Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IDT/jbBvwg455Hv6na_JUh9SeANYO2s.roa
File:                     jbBvwg455Hv6na_JUh9SeANYO2s.roa (raw, json)
Hash identifier:          CcJXLLGE2jsrDDrj5q2uLxHwk1Hhp20Whp2o9RtLOqY=
Subject key identifier:   8D:B0:6F:C2:0E:39:E4:7B:FA:9D:AF:C9:52:1F:52:78:03:58:3B:6B
Certificate issuer:       /CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493
Certificate serial:       09
Authority key identifier: 4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/jbBvwg455Hv6na_JUh9SeANYO2s.roa
Signing time:             Thu 08 Oct 2020 12:11:18 +0000
ROA not before:           Thu 08 Oct 2020 12:11:18 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     138997
IP address blocks:        103.152.220.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493
        Validity
            Not Before: Oct  8 12:11:18 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=8DB06FC20E39E47BFA9DAFC9521F527803583B6B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:97:ac:6c:d4:92:60:60:57:06:f8:da:c5:ea:
                    1f:1f:1a:ac:6b:33:74:35:27:15:6e:3d:4d:fc:dd:
                    42:7e:d5:f4:08:62:76:4a:a5:97:d3:ac:ee:e9:20:
                    ad:79:4a:56:ed:12:93:9e:26:90:1d:1e:21:5b:85:
                    3a:18:c7:fc:75:cd:be:df:9e:1c:c0:2c:5b:aa:5c:
                    01:46:04:8d:9a:06:84:cc:0c:d0:18:1f:20:a8:92:
                    30:89:c7:32:23:ff:8a:f9:78:63:62:c5:84:c7:b7:
                    90:77:70:e2:13:68:74:ad:26:af:59:6e:ef:7a:08:
                    a3:8b:db:2f:7d:ad:c8:69:6b:63:1e:2e:03:62:5c:
                    0f:b7:ba:f3:a3:a6:40:d8:18:b6:b9:f3:ef:a9:48:
                    8a:ff:70:83:11:0b:06:31:01:94:f0:2e:96:ba:cd:
                    f6:af:ac:7b:af:a6:0d:c8:f4:39:87:8d:f0:47:44:
                    af:b1:5f:ec:01:b6:7a:63:9f:b9:3d:38:07:11:c5:
                    b5:b9:15:45:90:14:e8:cd:25:23:6c:f9:84:69:fb:
                    ff:9d:82:72:e4:09:b5:34:1c:b3:ac:2d:91:c6:2b:
                    aa:5c:aa:9f:4c:ef:a5:85:f7:13:2c:d0:6a:4e:a3:
                    a5:e9:38:72:c0:64:63:fe:e7:42:60:53:7a:c5:7a:
                    e0:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:B0:6F:C2:0E:39:E4:7B:FA:9D:AF:C9:52:1F:52:78:03:58:3B:6B
            X509v3 Authority Key Identifier:
                keyid:4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/jbBvwg455Hv6na_JUh9SeANYO2s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         cf:7f:4a:4d:3f:6d:45:3f:32:80:83:c9:bf:55:78:e1:1b:f7:
         b2:67:0a:b0:f7:f2:f8:a1:a7:f5:3b:21:14:26:fa:ef:b7:f9:
