Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/Dv7BdmD3TmKc975XsuqyrJ3Hypo.roa
File:                     Dv7BdmD3TmKc975XsuqyrJ3Hypo.roa (raw, json)
Hash identifier:          3D34yJSco8J+sG3EKCYFHfpK2/RFlEJrNQbll24Zmwc=
Subject key identifier:   0E:FE:C1:76:60:F7:4E:62:9C:F7:BE:57:B2:EA:B2:AC:9D:C7:CA:9A
Certificate issuer:       /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial:       01A5
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/Dv7BdmD3TmKc975XsuqyrJ3Hypo.roa
Signing time:             Mon 10 Apr 2023 07:39:46 +0000
ROA not before:           Mon 10 Apr 2023 07:39:46 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     212238
IP address blocks:        103.172.126.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 421 (0x1a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
        Validity
            Not Before: Apr 10 07:39:46 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=0EFEC17660F74E629CF7BE57B2EAB2AC9DC7CA9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:07:a3:02:5d:9e:1e:a9:b1:74:11:cf:fc:35:
                    77:5e:92:9b:8f:8c:e5:54:0c:14:4f:72:14:18:f4:
                    64:b7:31:8d:c8:3a:49:e5:4b:06:c8:bb:81:31:28:
                    8b:55:20:ac:2f:d0:ea:3e:0a:c3:30:22:58:ae:90:
                    a8:af:88:5b:ec:6d:62:c6:7a:e6:f6:1a:a4:e5:5a:
                    d5:90:1b:7a:5b:34:4a:bb:66:7b:7d:71:d1:76:3d:
                    97:eb:14:5c:fa:17:4e:fb:6c:59:70:d3:49:42:e0:
                    c4:db:70:27:86:9c:87:bc:02:0e:06:0d:31:ce:bf:
                    44:db:2f:46:cf:bf:27:7b:22:47:eb:55:cd:bb:15:
                    05:9a:c5:9b:73:dc:b4:75:ef:9b:87:2e:fd:e9:cd:
                    a8:37:6e:2a:16:18:a5:a7:14:52:b8:53:8b:3d:63:
                    19:0e:15:dd:4d:aa:ea:75:c0:3a:8e:6e:bc:30:94:
                    a8:ca:79:c1:3b:a1:1d:6e:3f:d0:c8:fa:6c:27:59:
                    fa:6b:f7:d8:6a:60:8d:2c:f7:99:e3:af:a7:af:47:
                    ea:6f:56:fe:8d:90:98:be:b0:52:b8:56:c1:ee:4e:
                    56:b0:13:42:c6:e1:96:49:ef:d1:b4:7f:d0:f6:6e:
                    c3:0d:f6:72:f7:45:79:76:a5:dd:b4:8d:d7:56:e5:
                    39:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:FE:C1:76:60:F7:4E:62:9C:F7:BE:57:B2:EA:B2:AC:9D:C7:CA:9A
            X509v3 Authority Key Identifier:
                keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/Dv7BdmD3TmKc975XsuqyrJ3Hypo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         43:6b:76:18:b9:1d:0e:1a:1e:7a:a5:1b:a8:c5:f7:10:f7:04:
         04:b7:79:87:98:3a:81:19:51:e3:37:56:50:e4:71:e6:02:57:
         40:db:d0:43:58:a6:be:2b:48:18:c2:d6:ce:ef:a1:f0:b5:e0:
         c0:da:8b:22:85:e1:7a:25:d1:8f:d2:84:d1:f7:86:de:99:56:
         ea:92:27:23:d5:d4:f7:f6:d2:db:86:2a:8f:56:0a:4d:a1:1a:
         33:39:87:85:f4:c6:e4:f9:df:6a:24:36:80:8e:7c:c8:33:ab:
         dd:8c:10:80:c1:8a:90:05:0d:19:8e:42:81:d9:95:49:5a:24:
         96:fc:74:f0:dd:6e:c3:16:37:04:bb:bb:27:09:f4:97:73:26:
         03:f7:d8:a8:0d:94:af:c9:38:3e:0d:56:2e:82:de:ed:3a:05:
         62:5d:ab:c7:c4:2a:4c:31:01:3e:40:73:7b:fa:9b:03:81:8c:
         3d:88:2a:f4:6d:2e:7f:d3:bb:d3:4b:a8:6a:ec:d4:c8:07:1e:
         bd:b5:9c:4c:fb:9a:09:46:7d:c6:49:cc:45:bc:f5:01:a2:93:
         ed:21:4b:cf:08:32:cd:91:ff:ea:0c:a8:30:d8:9b:db:39:c3:
         09:82:58:97:29:8d:f1:14:20:e1:75:86:97:d1:f7:b9:7e:08:
         57:39:48:0d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICAaUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yMzA0MTAw
NzM5NDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBFRkVDMTc2NjBGNzRF
NjI5Q0Y3QkU1N0IyRUFCMkFDOURDN0NBOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2B6MCXZ4eqbF0Ec/8NXdekpuPjOVUDBRPchQY9GS3MY3IOknl
SwbIu4ExKItVIKwv0Oo+CsMwIliukKiviFvsbWLGeub2GqTlWtWQG3pbNEq7Znt9
cdF2PZfrFFz6F077bFlw00lC4MTbcCeGnIe8Ag4GDTHOv0TbL0bPvyd7IkfrVc27
FQWaxZtz3LR175uHLv3pzag3bioWGKWnFFK4U4s9YxkOFd1Nqup1wDqObrwwlKjK
ecE7oR1uP9DI+mwnWfpr99hqYI0s95njr6evR+pvVv6NkJi+sFK4VsHuTlawE0LG
4ZZJ79G0f9D2bsMN9nL3RXl2pd20jddW5TknAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUDv7BdmD3TmKc975XsuqyrJ3HypowHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC9EdjdCZG1EM1RtS2M5
NzVYc3VxeXJKM0h5cG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ6x+MA0GCSqGSIb3DQEBCwUAA4IBAQBDa3YYuR0OGh56pRuoxfcQ9wQEt3mH
mDqBGVHjN1ZQ5HHmAldA29BDWKa+K0gYwtbO76HwteDA2osiheF6JdGP0oTR94be
mVbqkicj1dT39tLbhiqPVgpNoRozOYeF9Mbk+d9qJDaAjnzIM6vdjBCAwYqQBQ0Z
jkKB2ZVJWiSW/HTw3W7DFjcEu7snCfSXcyYD99ioDZSvyTg+DVYugt7tOgViXavH
xCpMMQE+QHN7+psDgYw9iCr0bS5/07vTS6hq7NTIBx69tZxM+5oJRn3GScxFvPUB
opPtIUvPCDLNkf/qDKgw2JvbOcMJgliXKY3xFCDhdYaX0fe5fghXOUgN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org