Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/-y_8a28lKpwP-b91BS7EijGVjvA.roa
File:                     -y_8a28lKpwP-b91BS7EijGVjvA.roa (raw, json)
Hash identifier:          IOG45w9dcJMXT7/F7cpnjDN0WXxaQQNoBAaV2cyugZs=
Subject key identifier:   FB:2F:FC:6B:6F:25:2A:9C:0F:F9:BF:75:05:2E:C4:8A:31:95:8E:F0
Certificate issuer:       /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial:       0372
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/-y_8a28lKpwP-b91BS7EijGVjvA.roa
Signing time:             Wed 29 Sep 2021 02:53:56 +0000
ROA not before:           Wed 29 Sep 2021 02:53:56 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17418
IP address blocks:        103.153.176.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 882 (0x372)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
        Validity
            Not Before: Sep 29 02:53:56 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=FB2FFC6B6F252A9C0FF9BF75052EC48A31958EF0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b2:16:9a:07:e9:90:b0:6b:90:cd:a5:68:16:
                    d2:2c:61:2e:de:ad:9b:a3:64:75:e9:a2:cb:51:21:
                    3a:23:09:c8:ee:fd:20:0e:20:46:22:c4:e3:90:04:
                    0c:3b:bd:b1:86:9f:2c:62:c2:a4:9c:29:8e:61:24:
                    e1:8f:7a:a4:df:57:a7:ec:69:96:18:e2:b1:ba:ce:
                    fc:5a:9f:7c:9a:62:62:72:31:c0:bd:56:aa:11:d7:
                    35:20:5a:e0:1a:13:8f:a4:a7:b2:0f:f2:eb:6d:30:
                    48:ea:9b:fa:42:45:53:8a:32:40:c4:c9:64:54:18:
                    5e:bb:1c:06:01:ac:1c:52:77:f0:a3:86:8e:de:5d:
                    dc:40:66:9f:b9:e3:b6:fe:73:16:80:8a:05:b3:d2:
                    f2:96:57:a6:cb:20:7a:74:ac:44:ea:d7:ab:92:52:
                    4f:65:d7:b0:0c:f9:83:ef:d3:b1:d4:44:ac:ae:85:
                    5a:07:7f:ee:14:c8:d7:b1:79:12:bc:ab:99:83:b8:
                    dd:4b:66:e6:89:2b:8f:97:47:c7:bb:e5:62:28:7b:
                    f1:41:21:2c:b3:93:f6:51:25:a7:bf:31:80:f0:79:
                    29:40:1f:03:7b:5b:c7:61:78:f9:5e:82:9d:85:78:
                    1b:68:1e:91:92:f9:45:63:8e:98:7c:3b:ec:63:db:
                    13:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:2F:FC:6B:6F:25:2A:9C:0F:F9:BF:75:05:2E:C4:8A:31:95:8E:F0
            X509v3 Authority Key Identifier:
                keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/-y_8a28lKpwP-b91BS7EijGVjvA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.153.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:dd:7c:95:e8:88:c7:df:95:58:3f:e5:7b:3b:ab:15:68:9d:
         d3:13:fc:7d:39:e8:3e:51:90:f4:24:7b:b6:fe:9a:c8:34:9f:
         ab:83:61:45:5c:85:5a:9f:83:2a:6f:2b:ed:ad:03:aa:0c:38:
         7f:3c:fa:e4:4e:cf:78:f5:81:12:bd:86:71:e0:6a:eb:90:f1:
         9c:a9:40:60:d1:05:bd:34:c3:8c:62:3e:e6:4b:be:19:f2:2c:
         1b:6e:71:4f:6c:1a:35:f5:06:23:8a:17:0d:03:a2:b2:ae:9b:
         fd:87:14:38:0c:96:f6:d3:35:47:3c:26:b4:c7:cd:d8:f3:4f:
         28:7c:bb:68:73:c6:9b:a9:7e:e9:a7:fa:44:aa:1e:5a:a2:4b:
         2c:14:8e:49:91:30:06:74:86:ff:ea:12:b4:23:62:c3:08:85:
         77:ae:6a:da:db:83:97:c4:5d:ea:fd:da:13:c1:5c:78:72:a9:
         23:9d:8c:e3:99:ca:fa:5d:c2:b5:89:c3:66:dd:bf:c6:7a:27:
         31:ab:aa:fa:62:cf:49:69:eb:cc:24:27:7e:3e:8c:5b:d2:0b:
         63:ae:30:00:c7:8d:b6:f5:cb:9f:00:90:eb:cc:c0:2b:48:a2:
         f9:b9:16:ba:f6:51:7b:24:d6:28:1f:1a:61:89:08:64:6b:a2:
         86:3a:c8:f8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMTA5Mjkw
MjUzNTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEZCMkZGQzZCNkYyNTJB
OUMwRkY5QkY3NTA1MkVDNDhBMzE5NThFRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTshaaB+mQsGuQzaVoFtIsYS7erZujZHXpostRITojCcju/SAO
IEYixOOQBAw7vbGGnyxiwqScKY5hJOGPeqTfV6fsaZYY4rG6zvxan3yaYmJyMcC9
VqoR1zUgWuAaE4+kp7IP8uttMEjqm/pCRVOKMkDEyWRUGF67HAYBrBxSd/Cjho7e
XdxAZp+547b+cxaAigWz0vKWV6bLIHp0rETq16uSUk9l17AM+YPv07HURKyuhVoH
f+4UyNexeRK8q5mDuN1LZuaJK4+XR8e75WIoe/FBISyzk/ZRJae/MYDweSlAHwN7
W8dhePlegp2FeBtoHpGS+UVjjph8O+xj2xOdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+y/8a28lKpwP+b91BS7EijGVjvAwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBLy15XzhhMjhsS3B3UC1iOTFC
UzdFaWpHVmp2QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
mbAwDQYJKoZIhvcNAQELBQADggEBACfdfJXoiMfflVg/5Xs7qxVondMT/H056D5R
kPQke7b+msg0n6uDYUVchVqfgypvK+2tA6oMOH88+uROz3j1gRK9hnHgauuQ8Zyp
QGDRBb00w4xiPuZLvhnyLBtucU9sGjX1BiOKFw0DorKum/2HFDgMlvbTNUc8JrTH
zdjzTyh8u2hzxpupfumn+kSqHlqiSywUjkmRMAZ0hv/qErQjYsMIhXeuatrbg5fE
Xer92hPBXHhyqSOdjOOZyvpdwrWJw2bdv8Z6JzGrqvpiz0lp68wkJ34+jFvSC2Ou
MADHjbb1y58AkOvMwCtIovm5Frr2UXsk1igfGmGJCGRrooY6yPg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org