Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HST/IetYrX6acmK40-64t2SQq4pMHhQ.roa
File:                     IetYrX6acmK40-64t2SQq4pMHhQ.roa (raw, json)
Hash identifier:          ZrxZzerUrrwc5N++hL9lu7Nqkscs8Kh1xrW6B/96hSE=
Subject key identifier:   21:EB:58:AD:7E:9A:72:62:B8:D3:EE:B8:B7:64:90:AB:8A:4C:1E:14
Certificate issuer:       /CN=833D5BF79B45C730ED141CB539A508D01AA30908
Certificate serial:       07FA
Authority key identifier: 83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/IetYrX6acmK40-64t2SQq4pMHhQ.roa
Signing time:             Thu 16 Feb 2023 02:48:39 +0000
ROA not before:           Thu 16 Feb 2023 02:48:39 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131666
IP address blocks:        103.144.34.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2042 (0x7fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833D5BF79B45C730ED141CB539A508D01AA30908
        Validity
            Not Before: Feb 16 02:48:39 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=21EB58AD7E9A7262B8D3EEB8B76490AB8A4C1E14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4c:32:86:e4:db:30:e1:c5:3d:09:8b:c8:c4:
                    ac:a5:5d:9a:3c:8f:c2:22:ab:56:04:78:30:8f:d1:
                    3b:43:56:17:2e:09:1b:9a:02:53:15:cb:e8:97:e1:
                    fe:5b:b5:a6:eb:ae:d1:6c:c5:79:2a:97:41:85:df:
                    6b:00:25:60:a3:30:f0:24:27:7e:07:d6:f7:57:bc:
                    1d:75:03:18:0d:83:e6:70:94:9c:b2:8f:db:42:0a:
                    61:f2:72:03:c3:14:dc:25:46:ce:25:23:87:de:dc:
                    e3:5d:8a:85:5d:1e:ff:4a:79:f8:14:76:dc:46:c8:
                    53:5d:28:6d:d3:5e:30:ea:22:f5:d0:91:bb:49:15:
                    06:18:4d:cc:94:67:b1:5d:db:fa:ca:78:8f:21:2d:
                    f3:8e:de:49:b7:78:7d:1b:2f:6b:1f:c8:a7:e6:57:
                    a9:d3:07:91:c4:0b:69:51:be:cb:39:4c:ff:8f:de:
                    78:6c:c6:94:73:5e:cc:0f:fa:49:1c:e3:12:81:25:
                    53:dd:42:14:bb:5d:db:d2:5c:d7:15:fb:53:2f:72:
                    28:96:d7:ad:e5:e3:68:06:a2:9a:18:e6:16:7d:0b:
                    97:8a:9c:30:4a:71:fd:e8:f1:8d:f3:a4:e7:e5:74:
                    81:d0:2e:8c:e7:52:19:4d:e6:e8:fc:ae:29:2e:25:
                    49:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:EB:58:AD:7E:9A:72:62:B8:D3:EE:B8:B7:64:90:AB:8A:4C:1E:14
            X509v3 Authority Key Identifier:
                keyid:83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/gz1b95tFxzDtFBy1OaUI0BqjCQg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/IetYrX6acmK40-64t2SQq4pMHhQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.144.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:59:62:8d:6b:b1:f1:11:5c:76:6e:92:af:b8:31:2f:6c:ae:
         fb:9a:41:d0:90:d9:aa:99:ef:37:32:23:f9:1f:46:f0:46:aa:
         1f:09:27:5b:42:72:07:d1:3b:56:30:9c:d8:bf:d6:7e:be:d5:
         ab:7f:c5:d0:5f:ed:02:4a:78:97:01:ab:1b:da:76:c1:2e:e6:
         d4:6e:2f:54:bf:69:0e:15:ba:55:01:7f:57:1d:23:15:f7:64:
         b5:c5:c4:d8:68:a8:e9:11:da:b1:8a:23:f9:e2:4c:13:50:2e:
         5c:62:51:d0:3e:a7:20:14:fa:60:26:bd:46:40:98:77:68:0f:
         2e:3f:b3:a2:fc:d0:51:1d:65:46:90:a5:a9:0f:a4:97:98:09:
         5f:31:83:5c:0a:8f:55:c3:d0:f0:bf:67:da:0b:aa:a0:5e:3a:
         e8:01:95:ab:68:79:96:3f:08:bc:e5:32:dd:a3:76:4b:a4:f1:
         08:e7:31:98:01:93:2c:c6:40:6b:72:43:df:21:d9:e3:02:23:
         e1:68:0e:ce:cf:90:80:d1:1b:b5:2f:01:9c:b8:45:03:e6:ae:
         b1:6b:bf:34:28:22:f2:bb:61:76:27:fe:a0:e2:76:f3:4a:63:
         08:28:0f:63:c8:6e:9d:d7:a3:11:bb:bd:10:e5:d4:06:b2:e7:
         06:29:cb:f0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMz
RDVCRjc5QjQ1QzczMEVEMTQxQ0I1MzlBNTA4RDAxQUEzMDkwODAeFw0yMzAyMTYw
MjQ4MzlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIxRUI1OEFEN0U5QTcy
NjJCOEQzRUVCOEI3NjQ5MEFCOEE0QzFFMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDETDKG5Nsw4cU9CYvIxKylXZo8j8Iiq1YEeDCP0TtDVhcuCRua
AlMVy+iX4f5btabrrtFsxXkql0GF32sAJWCjMPAkJ34H1vdXvB11AxgNg+ZwlJyy
j9tCCmHycgPDFNwlRs4lI4fe3ONdioVdHv9KefgUdtxGyFNdKG3TXjDqIvXQkbtJ
FQYYTcyUZ7Fd2/rKeI8hLfOO3km3eH0bL2sfyKfmV6nTB5HEC2lRvss5TP+P3nhs
xpRzXswP+kkc4xKBJVPdQhS7XdvSXNcV+1MvciiW163l42gGopoY5hZ9C5eKnDBK
cf3o8Y3zpOfldIHQLoznUhlN5uj8rikuJUlBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUIetYrX6acmK40+64t2SQq4pMHhQwHwYDVR0jBBgwFoAUgz1b95tFxzDtFBy1
OaUI0BqjCQgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL2d6
MWI5NXRGeHpEdEZCeTFPYVVJMEJxakNRZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Z3oxYjk1dEZ4ekR0RkJ5MU9hVUkwQnFqQ1FnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL0lldFlyWDZhY21LNDAtNjR0MlNRcTRw
TUhoUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnkCIwDQYJ
KoZIhvcNAQELBQADggEBAChZYo1rsfERXHZukq+4MS9srvuaQdCQ2aqZ7zcyI/kf
RvBGqh8JJ1tCcgfRO1YwnNi/1n6+1at/xdBf7QJKeJcBqxvadsEu5tRuL1S/aQ4V
ulUBf1cdIxX3ZLXFxNhoqOkR2rGKI/niTBNQLlxiUdA+pyAU+mAmvUZAmHdoDy4/
s6L80FEdZUaQpakPpJeYCV8xg1wKj1XD0PC/Z9oLqqBeOugBlatoeZY/CLzlMt2j
dkuk8QjnMZgBkyzGQGtyQ98h2eMCI+FoDs7PkIDRG7UvAZy4RQPmrrFrvzQoIvK7
YXYn/qDidvNKYwgoD2PIbp3XoxG7vRDl1Aay5wYpy/A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org