Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MKY/dbP3gkXOuroQng99doYaczPd4KY.roa
File:                     dbP3gkXOuroQng99doYaczPd4KY.roa (raw, json)
Hash identifier:          a8ih+IUqqqIgjKIrLbaZdS8RBxik6fcecBuI7RhG+x0=
Subject key identifier:   75:B3:F7:82:45:CE:BA:BA:10:9E:0F:7D:76:86:1A:73:33:DD:E0:A6
Certificate issuer:       /CN=9D9E97B00D2E15C41AE7071732018C2B137E53A1
Certificate serial:       095D
Authority key identifier: 9D:9E:97:B0:0D:2E:15:C4:1A:E7:07:17:32:01:8C:2B:13:7E:53:A1
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/dbP3gkXOuroQng99doYaczPd4KY.roa
Signing time:             Wed 29 Sep 2021 02:40:31 +0000
ROA not before:           Wed 29 Sep 2021 02:40:31 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     7478
IP address blocks:        211.76.0.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2397 (0x95d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9D9E97B00D2E15C41AE7071732018C2B137E53A1
        Validity
            Not Before: Sep 29 02:40:31 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=75B3F78245CEBABA109E0F7D76861A7333DDE0A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:3f:f9:37:f3:53:c1:a7:d6:01:4a:a9:60:75:
                    43:a0:55:cd:4a:7f:51:67:84:14:ae:31:0f:eb:5e:
                    ec:b6:03:b4:4a:af:42:1c:bc:23:2c:c0:d3:6f:f1:
                    2d:21:03:db:b6:8d:80:5f:33:00:15:34:b7:a3:7e:
                    37:73:c9:b5:72:8e:3d:01:e3:04:c8:55:17:b4:cd:
                    38:f8:0a:7e:ef:1f:1f:bd:0e:85:7e:52:8e:5a:84:
                    b2:ef:76:c8:25:66:44:e5:16:87:6f:2a:ea:db:fb:
                    2e:c6:d0:75:5a:c3:de:22:ff:ff:cc:15:5c:a7:d1:
                    87:31:20:ff:ef:01:e9:e8:60:58:0f:84:ef:e6:fb:
                    58:5d:30:62:c4:78:e5:67:13:20:03:6f:e2:0b:79:
                    5b:37:9b:8d:35:a4:e5:2a:be:68:3f:97:7a:f1:91:
                    fe:59:ef:7d:db:73:fd:3e:21:e3:9d:a7:fb:ca:24:
                    71:b8:6f:2e:89:9a:ff:43:82:34:12:08:8b:cf:d7:
                    5d:c5:26:51:0f:d5:bc:52:6a:85:d0:99:9c:ea:7a:
                    b6:06:f4:51:e8:23:21:56:b3:46:e6:ec:a4:3d:1e:
                    c7:7f:77:ab:c9:55:85:6d:b2:31:b7:f7:55:2a:85:
                    cb:9d:17:71:ee:08:b1:45:d7:db:c3:68:fb:b2:bd:
                    d9:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:B3:F7:82:45:CE:BA:BA:10:9E:0F:7D:76:86:1A:73:33:DD:E0:A6
            X509v3 Authority Key Identifier:
