Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/pYcsNd_g_m5MG-XAgPG6cxIqV4s.roa
File:                     pYcsNd_g_m5MG-XAgPG6cxIqV4s.roa (raw, json)
Hash identifier:          LFgzekDkReg5OWyNpLsyzyxYCwU0TMsfUAGUzbY6+yw=
Subject key identifier:   A5:87:2C:35:DF:E0:FE:6E:4C:1B:E5:C0:80:F1:BA:73:12:2A:57:8B
Certificate issuer:       /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial:       0AE8
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/pYcsNd_g_m5MG-XAgPG6cxIqV4s.roa
Signing time:             Thu 15 Sep 2022 02:40:49 +0000
ROA not before:           Thu 15 Sep 2022 02:40:49 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        123.252.64.0/18 maxlen: 18

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2792 (0xae8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
        Validity
            Not Before: Sep 15 02:40:49 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A5872C35DFE0FE6E4C1BE5C080F1BA73122A578B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e5:a3:bd:ed:11:2f:e7:a1:66:b8:40:77:2e:
                    e4:7e:95:c5:a9:e2:75:b7:24:57:46:f5:31:23:1f:
                    cb:a0:8c:f2:c5:3a:6d:a5:c5:8a:15:f8:e8:4a:96:
                    4d:de:58:49:83:eb:f1:de:49:fa:dc:ce:c4:cd:aa:
                    58:25:82:dc:32:26:e7:d8:9e:aa:1a:70:3c:a7:9d:
                    3c:f3:2e:44:29:40:52:0e:4c:70:fa:85:52:48:b3:
                    e8:7a:23:a8:e8:11:b7:ba:79:32:13:0e:83:72:2f:
                    3c:87:92:a5:dd:b2:d3:5b:c1:79:7a:d7:f9:89:51:
                    8e:64:0b:09:1d:4b:e4:0f:2e:bd:04:ba:e7:e1:1a:
                    11:60:7c:ca:24:bc:da:fd:b9:97:08:1b:e9:e1:d5:
                    51:fe:23:36:ec:0d:5f:4b:b8:ac:9e:cf:f1:e3:c5:
                    c0:54:95:02:7e:4a:56:3f:df:35:2a:36:30:f7:f1:
                    2f:8a:76:0d:5f:84:d9:f0:65:9c:83:b3:77:7b:49:
                    b5:f8:d6:99:83:81:80:cc:60:95:c3:5e:34:30:01:
                    cf:11:50:68:67:62:9f:ae:c5:bd:b1:3c:41:27:71:
                    f9:b4:0e:d3:57:0e:71:03:85:1f:6d:eb:c8:e4:7c:
                    0b:0f:e1:19:e2:0c:80:43:e3:02:81:47:48:ca:0b:
                    56:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:87:2C:35:DF:E0:FE:6E:4C:1B:E5:C0:80:F1:BA:73:12:2A:57:8B
            X509v3 Authority Key Identifier:
                keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/pYcsNd_g_m5MG-XAgPG6cxIqV4s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.252.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         26:13:81:79:5f:51:43:52:e9:89:8b:bb:4f:a3:5c:5f:b1:38:
         7e:56:10:04:f7:a5:21:94:01:29:30:a9:31:d5:64:bd:fa:ce:
         35:4f:3a:7c:23:1c:00:82:c6:01:c4:1b:53:d6:a3:35:af:ec:
         4b:53:a2:34:79:9e:64:4c:0d:6e:3b:fe:72:44:18:85:03:52:
         4c:15:d2:31:c1:91:da:a3:40:be:90:67:1b:2b:58:20:70:ee:
         39:50:30:8f:21:6e:2b:53:01:7e:bd:d0:ae:b0:16:ac:bc:c2:
         10:b2:c5:b9:29:d9:8f:77:cd:dc:0b:e7:27:fd:94:2d:e9:11:
         7f:a7:94:0f:40:f3:cb:c1:d9:41:88:d0:4c:c7:31:e7:4a:94:
         7d:23:ed:a7:25:e0:b7:ab:6d:a7:79:f0:59:45:8a:67:03:dc:
         16:a2:1c:54:4d:11:57:0f:2c:42:8c:41:9f:dd:f8:46:36:50:
         79:3a:21:b0:19:4f:04:f1:bc:39:ba:7d:79:c3:e3:bc:ef:8e:
         34:e2:30:46:e4:7e:32:10:7d:30:c2:f7:77:db:10:19:5d:93:
         e8:e4:f3:ae:16:4e:4e:cb:39:6d:56:d2:88:7d:4b:db:44:46:
         d9:3f:7f:7e:b3:d4:05:53:b1:1b:3a:39:b2:da:62:1a:98:e7:
         4b:c4:ef:dc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMjA5MTUw
MjQwNDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEE1ODcyQzM1REZFMEZF
NkU0QzFCRTVDMDgwRjFCQTczMTIyQTU3OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCd5aO97REv56FmuEB3LuR+lcWp4nW3JFdG9TEjH8ugjPLFOm2l
xYoV+OhKlk3eWEmD6/HeSfrczsTNqlglgtwyJufYnqoacDynnTzzLkQpQFIOTHD6
hVJIs+h6I6joEbe6eTITDoNyLzyHkqXdstNbwXl61/mJUY5kCwkdS+QPLr0Euufh
GhFgfMokvNr9uZcIG+nh1VH+IzbsDV9LuKyez/HjxcBUlQJ+SlY/3zUqNjD38S+K
dg1fhNnwZZyDs3d7SbX41pmDgYDMYJXDXjQwAc8RUGhnYp+uxb2xPEEncfm0DtNX
DnEDhR9t68jkfAsP4RniDIBD4wKBR0jKC1aNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpYcsNd/g/m5MG+XAgPG6cxIqV4swHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL3BZY3NOZF9nX201TUctWEFn
UEc2Y3hJcVY0cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ7
/EAwDQYJKoZIhvcNAQELBQADggEBACYTgXlfUUNS6YmLu0+jXF+xOH5WEAT3pSGU
ASkwqTHVZL36zjVPOnwjHACCxgHEG1PWozWv7EtTojR5nmRMDW47/nJEGIUDUkwV
0jHBkdqjQL6QZxsrWCBw7jlQMI8hbitTAX690K6wFqy8whCyxbkp2Y93zdwL5yf9
lC3pEX+nlA9A88vB2UGI0EzHMedKlH0j7acl4Lerbad58FlFimcD3BaiHFRNEVcP
LEKMQZ/d+EY2UHk6IbAZTwTxvDm6fXnD47zvjjTiMEbkfjIQfTDC93fbEBldk+jk
864WTk7LOW1W0oh9S9tERtk/f36z1AVTsRs6ObLaYhqY50vE79w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org