0GcAhWTapHmfH1/hbf4zdg
wIBbJXJJuaiNN/h2Zu8cQMjNX3U8X16OUJJtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqOVfdtP6Ub0l+8w8wfK88q2WokUwHwYDVR0jBBgwFoAUWd7yz4KPDZq2rZT0
JhMXZNJUzFwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkFOVEFT
WS9XZDd5ejRLUERacTJyWlQwSmhNWFpOSlV6RncuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1dkN3l6NEtQRFpxMnJaVDBKaE1YWk5KVXpGdy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0ZBTlRBU1kvcU9WZmR0UDZVYjBsLTh3
OHdmSzg4cTJXb2tVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGeS1DANBgkqhkiG9w0BAQsFAAOCAQEAMnpD1aySpi3adeoeSbc0RsKHVHluMZ6Y
Xn7OCXCAN7DguPM+933wYgsOHsPG08KTta5Bww6g1qmf+inKJB8TB2DJ93dUW5pt
LBp/vckSuPHVQxndMI5xTuxe57huoMIG4xLRHz21v+tmRjg8sU7M7ZlGUnPKMQ4z
GfeYPDxn8L2b5RVSBroGTjio3p1z0Qyf5K+h4ezqVxiSYHtkgbBG59A+dvbFGXZy
wm+w7G5DRvW7bf63bU3OasiZWbwYdDYiSmVbuoChSCq0oI6yCEGhzqwNA44mzgXg
WQzDZcA+UTo3qDn2u/1xm33Jx1K1bnxRfo5ZDE/sPK2UBetgCwfbvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org