Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fHij5-Dn-kPi7U3yWtWymC8hWYg.roa
File:                     fHij5-Dn-kPi7U3yWtWymC8hWYg.roa (raw, json)
Hash identifier:          AiO+gsnMjlRZMm0TI/mNPsW5PgqdqQnXAMTZb+zH1+E=
Subject key identifier:   7C:78:A3:E7:E0:E7:FA:43:E2:ED:4D:F2:5A:D5:B2:98:2F:21:59:88
Certificate issuer:       /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial:       09F8
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fHij5-Dn-kPi7U3yWtWymC8hWYg.roa
Signing time:             Wed 29 Sep 2021 02:40:37 +0000
ROA not before:           Wed 29 Sep 2021 02:40:37 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     18042
IP address blocks:        115.43.128.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2552 (0x9f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
        Validity
            Not Before: Sep 29 02:40:37 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=7C78A3E7E0E7FA43E2ED4DF25AD5B2982F215988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:36:da:33:20:ef:b4:74:a1:73:c7:3e:41:d4:
                    b8:50:0c:e7:7a:fd:3a:e2:00:09:21:91:e4:d5:37:
                    f9:86:08:1b:2f:b6:ee:76:bb:78:e0:3b:a6:e5:f9:
                    fd:eb:82:c9:77:04:19:c5:13:72:ee:91:4e:2c:8e:
                    03:6c:27:75:0c:01:c0:4c:60:87:a4:35:a3:a2:74:
                    d0:6f:a1:8c:2b:28:a4:dc:ff:15:24:3e:a3:63:1a:
                    ee:46:f0:4a:84:b6:cf:63:54:cb:96:30:9d:b3:ac:
                    61:54:0b:69:ce:ba:4f:b2:34:13:7d:fe:e6:cf:c1:
                    5b:2b:ea:07:d1:8f:00:5e:5c:4c:9a:77:bd:cf:1a:
                    59:2b:0a:9a:3c:87:41:86:f8:82:df:a0:d9:53:db:
                    ca:4f:95:37:24:d5:98:a7:36:aa:ba:7a:df:25:ce:
                    bb:e4:c1:de:e5:36:5a:ba:44:57:4d:6e:57:b3:cd:
                    48:99:f7:08:32:36:ce:5a:e8:c6:5f:2f:2e:32:c8:
                    ae:87:d6:87:bb:6c:7a:ae:7f:7e:d3:fe:fd:24:a7:
                    37:ff:e7:77:af:c7:77:ad:9f:2a:16:6d:4e:f3:a1:
                    14:ad:a2:b3:fb:d3:e7:da:ea:b3:5c:32:47:18:85:
                    25:95:7e:a9:66:b0:63:49:6f:62:1e:60:07:78:3b:
                    eb:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:78:A3:E7:E0:E7:FA:43:E2:ED:4D:F2:5A:D5:B2:98:2F:21:59:88
            X509v3 Authority Key Identifier:
                keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fHij5-Dn-kPi7U3yWtWymC8hWYg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.43.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         65:22:89:b5:3a:80:6b:11:91:85:bb:d4:ae:89:dc:f0:b1:75:
         26:d2:73:37:17:be:7c:1f:19:22:0e:6a:78:e3:e8:03:6d:9f:
         46:44:11:75:2c:8e:be:1d:b4:b5:e6:a2:fd:50:06:4d:97:5b:
         dd:54:78:34:f1:c0:3f:76:a1:69:e3:bc:e6:9b:bc:04:3b:95:
         63:ff:84:88:cb:c8:7d:5e:ba:ba:8f:d1:22:6e:d7:95:69:9b:
         9e:62:3b:f3:b3:04:c7:c3:97:36:a5:a8:00:09:93:da:14:f9:
         f0:f3:de:b0:fa:ef:c4:d7:42:6c:8a:4c:06:ab:02:28:e2:bb:
         0b:6d:d6:c5:f7:47:0c:94:6a:65:80:18:d5:27:4b:41:75:95:
         b6:e9:97:5a:60:a6:92:fa:c6:f7:0a:10:89:04:7d:d6:98:74:
         ac:64:58:50:6a:37:df:56:95:6c:01:27:73:e6:b3:07:b4:da:
         f3:8c:8d:2b:29:08:af:1e:ca:9b:dd:00:d6:9d:2d:a7:c0:37:
         6a:06:d8:d8:0c:b2:1e:ca:f3:76:3f:cc:1a:41:7f:50:f6:bd:
         2f:d1:5f:4c:d4:a6:a9:ea:ce:d9:f4:c8:be:1b:28:36:c5:40:
         46:b5:fd:cf:02:8e:e2:22:21:a9:60:2a:8f:ee:eb:95:21:ef:
         13:12:d5:4a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMTA5Mjkw
MjQwMzdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDdDNzhBM0U3RTBFN0ZB
NDNFMkVENERGMjVBRDVCMjk4MkYyMTU5ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuNtozIO+0dKFzxz5B1LhQDOd6/TriAAkhkeTVN/mGCBsvtu52
u3jgO6bl+f3rgsl3BBnFE3LukU4sjgNsJ3UMAcBMYIekNaOidNBvoYwrKKTc/xUk
PqNjGu5G8EqEts9jVMuWMJ2zrGFUC2nOuk+yNBN9/ubPwVsr6gfRjwBeXEyad73P
GlkrCpo8h0GG+ILfoNlT28pPlTck1ZinNqq6et8lzrvkwd7lNlq6RFdNblezzUiZ
9wgyNs5a6MZfLy4yyK6H1oe7bHquf37T/v0kpzf/53evx3etnyoWbU7zoRStorP7
0+fa6rNcMkcYhSWVfqlmsGNJb2IeYAd4O+sjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfHij5+Dn+kPi7U3yWtWymC8hWYgwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2ZIaWo1LURuLWtQaTdVM3lX
dFd5bUM4aFdZZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAdz
K4AwDQYJKoZIhvcNAQELBQADggEBAGUiibU6gGsRkYW71K6J3PCxdSbSczcXvnwf
GSIOanjj6ANtn0ZEEXUsjr4dtLXmov1QBk2XW91UeDTxwD92oWnjvOabvAQ7lWP/
hIjLyH1eurqP0SJu15Vpm55iO/OzBMfDlzalqAAJk9oU+fDz3rD678TXQmyKTAar
Aijiuwtt1sX3RwyUamWAGNUnS0F1lbbpl1pgppL6xvcKEIkEfdaYdKxkWFBqN99W
lWwBJ3Pmswe02vOMjSspCK8eypvdANadLafAN2oG2NgMsh7K83Y/zBpBf1D2vS/R
X0zUpqnqztn0yL4bKDbFQEa1/c8CjuIiIalgKo/u65Uh7xMS1Uo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org