Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GOEASY/EDXpx6x26v29YNLbOVq34hZIMUE.roa
File:                     EDXpx6x26v29YNLbOVq34hZIMUE.roa (raw, json)
Hash identifier:          zNvPABImtRSOQjP9AMNeSi82tobuvjL97PG91Ffr+Gw=
Subject key identifier:   10:35:E9:C7:AC:76:EA:FD:BD:60:D2:DB:39:5A:B7:E2:16:48:31:41
Certificate issuer:       /CN=66B69E5B178B8C9444C4D64A6963B0BC9FA35762
Certificate serial:       EF
Authority key identifier: 66:B6:9E:5B:17:8B:8C:94:44:C4:D6:4A:69:63:B0:BC:9F:A3:57:62
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/ZraeWxeLjJRExNZKaWOwvJ-jV2I.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/GOEASY/EDXpx6x26v29YNLbOVq34hZIMUE.roa
Signing time:             Tue 28 Jun 2022 08:46:49 +0000
ROA not before:           Tue 28 Jun 2022 08:46:49 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     7483
IP address blocks:        103.170.14.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 239 (0xef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66B69E5B178B8C9444C4D64A6963B0BC9FA35762
        Validity
            Not Before: Jun 28 08:46:49 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=1035E9C7AC76EAFDBD60D2DB395AB7E216483141
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:fd:7b:4d:4e:cc:50:fa:9f:c4:d2:69:4f:8f:
                    bd:2b:a8:72:24:ed:49:19:c4:35:95:14:83:a6:df:
                    93:24:7f:f4:75:dd:eb:4c:45:89:0f:8c:0b:76:ad:
                    2f:f2:5f:84:b9:42:7c:51:1e:0e:15:5e:55:01:78:
                    94:8e:20:61:d1:26:d2:d3:a1:ef:71:1f:11:d4:8e:
                    ae:4e:53:e5:38:24:92:ac:09:0e:33:b2:7d:46:db:
                    50:bf:bd:78:71:19:d1:3e:33:ce:cf:5e:0c:1c:21:
                    4a:47:bd:cc:49:06:74:fa:11:f5:ad:e9:a8:25:9b:
                    bd:32:9d:0d:44:08:ea:4e:59:88:24:36:4c:fc:d3:
                    e0:ae:ce:9f:5f:e7:34:c1:ca:3e:b8:97:0c:1f:b5:
                    23:d0:3b:df:f8:55:da:59:fa:44:f9:9b:e1:44:9f:
                    74:16:2c:64:66:b3:ef:21:05:79:5c:c4:15:5f:4d:
                    75:88:4b:d6:4e:f8:bc:7f:68:3b:f1:52:9f:42:ab:
                    8f:e4:cc:c0:80:a3:f3:8d:0c:aa:13:9e:63:ec:7f:
                    e9:46:99:dd:98:0c:e0:e2:a6:1b:0d:c8:b4:50:bd:
                    c2:78:36:21:16:54:4f:a0:8c:9f:48:31:38:b7:64:
                    ea:fb:9a:f5:65:11:48:30:6c:06:d0:a9:40:a0:5c:
                    66:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:35:E9:C7:AC:76:EA:FD:BD:60:D2:DB:39:5A:B7:E2:16:48:31:41
            X509v3 Authority Key Identifier:
                keyid:66:B6:9E:5B:17:8B:8C:94:44:C4:D6:4A:69:63:B0:BC:9F:A3:57:62

