Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GAMESOUL/HnC6VqbSUXrfcJ-Z3zxol35Y0v0.roa
File:                     HnC6VqbSUXrfcJ-Z3zxol35Y0v0.roa (raw, json)
Hash identifier:          OMV3rnRqewPYwEGWv2uC+V1MbwvUKvAvgWqRFy3y+ck=
Subject key identifier:   1E:70:BA:56:A6:D2:51:7A:DF:70:9F:99:DF:3C:68:97:7E:58:D2:FD
Certificate issuer:       /CN=165495E8D327E4F62D5A16438F080E608A34D0D3
Certificate serial:       0B76
Authority key identifier: 16:54:95:E8:D3:27:E4:F6:2D:5A:16:43:8F:08:0E:60:8A:34:D0:D3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/FlSV6NMn5PYtWhZDjwgOYIo00NM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/GAMESOUL/HnC6VqbSUXrfcJ-Z3zxol35Y0v0.roa
Signing time:             Wed 29 Sep 2021 02:37:50 +0000
ROA not before:           Wed 29 Sep 2021 02:37:50 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131642
IP address blocks:        103.137.246.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2934 (0xb76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=165495E8D327E4F62D5A16438F080E608A34D0D3
        Validity
            Not Before: Sep 29 02:37:50 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=1E70BA56A6D2517ADF709F99DF3C68977E58D2FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e3:d9:99:4a:54:54:b1:fd:a3:3b:e9:ff:c6:
                    c3:49:ba:d5:90:10:d8:f1:1e:74:1a:da:dd:b7:bc:
                    cb:1d:dd:b8:ee:9b:0e:d8:85:58:9f:82:30:48:6f:
                    7e:22:10:fc:4d:a4:8c:9a:a7:12:4a:00:53:5d:19:
                    c3:da:92:26:cc:54:49:b5:74:1e:49:2d:ee:19:45:
                    5e:9e:36:ce:c9:88:82:e5:a0:ca:43:c3:89:ad:3d:
                    b9:02:ea:a1:de:ab:60:12:7f:4c:de:4b:f0:e6:00:
                    c2:f3:f1:3d:24:54:79:c0:78:69:54:a7:27:d3:8d:
                    f4:ac:d5:31:30:d4:ee:4a:cb:cc:a9:ff:5b:1f:12:
                    d7:3f:f9:14:9a:de:20:b0:96:6c:7a:90:8b:a5:55:
                    cf:b1:35:95:00:a7:c4:e2:52:50:0c:06:02:9b:61:
                    5e:df:fb:db:9a:50:55:1b:5d:fb:b4:53:a8:b0:35:
                    23:dd:3e:3e:a2:86:ba:ff:38:ba:4c:38:4b:b0:c4:
                    54:98:2c:4c:0c:5a:25:07:d8:6e:c2:46:26:d3:05:
                    11:ec:c5:e5:45:ae:d6:27:0c:19:a5:8f:4c:ab:4d:
                    95:5e:76:1a:da:0a:48:e8:2e:76:17:b2:20:9b:bd:
                    43:61:c4:cb:18:c7:11:f1:98:32:c7:ca:03:60:a2:
                    50:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:70:BA:56:A6:D2:51:7A:DF:70:9F:99:DF:3C:68:97:7E:58:D2:FD
            X509v3 Authority Key Identifier:
