Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/vMvKV-3la_7UpUWUKp9o0lpex_g.roa
File:                     vMvKV-3la_7UpUWUKp9o0lpex_g.roa (raw, json)
Hash identifier:          NfauC4NTl2EpDvAZhvP+uUUUAOkfyTSo1cjkVqud4VI=
Subject key identifier:   BC:CB:CA:57:ED:E5:6B:FE:D4:A5:45:94:2A:9F:68:D2:5A:5E:C7:F8
Certificate issuer:       /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial:       0192
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/vMvKV-3la_7UpUWUKp9o0lpex_g.roa
Signing time:             Sat 03 Oct 2020 17:58:33 +0000
ROA not before:           Sat 03 Oct 2020 17:58:33 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9678
IP address blocks:        103.98.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 402 (0x192)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
        Validity
            Not Before: Oct  3 17:58:33 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=BCCBCA57EDE56BFED4A545942A9F68D25A5EC7F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:cb:f6:fc:23:4e:88:3b:2e:f8:e1:df:72:8f:
                    10:b6:c8:06:14:be:8f:c0:e7:97:5f:eb:35:54:4e:
                    16:06:83:23:38:17:d6:87:a4:34:7c:6c:fd:96:9f:
                    f5:75:e5:be:bb:df:64:60:10:f7:5f:ca:a5:44:cb:
                    9e:98:bf:7e:18:0b:a4:c0:ee:e8:34:0b:d8:a4:08:
                    44:1e:c8:ed:c1:25:79:24:f6:d7:c5:c1:7b:3e:1d:
                    f5:80:9b:f3:45:90:91:7b:08:00:4d:66:14:d2:86:
                    ca:0f:69:84:29:2d:15:d7:0c:c9:c5:31:13:f0:ef:
                    a8:1e:4e:bd:a5:b3:73:44:9f:a3:fd:69:70:8f:6c:
                    a4:05:b9:c6:1d:a1:b7:28:b0:5f:67:56:46:a9:e0:
                    ca:49:95:ad:ca:03:c8:66:92:b8:e1:51:0f:3a:f4:
                    ed:a9:67:46:d2:2b:70:1b:de:57:ab:35:df:af:ed:
                    7e:1f:ab:3a:32:3c:cf:82:c3:34:41:e5:67:79:cc:
                    e9:7d:e5:2b:ec:07:cd:e3:c9:0e:92:59:e4:43:38:
                    f9:e9:81:0a:0a:12:59:b7:ff:32:47:90:73:6b:2c:
                    29:4a:84:9b:a6:8a:35:b3:e7:f1:50:ce:42:15:72:
                    4f:84:7f:32:33:7f:18:c1:d8:fc:d7:bb:60:3c:e0:
                    62:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:CB:CA:57:ED:E5:6B:FE:D4:A5:45:94:2A:9F:68:D2:5A:5E:C7:F8
            X509v3 Authority Key Identifier:
                keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/vMvKV-3la_7UpUWUKp9o0lpex_g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.98.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:c8:3f:a1:22:c2:aa:8c:26:29:09:79:b4:e4:36:dc:7f:6f:
         8d:d6:ae:89:65:f4:37:84:99:59:89:44:96:ed:76:2b:a6:0d:
         0c:2d:da:87:bf:4b:b3:3f:06:91:3f:c8:e1:20:fe:90:2f:76:
         00:2f:fe:03:69:cf:26:10:05:ac:4f:e7:df:ff:57:99:db:5f:
         5c:62:fb:9c:c3:07:df:99:b8:37:af:cf:e5:f8:6d:9b:88:3d:
         3d:67:91:7e:0d:d3:09:87:da:69:0e:3a:57:f2:6b:b9:d3:41:
         82:7f:1b:7d:6a:d2:15:9a:e2:5c:4f:8f:d1:10:f0:e7:64:bd:
         8b:13:0e:e7:2a:1c:80:c6:54:3d:52:7b:99:d7:a4:27:86:f3:
         7a:9c:8b:16:d1:49:ab:07:2e:dc:51:c4:fa:ce:53:0c:29:8a:
         b8:5e:6d:91:47:c1:f7:df:54:e5:3f:a6:96:b9:b7:b2:f4:c0:
         e3:32:c7:29:e1:8b:fc:6f:cd:a2:ae:35:8e:48:78:dc:e7:dc:
         8c:dc:16:30:fe:26:02:65:14:bb:64:33:61:ba:67:b9:5b:5a:
         04:ae:78:3d:90:e7:3c:53:11:85:0d:2b:1f:46:33:7d:2a:e1:
         7a:f6:95:94:36:2c:53:18:f5:bb:62:74:f6:60:a4:7d:fd:4d:
         4a:da:ab:00
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAZIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yMDEwMDMx
NzU4MzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJDQ0JDQTU3RURFNTZC
RkVENEE1NDU5NDJBOUY2OEQyNUE1RUM3RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/y/b8I06IOy744d9yjxC2yAYUvo/A55df6zVUThYGgyM4F9aH
pDR8bP2Wn/V15b6732RgEPdfyqVEy56Yv34YC6TA7ug0C9ikCEQeyO3BJXkk9tfF
wXs+HfWAm/NFkJF7CABNZhTShsoPaYQpLRXXDMnFMRPw76geTr2ls3NEn6P9aXCP
bKQFucYdobcosF9nVkap4MpJla3KA8hmkrjhUQ869O2pZ0bSK3Ab3lerNd+v7X4f
qzoyPM+CwzRB5Wd5zOl95SvsB83jyQ6SWeRDOPnpgQoKElm3/zJHkHNrLClKhJum
ijWz5/FQzkIVck+EfzIzfxjB2PzXu2A84GKVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUvMvKV+3la/7UpUWUKp9o0lpex/gwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL3ZNdktWLTNsYV83VXBVV1VL
cDlvMGxwZXhfZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
YkkwDQYJKoZIhvcNAQELBQADggEBAGjIP6EiwqqMJikJebTkNtx/b43Wroll9DeE
mVmJRJbtdiumDQwt2oe/S7M/BpE/yOEg/pAvdgAv/gNpzyYQBaxP59//V5nbX1xi
+5zDB9+ZuDevz+X4bZuIPT1nkX4N0wmH2mkOOlfya7nTQYJ/G31q0hWa4lxPj9EQ
8OdkvYsTDucqHIDGVD1Se5nXpCeG83qcixbRSasHLtxRxPrOUwwpirhebZFHwfff
VOU/ppa5t7L0wOMyxynhi/xvzaKuNY5IeNzn3IzcFjD+JgJlFLtkM2G6Z7lbWgSu
eD2Q5zxTEYUNKx9GM30q4Xr2lZQ2LFMY9btidPZgpH39TUraqwA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org