Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NARL/qdii7uafj4_E6RgJVmZwhtfgQ3s.roa
File:                     qdii7uafj4_E6RgJVmZwhtfgQ3s.roa (raw, json)
Hash identifier:          kxBdBc8sv+sx8drwQZyZQLds30mhtXdMxbbtGJ6+dbI=
Subject key identifier:   A9:D8:A2:EE:E6:9F:8F:8F:C4:E9:18:09:56:66:70:86:D7:E0:43:7B
Certificate issuer:       /CN=451EF9359A984F6A4CF91FE9004EAEB089A984C0
Certificate serial:       0A49
Authority key identifier: 45:1E:F9:35:9A:98:4F:6A:4C:F9:1F:E9:00:4E:AE:B0:89:A9:84:C0
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RR75NZqYT2pM-R_pAE6usImphMA.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/qdii7uafj4_E6RgJVmZwhtfgQ3s.roa
Signing time:             Thu 15 Sep 2022 02:50:24 +0000
ROA not before:           Thu 15 Sep 2022 02:50:24 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18426
IP address blocks:        203.145.192.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2633 (0xa49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=451EF9359A984F6A4CF91FE9004EAEB089A984C0
        Validity
            Not Before: Sep 15 02:50:24 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A9D8A2EEE69F8F8FC4E9180956667086D7E0437B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:03:0c:54:0c:63:87:a2:70:f4:c1:8d:d6:c7:
                    49:6e:ab:75:2b:1f:a2:b4:b4:5a:62:4e:43:c9:cc:
                    ff:99:00:da:1b:2d:30:73:31:2f:11:87:78:65:8d:
                    29:27:53:cb:de:48:0a:14:2d:f6:7c:c6:d1:2c:f6:
                    79:d3:5a:1a:6c:c6:93:60:82:45:9a:13:05:63:b3:
                    21:8e:7b:c2:bf:01:7c:02:d6:0c:d7:3a:85:53:40:
                    dc:a3:1b:df:7a:ca:a7:72:f1:14:f2:9c:04:19:44:
                    10:95:d0:80:e5:6d:70:08:14:7b:00:17:af:9e:a5:
                    02:88:b5:6f:e4:2c:1b:27:c9:b5:d0:eb:d6:6c:ad:
                    90:cc:7a:bc:6c:8e:f4:b0:40:6f:d3:38:16:2f:ef:
                    f8:7a:dd:a4:fa:41:39:4a:75:72:16:f9:99:4c:d2:
                    ab:a8:30:e2:3c:0e:8f:1c:16:a9:62:1c:e9:bf:71:
                    74:a0:66:83:3d:95:86:6b:6c:0d:ac:47:b8:c3:98:
                    42:ea:0e:91:39:6a:7f:86:a4:ca:71:8e:49:81:5a:
                    5e:08:7c:2f:81:7f:a7:e5:b9:8f:06:ff:6f:14:09:
                    ad:80:28:80:80:75:3c:a8:af:ce:fd:5f:12:67:61:
                    93:6c:c2:02:35:26:ae:98:47:3d:1d:73:e4:0c:42:
                    40:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:D8:A2:EE:E6:9F:8F:8F:C4:E9:18:09:56:66:70:86:D7:E0:43:7B
            X509v3 Authority Key Identifier:
                keyid:45:1E:F9:35:9A:98:4F:6A:4C:F9:1F:E9:00:4E:AE:B0:89:A9:84:C0