                keyid:9D:9E:97:B0:0D:2E:15:C4:1A:E7:07:17:32:01:8C:2B:13:7E:53:A1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/dbP3gkXOuroQng99doYaczPd4KY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.76.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         42:89:ee:57:d4:c9:a2:ee:d5:87:23:c0:a9:8d:e0:4e:08:5a:
         08:3a:c7:6d:42:8d:4e:aa:e5:3b:a2:61:c0:ed:84:49:29:fe:
         c3:9a:f5:30:83:35:15:21:a6:f4:c2:85:14:df:41:94:5b:d3:
         b2:68:8b:bd:13:49:ce:56:ea:c3:75:c2:a8:9c:1f:ea:6a:c8:
         69:5d:47:16:84:a5:ed:ed:3c:72:0e:2a:3d:79:d4:7d:d2:24:
         59:9a:cc:0c:94:e3:1b:80:94:ea:28:de:f0:c4:a6:dd:20:41:
         56:4c:31:6f:e4:6a:f5:b8:97:38:c6:c7:2e:13:c1:01:85:d0:
         04:1e:a8:58:25:23:fa:16:66:c8:27:40:af:f7:3e:88:77:65:
         63:38:48:61:a6:a1:80:7c:d8:09:e2:52:92:e9:e5:b7:5f:36:
         2b:83:ca:71:61:d9:80:d4:32:f9:fe:36:ab:36:30:64:42:9f:
         84:c8:69:45:31:05:d8:9e:aa:c6:b9:07:f1:f4:22:a1:7d:eb:
         c6:d0:99:e1:88:65:99:90:5a:cf:66:35:d5:68:c2:3e:4c:b7:
         4b:c2:6a:89:d9:b0:6b:0f:1e:6a:f7:2f:7d:a7:88:40:1e:21:
         f3:7b:bf:47:39:a9:dc:bc:4a:42:1f:a9:08:bf:b4:72:84:e4:
         51:9a:ac:b3
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUQ5
RTk3QjAwRDJFMTVDNDFBRTcwNzE3MzIwMThDMkIxMzdFNTNBMTAeFw0yMTA5Mjkw
MjQwMzFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDc1QjNGNzgyNDVDRUJB
QkExMDlFMEY3RDc2ODYxQTczMzNEREUwQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCP/k381PBp9YBSqlgdUOgVc1Kf1FnhBSuMQ/rXuy2A7RKr0Ic
vCMswNNv8S0hA9u2jYBfMwAVNLejfjdzybVyjj0B4wTIVRe0zTj4Cn7vHx+9DoV+
Uo5ahLLvdsglZkTlFodvKurb+y7G0HVaw94i///MFVyn0YcxIP/vAenoYFgPhO/m
+1hdMGLEeOVnEyADb+ILeVs3m401pOUqvmg/l3rxkf5Z733bc/0+IeOdp/vKJHG4
by6Jmv9DgjQSCIvP113FJlEP1bxSaoXQmZzqerYG9FHoIyFWs0bm7KQ9Hsd/d6vJ
VYVtsjG391UqhcudF3HuCLFF19vDaPuyvdlBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUdbP3gkXOuroQng99doYaczPd4KYwHwYDVR0jBBgwFoAUnZ6XsA0uFcQa5wcX
MgGMKxN+U6EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUtZL25a
NlhzQTB1RmNRYTV3Y1hNZ0dNS3hOLVU2RS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
blo2WHNBMHVGY1FhNXdjWE1nR01LeE4tVTZFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTUtZL2RiUDNna1hPdXJvUW5nOTlkb1lhY3pQ
ZDRLWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXTTAAwDQYJ
KoZIhvcNAQELBQADggEBAEKJ7lfUyaLu1YcjwKmN4E4IWgg6x21CjU6q5TuiYcDt
hEkp/sOa9TCDNRUhpvTChRTfQZRb07Joi70TSc5W6sN1wqicH+pqyGldRxaEpe3t
PHIOKj151H3SJFmazAyU4xuAlOoo3vDEpt0gQVZMMW/kavW4lzjGxy4TwQGF0AQe
qFglI/oWZsgnQK/3Poh3ZWM4SGGmoYB82AniUpLp5bdfNiuDynFh2YDUMvn+Nqs2
MGRCn4TIaUUxBdieqsa5B/H0IqF968bQmeGIZZmQWs9mNdVowj5Mt0vCaonZsGsP
Hmr3L32niEAeIfN7v0c5qdy8SkIfqQi/tHKE5FGarLM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:11 2024 by rpki-client on console-ams.rpki-client.org