Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/pLt6ic4lQ7Wi8mmD-H-Z9R688Cs.roa
File:                     pLt6ic4lQ7Wi8mmD-H-Z9R688Cs.roa (raw, json)
Hash identifier:          DUKr1NhbN3RB8dXk4JJhXBJsZHotmktbtGh8Lflouck=
Subject key identifier:   A4:BB:7A:89:CE:25:43:B5:A2:F2:69:83:F8:7F:99:F5:1E:BC:F0:2B
Certificate issuer:       /CN=1A610A62A8A72CD36C1D22C7085EDF1809518994
Certificate serial:       07BC
Authority key identifier: 1A:61:0A:62:A8:A7:2C:D3:6C:1D:22:C7:08:5E:DF:18:09:51:89:94
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GmEKYqinLNNsHSLHCF7fGAlRiZQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/pLt6ic4lQ7Wi8mmD-H-Z9R688Cs.roa
Signing time:             Thu 15 Sep 2022 02:44:18 +0000
ROA not before:           Thu 15 Sep 2022 02:44:18 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131667
IP address blocks:        103.146.210.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1980 (0x7bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1A610A62A8A72CD36C1D22C7085EDF1809518994
        Validity
            Not Before: Sep 15 02:44:18 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A4BB7A89CE2543B5A2F26983F87F99F51EBCF02B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:02:ef:d7:fb:18:0f:6e:8f:c1:d4:dd:35:61:
                    1d:3a:3f:53:83:13:2f:fa:55:b6:df:a9:00:66:13:
                    72:d8:49:6e:61:f2:1d:61:a2:b8:e9:2e:c1:7e:b8:
                    2a:57:d0:db:38:f5:08:a5:99:27:3f:bb:94:4f:27:
                    1b:12:ba:61:c9:bf:f7:a6:6a:f2:e5:73:70:0d:fc:
                    a1:88:bd:2e:ab:5e:78:29:85:c8:6c:01:e2:81:46:
                    0b:22:d3:b0:21:16:68:a4:9d:c9:0a:1c:cf:89:4f:
                    e8:a5:ea:ae:67:47:84:e5:b7:17:ce:e6:2c:cc:4e:
                    34:bf:d6:d4:93:24:84:9d:83:4d:a0:c5:b2:8d:35:
                    0a:5d:6a:1c:85:ff:a9:b3:34:7e:73:2b:8b:a6:03:
                    19:a2:47:49:69:c0:e8:04:6c:07:72:ac:20:4a:2b:
                    04:1e:2d:a2:b1:39:45:30:24:0b:96:34:77:c6:9b:
                    01:82:6d:0e:ec:39:92:f9:ee:aa:8e:7c:f0:76:30:
                    27:04:ff:f7:e5:01:86:44:6b:8d:5d:27:6b:fb:c2:
                    b3:c5:da:d6:e9:64:17:b4:a2:f2:b7:de:2d:40:fb:
                    d1:6f:b5:af:5d:08:f5:db:a0:90:cb:61:7f:20:23:
                    df:d9:aa:ea:ea:3a:bb:2a:94:a3:b7:63:ff:e8:35:
                    a2:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:BB:7A:89:CE:25:43:B5:A2:F2:69:83:F8:7F:99:F5:1E:BC:F0:2B
            X509v3 Authority Key Identifier:
                keyid:1A:61:0A:62:A8:A7:2C:D3:6C:1D:22:C7:08:5E:DF:18:09:51:89:94

