Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/-xgMcMwd5BFT9VVUWYKZUyapUHc.roa
File:                     -xgMcMwd5BFT9VVUWYKZUyapUHc.roa (raw, json)
Hash identifier:          wIGtj2cF04Wec4KyGzDnJlnQkedFBP/MLLWLcabkacc=
Subject key identifier:   FB:18:0C:70:CC:1D:E4:11:53:F5:55:54:59:82:99:53:26:A9:50:77
Certificate issuer:       /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial:       0190
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/-xgMcMwd5BFT9VVUWYKZUyapUHc.roa
Signing time:             Fri 17 Mar 2023 00:59:41 +0000
ROA not before:           Fri 17 Mar 2023 00:59:41 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     36231
IP address blocks:        103.172.127.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 400 (0x190)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
        Validity
            Not Before: Mar 17 00:59:41 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=FB180C70CC1DE41153F555545982995326A95077
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7c:1d:e5:82:69:2b:b7:24:af:e5:05:6a:2d:
                    7d:aa:04:6b:df:8a:5b:e7:0c:8b:e1:10:21:5e:84:
                    76:10:8c:ff:75:53:81:78:31:a4:cc:be:ea:bd:d5:
                    57:35:57:5e:26:2e:af:39:41:69:a5:7a:da:a3:5b:
                    41:f5:54:60:63:d3:bc:ec:41:c0:98:a1:99:8a:8c:
                    23:2c:ee:29:98:e2:0b:cd:90:1e:b1:da:1c:78:38:
                    ac:e1:ee:fa:b7:2e:a8:d2:d3:bb:5d:b9:ac:87:50:
                    09:0e:1f:f0:fa:6a:44:d4:f0:0e:f6:18:7a:5c:27:
                    1d:73:d3:c0:cf:5a:67:da:5d:a9:12:e2:43:b2:30:
                    ea:c1:bd:7d:69:44:2d:39:ff:06:09:47:ed:4b:55:
                    f5:e8:4c:8d:b9:7a:b1:ab:25:1b:5c:53:5f:8f:33:
                    2b:1b:c3:c6:17:61:40:75:02:aa:d3:4a:74:bf:c0:
                    e5:07:4c:7b:43:80:ad:bb:2d:e6:15:50:f4:6f:50:
                    45:40:54:1a:b0:11:1a:dc:11:0a:8c:28:c9:ce:8c:
                    bb:69:3e:ce:43:93:31:6b:b9:ff:82:6b:da:ed:7f:
                    6d:63:de:5f:49:3a:7b:0e:1f:d8:5e:ea:9a:59:20:
                    93:86:29:5d:f2:65:90:8d:f0:11:f1:3b:eb:f3:44:
                    12:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:18:0C:70:CC:1D:E4:11:53:F5:55:54:59:82:99:53:26:A9:50:77
            X509v3 Authority Key Identifier:
                keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/-xgMcMwd5BFT9VVUWYKZUyapUHc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:23:73:77:63:b5:47:c7:86:c6:cd:e9:65:19:ef:ad:27:e8:
         a0:b4:6f:29:00:2b:d1:c7:1c:14:34:54:8e:37:f8:1f:56:6f:
         96:15:38:8e:68:0c:6a:58:a4:e7:22:ad:8d:77:4e:76:f6:e6:
         f4:74:c3:6a:1a:ea:1f:5a:f9:64:92:5a:81:e3:fa:da:df:77:
         75:ac:d3:b5:9b:98:3c:42:7b:c4:df:fa:b3:4e:f4:dd:de:82:
         2a:7b:81:3d:54:97:3f:f2:91:4c:56:bd:99:84:52:62:f8:f1:
         58:c4:cd:b8:87:6e:8e:78:83:60:40:a6:66:44:de:bf:d5:c1:
         79:bf:59:ac:5d:4b:71:90:cb:73:07:84:1f:e5:1e:c8:5c:0b:
         bc:eb:19:88:99:70:58:1d:28:34:67:52:b3:37:88:e3:e4:f1:
         67:aa:b0:60:f8:2a:41:d8:a9:0e:c0:8b:2c:b0:10:23:b0:33:
         e5:7b:ef:65:96:93:43:9e:93:d8:4f:6a:95:b2:2c:2e:82:8f:
         fc:ea:1c:20:b1:fa:9a:d7:5a:74:f3:f9:de:9f:31:85:2e:bf:
         42:11:96:8d:7a:09:de:19:d2:4d:8a:66:65:20:31:08:48:24:
         1c:75:9f:01:5a:97:42:49:e4:6e:4f:58:14:a1:f0:68:13:bf:
         a9:9c:b1:d7
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICAZAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yMzAzMTcw
MDU5NDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZCMTgwQzcwQ0MxREU0
MTE1M0Y1NTU1NDU5ODI5OTUzMjZBOTUwNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrfB3lgmkrtySv5QVqLX2qBGvfilvnDIvhECFehHYQjP91U4F4
MaTMvuq91Vc1V14mLq85QWmletqjW0H1VGBj07zsQcCYoZmKjCMs7imY4gvNkB6x
2hx4OKzh7vq3LqjS07tduayHUAkOH/D6akTU8A72GHpcJx1z08DPWmfaXakS4kOy
MOrBvX1pRC05/wYJR+1LVfXoTI25erGrJRtcU1+PMysbw8YXYUB1AqrTSnS/wOUH
THtDgK27LeYVUPRvUEVAVBqwERrcEQqMKMnOjLtpPs5DkzFruf+Ca9rtf21j3l9J
OnsOH9he6ppZIJOGKV3yZZCN8BHxO+vzRBIJAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU+xgMcMwd5BFT9VVUWYKZUyapUHcwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC8teGdNY013ZDVCRlQ5
VlZVV1lLWlV5YXBVSGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ6x/MA0GCSqGSIb3DQEBCwUAA4IBAQCBI3N3Y7VHx4bGzellGe+tJ+igtG8p
ACvRxxwUNFSON/gfVm+WFTiOaAxqWKTnIq2Nd0529ub0dMNqGuofWvlkklqB4/ra
33d1rNO1m5g8QnvE3/qzTvTd3oIqe4E9VJc/8pFMVr2ZhFJi+PFYxM24h26OeINg
QKZmRN6/1cF5v1msXUtxkMtzB4Qf5R7IXAu86xmImXBYHSg0Z1KzN4jj5PFnqrBg
+CpB2KkOwIsssBAjsDPle+9llpNDnpPYT2qVsiwugo/86hwgsfqa11p08/nenzGF
Lr9CEZaNegneGdJNimZlIDEISCQcdZ8BWpdCSeRuT1gUofBoE7+pnLHX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org