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GOEASY/ZraeWxeLjJRExNZKaWOwvJ-jV2I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZraeWxeLjJRExNZKaWOwvJ-jV2I.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GOEASY/EDXpx6x26v29YNLbOVq34hZIMUE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.170.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2a:f7:f6:2b:07:cc:65:86:03:c3:e4:15:80:13:30:0d:1f:91:
         b5:5c:85:bc:1b:de:e8:13:6b:01:ea:7f:d7:ab:43:9a:22:36:
         ba:26:f8:74:b8:d1:13:a0:28:c4:fe:40:9d:da:12:a4:cd:52:
         e9:46:b2:07:c8:05:23:7c:7c:44:3d:a0:05:68:85:5d:da:22:
         4c:ff:b7:fb:cd:86:a5:d5:f3:9f:8a:c2:00:9c:9a:2a:a1:b2:
         d6:44:69:c0:db:a7:2e:4b:80:5e:bc:31:99:60:25:2d:bb:d1:
         3a:3a:20:a9:f9:b0:ab:a8:52:89:2d:54:28:e7:61:dd:a4:75:
         9b:08:24:3c:8a:64:73:68:1e:4f:a2:70:a9:a0:9b:a3:1f:d7:
         dd:1e:7a:9c:d6:cb:63:8f:c4:b2:a9:ec:7c:18:be:80:71:26:
         60:f3:5e:3f:63:45:3e:6d:0f:46:a8:bf:28:49:36:b5:89:75:
         00:89:b2:c0:4e:dd:b1:99:32:3e:ca:c6:c6:2f:2d:ec:f4:db:
         b2:e2:35:74:fe:13:f8:54:aa:62:0c:58:c5:1e:4e:5a:06:0d:
         72:91:b5:6a:7a:f9:e4:e3:e2:03:46:ad:d2:09:32:95:85:0e:
         7c:b6:7b:e6:bf:10:e5:5a:d3:22:a7:06:59:d0:d8:7c:77:ef:
         c7:82:e2:f2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjZC
NjlFNUIxNzhCOEM5NDQ0QzRENjRBNjk2M0IwQkM5RkEzNTc2MjAeFw0yMjA2Mjgw
ODQ2NDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDEwMzVFOUM3QUM3NkVB
RkRCRDYwRDJEQjM5NUFCN0UyMTY0ODMxNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4/XtNTsxQ+p/E0mlPj70rqHIk7UkZxDWVFIOm35Mkf/R13etM
RYkPjAt2rS/yX4S5QnxRHg4VXlUBeJSOIGHRJtLToe9xHxHUjq5OU+U4JJKsCQ4z
sn1G21C/vXhxGdE+M87PXgwcIUpHvcxJBnT6EfWt6aglm70ynQ1ECOpOWYgkNkz8
0+Cuzp9f5zTByj64lwwftSPQO9/4VdpZ+kT5m+FEn3QWLGRms+8hBXlcxBVfTXWI
S9ZO+Lx/aDvxUp9Cq4/kzMCAo/ONDKoTnmPsf+lGmd2YDODiphsNyLRQvcJ4NiEW
VE+gjJ9IMTi3ZOr7mvVlEUgwbAbQqUCgXGapAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEDXpx6x26v29YNLbOVq34hZIMUEwHwYDVR0jBBgwFoAUZraeWxeLjJRExNZK
aWOwvJ+jV2IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR09FQVNZ
L1pyYWVXeGVMakpSRXhOWkthV093dkotalYySS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvWnJhZVd4ZUxqSlJFeE5aS2FXT3d2Si1qVjJJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvR09FQVNZL0VEWHB4NngyNnYyOVlOTGJP
VnEzNGhaSU1VRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn
qg4wDQYJKoZIhvcNAQELBQADggEBACr39isHzGWGA8PkFYATMA0fkbVchbwb3ugT
awHqf9erQ5oiNrom+HS40ROgKMT+QJ3aEqTNUulGsgfIBSN8fEQ9oAVohV3aIkz/
t/vNhqXV85+KwgCcmiqhstZEacDbpy5LgF68MZlgJS270To6IKn5sKuoUoktVCjn
Yd2kdZsIJDyKZHNoHk+icKmgm6Mf190eepzWy2OPxLKp7HwYvoBxJmDzXj9jRT5t
D0aovyhJNrWJdQCJssBO3bGZMj7KxsYvLez027LiNXT+E/hUqmIMWMUeTloGDXKR
tWp6+eTj4gNGrdIJMpWFDny2e+a/EOVa0yKnBlnQ2Hx378eC4vI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org