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/GmEKYqinLNNsHSLHCF7fGAlRiZQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GmEKYqinLNNsHSLHCF7fGAlRiZQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/pLt6ic4lQ7Wi8mmD-H-Z9R688Cs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.146.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         02:ab:a9:c6:82:c2:8b:04:a4:ea:b4:66:28:3f:29:dc:77:38:
         f3:49:62:8c:ab:58:63:33:f4:d3:3b:e5:8d:5e:9c:2d:6a:4e:
         73:b2:1d:0d:b4:38:f6:86:67:fc:41:a7:7e:dc:01:dc:81:62:
         3f:38:90:9f:89:96:24:94:5f:9f:ff:c0:19:98:f1:72:87:a5:
         a0:30:d8:52:72:36:1e:a5:df:9b:31:c8:34:1a:dc:c0:59:c8:
         a3:07:61:0d:12:48:e9:42:e0:28:57:6e:d2:ec:c5:20:cf:9e:
         d7:42:db:b5:6f:ba:0d:53:29:dc:91:7c:94:25:b2:9e:c7:bf:
         69:59:82:fb:13:0c:2b:42:0f:ea:58:df:66:26:0d:a6:81:d5:
         af:02:b1:af:28:e0:14:54:83:32:fb:b4:5e:54:3f:5f:72:c1:
         1c:01:15:7d:83:bf:cc:91:56:7a:cc:6c:34:f9:05:47:53:25:
         69:93:33:df:19:85:0e:31:ea:ed:b5:83:e3:ff:d9:5a:49:dc:
         d2:08:08:42:f0:db:42:9d:a2:18:ff:dd:f4:9f:48:81:ed:5c:
         7c:3a:02:c6:00:c2:66:10:33:ac:39:f4:08:7b:c9:3d:3a:2b:
         53:93:95:d5:b3:21:80:a2:71:06:b2:ad:7d:c3:95:b8:ba:b9:
         5c:81:d7:a0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICB7wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUE2
MTBBNjJBOEE3MkNEMzZDMUQyMkM3MDg1RURGMTgwOTUxODk5NDAeFw0yMjA5MTUw
MjQ0MThaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEE0QkI3QTg5Q0UyNTQz
QjVBMkYyNjk4M0Y4N0Y5OUY1MUVCQ0YwMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Au/X+xgPbo/B1N01YR06P1ODEy/6VbbfqQBmE3LYSW5h8h1h
orjpLsF+uCpX0Ns49QilmSc/u5RPJxsSumHJv/emavLlc3AN/KGIvS6rXngphchs
AeKBRgsi07AhFmiknckKHM+JT+il6q5nR4TltxfO5izMTjS/1tSTJISdg02gxbKN
NQpdahyF/6mzNH5zK4umAxmiR0lpwOgEbAdyrCBKKwQeLaKxOUUwJAuWNHfGmwGC
bQ7sOZL57qqOfPB2MCcE//flAYZEa41dJ2v7wrPF2tbpZBe0ovK33i1A+9Fvta9d
CPXboJDLYX8gI9/ZqurqOrsqlKO3Y//oNaKZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUpLt6ic4lQ7Wi8mmD+H+Z9R688CswHwYDVR0jBBgwFoAUGmEKYqinLNNsHSLH
CF7fGAlRiZQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1JPTkVY
VC9HbUVLWXFpbkxOTnNIU0xIQ0Y3ZkdBbFJpWlEuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dtRUtZcWluTE5Oc0hTTEhDRjdmR0FsUmlaUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0dST05FWFQvcEx0NmljNGxRN1dpOG1t
RC1ILVo5UjY4OENzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWeS0jANBgkqhkiG9w0BAQsFAAOCAQEAAqupxoLCiwSk6rRmKD8p3Hc480lijKtY
YzP00zvljV6cLWpOc7IdDbQ49oZn/EGnftwB3IFiPziQn4mWJJRfn//AGZjxcoel
oDDYUnI2HqXfmzHINBrcwFnIowdhDRJI6ULgKFdu0uzFIM+e10LbtW+6DVMp3JF8
lCWynse/aVmC+xMMK0IP6ljfZiYNpoHVrwKxryjgFFSDMvu0XlQ/X3LBHAEVfYO/
zJFWesxsNPkFR1MlaZMz3xmFDjHq7bWD4//ZWknc0ggIQvDbQp2iGP/d9J9Ige1c
fDoCxgDCZhAzrDn0CHvJPTorU5OV1bMhgKJxBrKtfcOVuLq5XIHXoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org