Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/0jguCCfQc8Onuuko7q35zZbNx7w.roa
File:                     0jguCCfQc8Onuuko7q35zZbNx7w.roa (raw, json)
Hash identifier:          8ZN0saxXoKMq+WbB2KG8uHIHmDaFoJRQRm7u+FHEr28=
Subject key identifier:   D2:38:2E:08:27:D0:73:C3:A7:BA:E9:28:EE:AD:F9:CD:96:CD:C7:BC
Certificate issuer:       /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial:       0AE8
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/0jguCCfQc8Onuuko7q35zZbNx7w.roa
Signing time:             Thu 15 Sep 2022 02:40:53 +0000
ROA not before:           Thu 15 Sep 2022 02:40:53 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18042
IP address blocks:        123.252.0.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2792 (0xae8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
        Validity
            Not Before: Sep 15 02:40:53 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=D2382E0827D073C3A7BAE928EEADF9CD96CDC7BC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e4:c0:fe:4c:32:04:f0:20:c7:4b:42:f0:5f:
                    bf:a6:7b:ec:bf:77:3e:e3:34:34:f9:f2:91:09:25:
                    e7:39:0a:cf:19:68:9b:11:73:86:0d:a6:bb:d9:91:
                    b4:3a:bf:fa:30:92:23:f8:04:36:75:54:96:2f:86:
                    ac:15:b7:41:9b:ef:87:94:b0:5e:86:b0:4c:15:ca:
                    96:48:d7:36:f4:8f:d8:cc:7c:50:b5:60:ce:26:39:
                    00:06:0c:f0:4e:28:15:63:7e:0e:e0:ca:9a:20:ef:
                    ec:8a:a9:5a:95:ce:e6:33:90:09:26:7d:57:4d:ef:
                    12:80:73:5e:6c:07:aa:e2:ce:76:9d:95:e0:b1:65:
                    71:cd:66:81:d3:9d:37:90:6a:30:99:31:8c:8d:a6:
                    21:95:41:22:86:b8:a5:e0:84:79:1e:1d:68:90:81:
                    8f:b7:08:43:dc:25:80:33:64:f5:5b:e1:cc:73:9a:
                    3b:0f:b7:64:09:ba:61:35:32:b1:ff:92:b8:23:52:
                    e1:0f:af:cf:9b:6a:93:e0:b5:c0:f8:47:69:89:d8:
                    be:9d:e1:75:9c:11:11:8b:22:7a:e0:20:b0:5d:5d:
                    66:13:4c:df:b2:bf:db:75:cd:84:0b:28:be:c7:e5:
                    e7:76:b8:08:9d:85:7e:da:4c:c3:d2:09:09:96:45:
                    ae:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:38:2E:08:27:D0:73:C3:A7:BA:E9:28:EE:AD:F9:CD:96:CD:C7:BC
            X509v3 Authority Key Identifier:
                keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/0jguCCfQc8Onuuko7q35zZbNx7w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.252.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         0c:12:ff:3f:af:25:ab:f7:14:81:f8:00:85:50:e9:62:8f:19:
         db:44:40:f6:ba:0a:53:19:e8:ce:63:7a:0a:f5:58:63:63:2a:
         c1:98:c9:09:83:6a:4d:7f:37:a0:41:b1:1c:b0:cd:ba:16:ef:
         bc:0d:ef:49:bf:49:dd:33:3c:be:f3:c0:50:92:3b:81:28:a4:
         48:be:b0:45:52:af:24:ff:68:f8:27:c1:56:b2:61:91:ed:ae:
         f5:84:59:c3:34:22:86:67:48:9b:7e:b9:db:92:22:c0:7f:8c:
         68:57:78:b5:8b:95:6f:d0:4c:6e:ca:00:5b:ce:8c:74:c7:53:
         59:79:dc:d3:2e:aa:17:4a:41:14:87:2a:39:7b:35:b4:29:cd:
         38:9f:64:26:4a:8a:9c:c7:ed:30:8e:0b:06:24:21:c7:59:ea:
         ad:4a:60:25:c7:85:3d:7e:df:0b:c4:4d:56:08:48:13:e8:55:
         4e:26:b8:ce:6b:07:58:f4:80:cb:d9:7b:2f:e1:dc:0d:01:ef:
         56:7f:fd:46:2b:8b:63:4d:2f:1d:cb:62:ca:8f:ca:52:07:68:
         5d:0c:c8:60:ef:56:d5:c0:8d:65:de:2a:88:89:a9:4f:7a:d9:
         09:08:08:f4:a9:b2:10:fb:19:a6:06:c8:4e:0a:30:88:b7:72:
         8b:1c:3d:24
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMjA5MTUw
MjQwNTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQyMzgyRTA4MjdEMDcz
QzNBN0JBRTkyOEVFQURGOUNEOTZDREM3QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP5MD+TDIE8CDHS0LwX7+me+y/dz7jNDT58pEJJec5Cs8ZaJsR
c4YNprvZkbQ6v/owkiP4BDZ1VJYvhqwVt0Gb74eUsF6GsEwVypZI1zb0j9jMfFC1
YM4mOQAGDPBOKBVjfg7gypog7+yKqVqVzuYzkAkmfVdN7xKAc15sB6riznadleCx
ZXHNZoHTnTeQajCZMYyNpiGVQSKGuKXghHkeHWiQgY+3CEPcJYAzZPVb4cxzmjsP
t2QJumE1MrH/krgjUuEPr8+bapPgtcD4R2mJ2L6d4XWcERGLInrgILBdXWYTTN+y
v9t1zYQLKL7H5ed2uAidhX7aTMPSCQmWRa79AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0jguCCfQc8Onuuko7q35zZbNx7wwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HLzBqZ3VDQ2ZRYzhPbnV1a283
cTM1elpiTng3dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd7
/AAwDQYJKoZIhvcNAQELBQADggEBAAwS/z+vJav3FIH4AIVQ6WKPGdtEQPa6ClMZ
6M5jegr1WGNjKsGYyQmDak1/N6BBsRywzboW77wN70m/Sd0zPL7zwFCSO4EopEi+
sEVSryT/aPgnwVayYZHtrvWEWcM0IoZnSJt+uduSIsB/jGhXeLWLlW/QTG7KAFvO
jHTHU1l53NMuqhdKQRSHKjl7NbQpzTifZCZKipzH7TCOCwYkIcdZ6q1KYCXHhT1+
3wvETVYISBPoVU4muM5rB1j0gMvZey/h3A0B71Z//UYri2NNLx3LYsqPylIHaF0M
yGDvVtXAjWXeKoiJqU962QkICPSpshD7GaYGyE4KMIi3coscPSQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org