         60:8e:8b:87:07:28:5d:13:2e:17:42:16:54:aa:73:ca:e7:9a:
         57:d0:37:85:b1:3d:1e:cf:d6:39:79:55:24:d5:46:90:23:2f:
         bf:b3:3f:de:a8:12:17:74:5f:7a:a9:04:ba:fb:49:8a:5d:b8:
         72:1e:5d:ef:f7:80:ca:71:68:93:fa:db:85:0c:f6:2a:a9:a1:
         f4:99:ac:b0:42:dd:f3:a5:3a:3b:7a:2f:92:0e:1a:6a:d1:ca:
         ab:f4:25:0c:a5:92:e3:05:02:6d:07:46:91:de:7b:02:fe:e4:
         61:8e:a7:1c:a7:81:d9:bd:c5:89:ce:59:17:6b:f9:1c:14:f9:
         4b:bd:e1:bd:98:8c:4e:8e:d7:93:15:60:1e:0d:7a:cd:20:e7:
         80:17:83:ae:83:12:ce:bc:07:97:20:2b:be:63:b1:5a:69:27:
         76:ae:81:e5:a5:9f:1d:08:cf:c9:24:7c:5c:b2:6e:84:bd:db:
         d0:d9:61:e9:b7:dc:3b:5b:7e:c4:6b:70:0b:06:ce:7e:9d:38:
         c5:01:ee:10:e4:2a:94:e2:7b:21:fd:fe:b8:c0:79:f7:a3:a2:
         a1:61:0b:9a
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0RkE2
QTZBNjU1QTBDNDJCOTlDN0UyMDg3RUJFRjQ0NEFDQjU2NDkzMB4XDTIwMTAwODEy
MTExOFoXDTIxMDkyOTA5NTEyM1owMzExMC8GA1UEAxMoOERCMDZGQzIwRTM5RTQ3
QkZBOURBRkM5NTIxRjUyNzgwMzU4M0I2QjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANKXrGzUkmBgVwb42sXqHx8arGszdDUnFW49TfzdQn7V9Ahidkql
l9Os7ukgrXlKVu0Sk54mkB0eIVuFOhjH/HXNvt+eHMAsW6pcAUYEjZoGhMwM0Bgf
IKiSMInHMiP/ivl4Y2LFhMe3kHdw4hNodK0mr1lu73oIo4vbL32tyGlrYx4uA2Jc
D7e686OmQNgYtrnz76lIiv9wgxELBjEBlPAulrrN9q+se6+mDcj0OYeN8EdEr7Ff
7AG2emOfuT04BxHFtbkVRZAU6M0lI2z5hGn7/52CcuQJtTQcs6wtkcYrqlyqn0zv
pYX3EyzQak6jpek4csBkY/7nQmBTesV64P0CAwEAAaOCAegwggHkMB0GA1UdDgQW
BBSNsG/CDjnke/qdr8lSH1J4A1g7azAfBgNVHSMEGDAWgBRPpqamVaDEK5nH4gh+
vvRErLVkkzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkGA1UdHwRSMFAwTqBM
oEqGSHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JRFQvVDZh
bXBsV2d4Q3VaeC1JSWZyNzBSS3kxWkpNLmNybDBgBggrBgEFBQcBAQRUMFIwUAYI
KwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9U
NmFtcGxXZ3hDdVp4LUlJZnI3MFJLeTFaSk0uY2VyMA4GA1UdDwEB/wQEAwIHgDCB
mQYIKwYBBQUHAQsEgYwwgYkwVAYIKwYBBQUHMAuGSHJzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS9JRFQvamJCdndnNDU1SHY2bmFfSlVoOVNlQU5Z
TzJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAv
bm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeY3DANBgkq
hkiG9w0BAQsFAAOCAQEAz39KTT9tRT8ygIPJv1V44Rv3smcKsPfy+KGn9TshFCb6
77f5YI6LhwcoXRMuF0IWVKpzyueaV9A3hbE9Hs/WOXlVJNVGkCMvv7M/3qgSF3Rf
eqkEuvtJil24ch5d7/eAynFok/rbhQz2Kqmh9JmssELd86U6O3ovkg4aatHKq/Ql
DKWS4wUCbQdGkd57Av7kYY6nHKeB2b3Fic5ZF2v5HBT5S73hvZiMTo7XkxVgHg16
zSDngBeDroMSzrwHlyArvmOxWmkndq6B5aWfHQjPySR8XLJuhL3b0Nlh6bfcO1t+
xGtwCwbOfp04xQHuEOQqlOJ7If3+uMB596OioWELmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org