Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NORDATW/t7ND7EZGcTQTeN6jTLknRVEw6B0.roa
File:                     t7ND7EZGcTQTeN6jTLknRVEw6B0.roa (raw, json)
Hash identifier:          YZRYYlQU7II6o3PoLLI4/PS+LKCNxm32HXL6RIHPW/8=
Subject key identifier:   B7:B3:43:EC:46:46:71:34:13:78:DE:A3:4C:B9:27:45:51:30:E8:1D
Certificate issuer:       /CN=159D5F897276F0DEC857E7E2DEDD649876E8A482
Certificate serial:       0A55
Authority key identifier: 15:9D:5F:89:72:76:F0:DE:C8:57:E7:E2:DE:DD:64:98:76:E8:A4:82
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/t7ND7EZGcTQTeN6jTLknRVEw6B0.roa
Signing time:             Sun 07 Feb 2021 13:04:00 +0000
ROA not before:           Sun 07 Feb 2021 13:04:00 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131618
IP address blocks:        103.138.194.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2645 (0xa55)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=159D5F897276F0DEC857E7E2DEDD649876E8A482
        Validity
            Not Before: Feb  7 13:04:00 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=B7B343EC464671341378DEA34CB927455130E81D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c6:c4:36:de:5e:11:ac:b4:d0:96:86:1a:32:
                    9a:86:0a:5c:c5:7b:d2:ba:a8:40:7b:ab:6a:70:db:
                    ae:01:c2:a0:3f:27:b8:ec:84:77:fa:ad:5f:c5:3f:
                    c0:4a:c8:bb:55:bc:45:5b:19:3b:66:24:b4:b2:e6:
                    44:4f:c5:62:9e:95:4f:ab:6c:d7:1f:6c:67:89:e6:
                    d5:5b:4d:fc:62:0b:ab:cb:ab:83:1d:77:7a:da:40:
                    78:18:58:aa:7e:46:8d:ae:89:6a:1c:ad:f2:b5:48:
                    ac:4d:e5:b1:c3:be:bb:5c:74:7d:95:6c:0b:7b:01:
                    4b:a8:89:53:3a:78:31:11:38:b2:70:5b:b3:45:54:
                    0a:38:4d:1b:43:ed:71:df:93:99:77:f9:12:e8:df:
                    12:a7:67:05:29:13:8a:61:13:16:3a:ed:96:24:3d:
                    ab:58:28:ba:e9:47:3f:96:ec:f7:5e:e2:74:28:a4:
                    77:28:0f:aa:ca:02:41:e1:8b:e6:10:7f:9e:01:1d:
                    89:80:20:c5:20:a0:0e:33:24:df:c3:4f:ee:c6:e3:
                    d5:4a:87:c0:1c:26:38:b5:74:55:eb:e8:28:f1:50:
                    a7:bc:bd:dd:6a:9c:38:67:09:c3:7f:d5:ee:4f:68:
                    c5:64:2b:05:8a:ff:d4:dc:44:a2:55:a6:58:1e:96:
                    70:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:B3:43:EC:46:46:71:34:13:78:DE:A3:4C:B9:27:45:51:30:E8:1D
            X509v3 Authority Key Identifier:
                keyid:15:9D:5F:89:72:76:F0:DE:C8:57:E7:E2:DE:DD:64:98:76:E8:A4:82

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/t7ND7EZGcTQTeN6jTLknRVEw6B0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.194.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:93:bf:64:b6:c6:a6:65:03:91:3d:4e:8e:bf:12:18:19:20:
         df:b9:4e:d8:b3:b3:61:71:08:3e:48:d7:9d:91:64:e9:a9:71:
         54:2e:e9:28:88:81:97:bd:55:c8:b4:da:a0:af:09:75:5a:2a:
         d0:8a:e0:eb:51:99:1a:88:7b:22:90:d8:2e:ce:6b:f9:af:c9:
         37:c1:51:4a:49:fb:8d:47:88:59:92:81:38:73:81:0a:cf:4e:
         1e:c2:0b:b6:36:53:0c:ff:d8:11:47:40:a5:1f:fb:8c:d8:8d:
         bd:3b:16:d9:9b:74:79:fa:4a:f3:63:01:01:76:a1:44:53:e2:
         4c:66:eb:99:9b:eb:ac:fa:36:11:78:ce:78:00:f4:88:14:8a:
         9d:b4:62:1a:3a:a2:8c:68:b5:bd:ab:aa:35:71:5f:6c:00:9b:
         95:00:44:56:7d:ea:34:ac:24:c5:92:48:03:ee:5b:0c:f4:10:
         fa:7b:41:66:72:1c:2d:d3:76:ff:14:68:29:ff:47:87:85:83:
         7c:2e:5b:19:f8:04:60:b5:09:88:e1:4e:de:25:06:72:d6:e1:
         79:fc:b5:cf:1d:88:47:c9:4d:b5:82:53:ce:85:56:ce:5b:0f:
         19:ea:81:83:d9:3f:62:02:1d:0b:e2:8f:8d:98:dc:2b:5c:33:
         1d:39:67:ac
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICClUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTU5
RDVGODk3Mjc2RjBERUM4NTdFN0UyREVERDY0OTg3NkU4QTQ4MjAeFw0yMTAyMDcx
MzA0MDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEI3QjM0M0VDNDY0Njcx
MzQxMzc4REVBMzRDQjkyNzQ1NTEzMEU4MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWxsQ23l4RrLTQloYaMpqGClzFe9K6qEB7q2pw264BwqA/J7js
hHf6rV/FP8BKyLtVvEVbGTtmJLSy5kRPxWKelU+rbNcfbGeJ5tVbTfxiC6vLq4Md
d3raQHgYWKp+Ro2uiWocrfK1SKxN5bHDvrtcdH2VbAt7AUuoiVM6eDEROLJwW7NF
VAo4TRtD7XHfk5l3+RLo3xKnZwUpE4phExY67ZYkPatYKLrpRz+W7Pde4nQopHco
D6rKAkHhi+YQf54BHYmAIMUgoA4zJN/DT+7G49VKh8AcJji1dFXr6CjxUKe8vd1q
nDhnCcN/1e5PaMVkKwWK/9TcRKJVplgelnDTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUt7ND7EZGcTQTeN6jTLknRVEw6B0wHwYDVR0jBBgwFoAUFZ1fiXJ28N7IV+fi
3t1kmHbopIIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTk9SREFU
Vy9GWjFmaVhKMjhON0lWLWZpM3Qxa21IYm9wSUkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0ZaMWZpWEoyOE43SVYtZmkzdDFrbUhib3BJSS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05PUkRBVFcvdDdORDdFWkdjVFFUZU42
alRMa25SVkV3NkIwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWeKwjANBgkqhkiG9w0BAQsFAAOCAQEAspO/ZLbGpmUDkT1Ojr8SGBkg37lO2LOz
YXEIPkjXnZFk6alxVC7pKIiBl71VyLTaoK8JdVoq0Irg61GZGoh7IpDYLs5r+a/J
N8FRSkn7jUeIWZKBOHOBCs9OHsILtjZTDP/YEUdApR/7jNiNvTsW2Zt0efpK82MB
AXahRFPiTGbrmZvrrPo2EXjOeAD0iBSKnbRiGjqijGi1vauqNXFfbACblQBEVn3q
NKwkxZJIA+5bDPQQ+ntBZnIcLdN2/xRoKf9Hh4WDfC5bGfgEYLUJiOFO3iUGctbh
efy1zx2IR8lNtYJTzoVWzlsPGeqBg9k/YgIdC+KPjZjcK1wzHTlnrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org