Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fuYyRKMhu_OozbK7UPMdbtwnCI4.roa
File:                     fuYyRKMhu_OozbK7UPMdbtwnCI4.roa (raw, json)
Hash identifier:          iAd/qmugb7UbjQOkL03h74UrM+5yMNsli4WpghAKEaw=
Subject key identifier:   7E:E6:32:44:A3:21:BB:F3:A8:CD:B2:BB:50:F3:1D:6E:DC:27:08:8E
Certificate issuer:       /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial:       0AE8
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fuYyRKMhu_OozbK7UPMdbtwnCI4.roa
Signing time:             Thu 15 Sep 2022 02:40:55 +0000
ROA not before:           Thu 15 Sep 2022 02:40:55 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18042
IP address blocks:        119.14.0.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2792 (0xae8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
        Validity
            Not Before: Sep 15 02:40:55 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=7EE63244A321BBF3A8CDB2BB50F31D6EDC27088E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:3c:38:88:b8:33:c7:ef:af:17:72:56:63:80:
                    b1:16:3f:8d:5a:37:5a:aa:dd:cd:05:b6:46:9a:09:
                    f0:b6:53:52:a3:34:49:f8:4e:4f:68:c2:d5:72:e9:
                    ef:cc:4d:65:12:51:4f:70:ab:ec:31:8c:07:2e:1c:
                    cf:22:84:36:f7:a1:a3:fb:6d:bd:cf:df:fa:08:9b:
                    6f:bd:17:a6:8c:d3:89:c9:f2:25:ca:67:44:ac:3b:
                    5f:61:be:86:79:94:e6:9b:8f:6b:a4:39:a2:11:d2:
                    a6:58:cc:5b:66:b3:2a:07:0c:90:aa:41:30:d1:46:
                    be:fe:20:10:d2:37:27:db:c2:c3:28:76:60:00:9a:
                    de:aa:72:9b:62:d0:ab:db:5a:e3:13:23:6e:9c:74:
                    63:b0:27:9b:fd:1f:53:bb:00:b9:20:83:3d:80:52:
                    dd:49:96:6f:80:f8:84:1b:33:76:be:ff:ab:a8:f0:
                    a3:32:c8:5b:30:c1:84:7c:31:49:46:d8:f7:17:80:
                    f4:37:06:04:95:62:a3:40:be:cf:c0:d5:7f:69:f7:
                    3e:9c:2e:3d:6c:0a:24:fa:2b:52:a9:2e:ae:a9:47:
                    f5:3f:c8:af:60:06:81:d9:6e:17:e0:b8:39:b7:1a:
                    d8:84:b8:ec:d0:91:98:c8:b2:96:40:d3:ee:49:bd:
                    b4:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:E6:32:44:A3:21:BB:F3:A8:CD:B2:BB:50:F3:1D:6E:DC:27:08:8E
            X509v3 Authority Key Identifier:
                keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fuYyRKMhu_OozbK7UPMdbtwnCI4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.14.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         49:23:5d:6b:d1:ec:97:23:ef:35:f9:d7:7f:18:d1:ca:6b:92:
         54:98:be:f3:05:72:db:0e:a6:94:2d:4e:ce:b8:4e:0a:4d:79:
         2e:20:e5:b3:9f:e3:11:92:af:e9:e5:82:a9:65:71:26:f4:0a:
         05:b9:b9:a3:28:25:14:d6:7b:1f:b7:9d:7a:ad:e9:69:29:ca:
         2d:7b:b3:38:36:74:88:b5:9e:94:68:b9:9e:ee:9a:6a:b3:20:
         cf:d2:ab:59:ff:7a:89:3c:c1:82:e9:cb:bd:0c:39:0b:dc:5c:
         86:d0:52:02:86:dc:d6:59:09:21:6b:72:a1:1e:d5:83:a5:74:
         ea:4b:02:4c:45:50:5b:53:bc:21:4d:e7:8a:9e:ca:25:82:15:
         35:3d:f0:54:1b:cf:27:9b:06:4d:06:b3:d1:ef:0f:18:0e:0a:
         70:d5:e4:68:09:70:54:55:00:88:a8:71:36:18:c8:8f:8b:87:
         36:ec:f5:32:b5:1d:5b:50:81:04:13:d0:ae:df:1d:dc:48:31:
         83:59:3d:f4:47:0f:29:d9:60:09:8b:b7:f7:29:f4:4a:36:e8:
         c8:7d:69:e8:8e:92:51:e3:38:00:32:89:97:b2:50:f5:70:19:
         80:00:ea:48:ce:84:bc:c0:77:6d:ee:c9:bd:dd:2d:f7:e8:78:
         b3:00:1f:55
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMjA5MTUw
MjQwNTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDdFRTYzMjQ0QTMyMUJC
RjNBOENEQjJCQjUwRjMxRDZFREMyNzA4OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfPDiIuDPH768XclZjgLEWP41aN1qq3c0FtkaaCfC2U1KjNEn4
Tk9owtVy6e/MTWUSUU9wq+wxjAcuHM8ihDb3oaP7bb3P3/oIm2+9F6aM04nJ8iXK
Z0SsO19hvoZ5lOabj2ukOaIR0qZYzFtmsyoHDJCqQTDRRr7+IBDSNyfbwsModmAA
mt6qcpti0KvbWuMTI26cdGOwJ5v9H1O7ALkggz2AUt1Jlm+A+IQbM3a+/6uo8KMy
yFswwYR8MUlG2PcXgPQ3BgSVYqNAvs/A1X9p9z6cLj1sCiT6K1KpLq6pR/U/yK9g
BoHZbhfguDm3GtiEuOzQkZjIspZA0+5JvbT7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfuYyRKMhu/OozbK7UPMdbtwnCI4wHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2Z1WXlSS01odV9Pb3piSzdV
UE1kYnR3bkNJNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd3
DgAwDQYJKoZIhvcNAQELBQADggEBAEkjXWvR7Jcj7zX5138Y0cprklSYvvMFctsO
ppQtTs64TgpNeS4g5bOf4xGSr+nlgqllcSb0CgW5uaMoJRTWex+3nXqt6Wkpyi17
szg2dIi1npRouZ7ummqzIM/Sq1n/eok8wYLpy70MOQvcXIbQUgKG3NZZCSFrcqEe
1YOldOpLAkxFUFtTvCFN54qeyiWCFTU98FQbzyebBk0Gs9HvDxgOCnDV5GgJcFRV
AIiocTYYyI+Lhzbs9TK1HVtQgQQT0K7fHdxIMYNZPfRHDynZYAmLt/cp9Eo26Mh9
aeiOklHjOAAyiZeyUPVwGYAA6kjOhLzAd23uyb3dLffoeLMAH1U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org