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/RR75NZqYT2pM-R_pAE6usImphMA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RR75NZqYT2pM-R_pAE6usImphMA.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/qdii7uafj4_E6RgJVmZwhtfgQ3s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.145.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6b:e8:01:67:75:de:cd:01:56:b1:17:80:8c:8d:09:01:f5:14:
         71:6a:8c:28:79:78:1a:fa:b0:f3:13:94:07:77:40:ff:bb:7e:
         c3:d7:00:2a:77:e8:37:a9:af:e9:d7:88:7f:72:23:46:49:45:
         ba:f4:26:67:22:fe:66:f8:04:5d:ee:e1:49:eb:9c:c0:13:eb:
         85:b2:90:20:1c:cc:7b:3f:13:d3:bb:0c:1f:f3:fa:11:b5:9b:
         34:45:e4:a4:9d:62:6c:d9:7c:19:f4:48:f8:e0:ab:f8:d1:26:
         b0:51:1d:79:58:2d:ce:9c:89:22:71:65:df:0c:ee:10:46:d5:
         8f:d0:17:1e:74:4a:ee:59:de:b9:db:72:c7:f0:c7:3a:0a:85:
         5d:b7:f8:53:4a:0a:14:a4:1f:5d:af:22:25:97:08:88:c2:d1:
         a8:da:3b:47:e0:7d:d7:d5:a0:f8:8f:6e:1f:29:5c:25:9e:e7:
         d9:fd:b4:09:66:b2:fc:65:23:1a:c8:21:65:72:97:bf:b0:94:
         5e:0d:97:f8:d9:6b:18:8c:40:73:93:c3:64:4c:b7:68:92:c3:
         62:cc:d3:8b:c6:da:4d:ab:86:06:77:42:1d:26:21:e4:13:cc:
         8f:8e:00:06:57:24:ea:a8:20:f2:de:dc:c4:49:05:b8:98:41:
         06:7f:b4:8d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDUx
RUY5MzU5QTk4NEY2QTRDRjkxRkU5MDA0RUFFQjA4OUE5ODRDMDAeFw0yMjA5MTUw
MjUwMjRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEE5RDhBMkVFRTY5RjhG
OEZDNEU5MTgwOTU2NjY3MDg2RDdFMDQzN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1AwxUDGOHonD0wY3Wx0luq3UrH6K0tFpiTkPJzP+ZANobLTBz
MS8Rh3hljSknU8veSAoULfZ8xtEs9nnTWhpsxpNggkWaEwVjsyGOe8K/AXwC1gzX
OoVTQNyjG996yqdy8RTynAQZRBCV0IDlbXAIFHsAF6+epQKItW/kLBsnybXQ69Zs
rZDMerxsjvSwQG/TOBYv7/h63aT6QTlKdXIW+ZlM0quoMOI8Do8cFqliHOm/cXSg
ZoM9lYZrbA2sR7jDmELqDpE5an+GpMpxjkmBWl4IfC+Bf6fluY8G/28UCa2AKICA
dTyor879XxJnYZNswgI1Jq6YRz0dc+QMQkDpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqdii7uafj4/E6RgJVmZwhtfgQ3swHwYDVR0jBBgwFoAURR75NZqYT2pM+R/p
AE6usImphMAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkFSTC9S
Ujc1TlpxWVQycE0tUl9wQUU2dXNJbXBoTUEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1JSNzVOWnFZVDJwTS1SX3BBRTZ1c0ltcGhNQS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05BUkwvcWRpaTd1YWZqNF9FNlJnSlZtWndo
dGZnUTNzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8uRwDAN
BgkqhkiG9w0BAQsFAAOCAQEAa+gBZ3XezQFWsReAjI0JAfUUcWqMKHl4Gvqw8xOU
B3dA/7t+w9cAKnfoN6mv6deIf3IjRklFuvQmZyL+ZvgEXe7hSeucwBPrhbKQIBzM
ez8T07sMH/P6EbWbNEXkpJ1ibNl8GfRI+OCr+NEmsFEdeVgtzpyJInFl3wzuEEbV
j9AXHnRK7lneudtyx/DHOgqFXbf4U0oKFKQfXa8iJZcIiMLRqNo7R+B919Wg+I9u
HylcJZ7n2f20CWay/GUjGsghZXKXv7CUXg2X+NlrGIxAc5PDZEy3aJLDYszTi8ba
TauGBndCHSYh5BPMj44ABlck6qgg8t7cxEkFuJhBBn+0jQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org