                keyid:16:54:95:E8:D3:27:E4:F6:2D:5A:16:43:8F:08:0E:60:8A:34:D0:D3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GAMESOUL/FlSV6NMn5PYtWhZDjwgOYIo00NM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FlSV6NMn5PYtWhZDjwgOYIo00NM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GAMESOUL/HnC6VqbSUXrfcJ-Z3zxol35Y0v0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.137.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:1f:a3:6e:00:dd:03:fa:67:75:5b:25:40:7e:2b:cf:3b:fd:
         d1:16:18:3c:8a:cf:c0:95:2a:b6:31:46:03:8d:e8:2f:c1:7a:
         15:45:7a:81:cf:d0:b4:16:35:15:94:54:2c:93:dd:6b:01:1d:
         42:77:e0:13:4e:dd:e9:9e:8b:5f:c9:50:1d:0d:07:3d:19:a6:
         e1:b6:41:ac:1c:5d:27:b5:b6:28:26:7e:47:b5:79:5b:bd:d5:
         09:8c:65:6f:0b:55:1a:19:ab:1d:80:1b:47:1d:80:54:3c:10:
         3e:27:76:15:3b:8e:7e:e0:43:08:30:f3:aa:09:aa:e1:10:65:
         a6:65:42:55:f7:88:19:1d:14:80:8e:66:47:8d:7d:09:2b:df:
         65:99:aa:f2:3d:fc:ff:7c:89:5c:52:76:5e:4d:85:af:8c:a5:
         66:8e:18:2c:c5:da:48:3b:e6:db:36:e8:19:4f:24:88:26:9d:
         d3:36:94:85:a3:38:7d:b0:5d:6e:31:1b:a2:84:52:d0:eb:75:
         b8:e5:a4:e4:b3:f4:a0:46:a1:71:23:df:ec:60:f9:45:76:eb:
         b1:e8:e1:cd:68:c3:37:e7:d8:cb:45:9b:cc:96:21:ca:2b:d5:
         8c:fa:1d:c3:06:d5:46:c0:43:e7:1a:b6:7c:5f:f9:18:42:88:
         66:2a:69:0d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTY1
NDk1RThEMzI3RTRGNjJENUExNjQzOEYwODBFNjA4QTM0RDBEMzAeFw0yMTA5Mjkw
MjM3NTBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFFNzBCQTU2QTZEMjUx
N0FERjcwOUY5OURGM0M2ODk3N0U1OEQyRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDO49mZSlRUsf2jO+n/xsNJutWQENjxHnQa2t23vMsd3bjumw7Y
hVifgjBIb34iEPxNpIyapxJKAFNdGcPakibMVEm1dB5JLe4ZRV6eNs7JiILloMpD
w4mtPbkC6qHeq2ASf0zeS/DmAMLz8T0kVHnAeGlUpyfTjfSs1TEw1O5Ky8yp/1sf
Etc/+RSa3iCwlmx6kIulVc+xNZUAp8TiUlAMBgKbYV7f+9uaUFUbXfu0U6iwNSPd
Pj6ihrr/OLpMOEuwxFSYLEwMWiUH2G7CRibTBRHsxeVFrtYnDBmlj0yrTZVedhra
CkjoLnYXsiCbvUNhxMsYxxHxmDLHygNgolDhAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUHnC6VqbSUXrfcJ+Z3zxol35Y0v0wHwYDVR0jBBgwFoAUFlSV6NMn5PYtWhZD
jwgOYIo00NMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0FNRVNP
VUwvRmxTVjZOTW41UFl0V2haRGp3Z09ZSW8wME5NLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9GbFNWNk5NbjVQWXRXaFpEandnT1lJbzAwTk0uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HQU1FU09VTC9IbkM2VnFiU1VYcmZj
Si1aM3p4b2wzNVkwdjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ4n2MA0GCSqGSIb3DQEBCwUAA4IBAQAxH6NuAN0D+md1WyVAfivPO/3RFhg8
is/AlSq2MUYDjegvwXoVRXqBz9C0FjUVlFQsk91rAR1Cd+ATTt3pnotfyVAdDQc9
GabhtkGsHF0ntbYoJn5HtXlbvdUJjGVvC1UaGasdgBtHHYBUPBA+J3YVO45+4EMI
MPOqCarhEGWmZUJV94gZHRSAjmZHjX0JK99lmaryPfz/fIlcUnZeTYWvjKVmjhgs
xdpIO+bbNugZTySIJp3TNpSFozh9sF1uMRuihFLQ63W45aTks/SgRqFxI9/sYPlF
duux6OHNaMM359jLRZvMliHKK9WM+h3DBtVGwEPnGrZ8X/kYQohmKmkN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org