Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/v9xn589T214x0MSXzLr2YW2K1mA.roa
File:                     v9xn589T214x0MSXzLr2YW2K1mA.roa (raw, json)
Hash identifier:          IowgVOK85cTt5MhlOS2vFsAsMicx/sjkY5tfusSCVT4=
Subject key identifier:   BF:DC:67:E7:CF:53:DB:5E:31:D0:C4:97:CC:BA:F6:61:6D:8A:D6:60
Certificate issuer:       /CN=F5A44B5E078865BAEF9351369D961D6BA2556D47
Certificate serial:       17
Authority key identifier: F5:A4:4B:5E:07:88:65:BA:EF:93:51:36:9D:96:1D:6B:A2:55:6D:47
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/9aRLXgeIZbrvk1E2nZYda6JVbUc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/v9xn589T214x0MSXzLr2YW2K1mA.roa
Signing time:             Tue 09 May 2023 03:08:38 +0000
ROA not before:           Tue 09 May 2023 03:08:38 +0000
ROA not after:            Wed 10 Apr 2024 15:30:09 +0000
asID:                     8075
IP address blocks:        103.131.149.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23 (0x17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F5A44B5E078865BAEF9351369D961D6BA2556D47
        Validity
            Not Before: May  9 03:08:38 2023 GMT
            Not After : Apr 10 15:30:09 2024 GMT
        Subject: CN=BFDC67E7CF53DB5E31D0C497CCBAF6616D8AD660
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:70:4b:78:45:6a:b5:8b:76:69:0d:72:ff:9b:
                    ae:a6:d6:e6:f3:36:a6:62:d6:49:48:fd:21:01:d7:
                    ff:b0:3e:07:d9:9d:7d:ea:9e:88:96:9a:99:89:a5:
                    5d:19:a5:7f:14:76:d2:c1:9e:8f:c5:92:25:3c:bf:
                    86:01:01:82:b7:89:05:1c:72:d8:dc:62:e5:a5:bd:
                    e5:43:85:cf:95:6d:59:d8:83:7f:0d:5c:21:99:ba:
                    fb:e9:2d:e7:80:fe:fd:ec:47:b5:84:78:2e:fe:50:
                    50:33:6f:d7:16:0e:1f:18:02:8e:74:b4:82:de:c2:
                    43:ce:9b:17:29:96:92:4b:65:eb:b3:2a:22:b1:a9:
                    3a:6c:4a:30:69:03:86:be:fc:98:a6:08:ae:20:fb:
                    91:39:eb:21:e8:00:4e:97:db:7d:cb:65:cc:71:92:
                    7f:eb:b5:6c:52:bc:72:29:ad:16:aa:df:34:82:41:
                    5e:d8:5c:6d:5f:31:1a:97:32:23:e9:fa:9f:a4:16:
                    30:91:0f:7f:3b:84:bc:15:d9:d0:03:24:9f:8e:34:
                    0c:60:11:dc:a3:d7:09:41:4b:dc:27:44:f6:86:5c:
                    f7:91:b5:b9:a2:13:cc:a0:6d:6f:5b:d4:58:a9:8a:
                    eb:3f:8c:c0:d1:ea:a4:77:9c:90:9c:b6:fd:82:59:
                    11:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:DC:67:E7:CF:53:DB:5E:31:D0:C4:97:CC:BA:F6:61:6D:8A:D6:60
            X509v3 Authority Key Identifier:
                keyid:F5:A4:4B:5E:07:88:65:BA:EF:93:51:36:9D:96:1D:6B:A2:55:6D:47

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/9aRLXgeIZbrvk1E2nZYda6JVbUc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/9aRLXgeIZbrvk1E2nZYda6JVbUc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/v9xn589T214x0MSXzLr2YW2K1mA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.131.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:53:c0:8b:f2:92:f9:d4:d7:fa:9a:69:19:91:8d:16:74:ec:
         06:b7:e0:db:88:a8:b5:ed:d9:75:02:e6:b2:26:c7:04:17:ca:
         20:c6:e2:16:9d:b7:41:61:df:86:82:4b:2b:0e:17:a6:29:e3:
         37:d6:e9:59:16:4d:79:a9:72:78:c2:b1:62:0a:8a:d2:30:59:
         79:25:0b:20:8e:a1:cb:0e:7d:67:c5:67:28:46:29:3d:99:a3:
         c0:60:96:72:7c:71:c6:ba:0f:f3:90:55:a8:dc:0b:8d:90:5c:
         a6:8c:51:77:cd:d0:5a:4a:30:8d:0e:db:8b:ef:06:4a:df:e6:
         6d:a9:52:ff:7f:04:a0:df:2f:b8:6a:e8:87:7a:5c:a3:eb:dc:
         f6:09:cc:93:7d:f0:9a:c7:d7:65:83:14:34:94:98:4d:a7:a4:
         84:d1:d3:a0:03:91:2c:42:3f:cd:e0:fc:b5:b7:aa:60:00:25:
         93:3d:9a:dd:40:08:81:bd:b4:26:53:d5:c8:35:56:39:5f:93:
         a8:07:e0:e5:7b:3f:f9:ec:5f:13:75:a2:ef:62:e0:8d:69:b6:
         e0:ce:ef:f5:9d:6a:38:79:46:73:8b:ae:37:ad:69:6c:d2:65:
         d7:38:09:32:2e:25:c3:f9:23:a4:3b:d1:60:c3:b6:1a:7c:eb:
         6a:19:af:88
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGNUE0
NEI1RTA3ODg2NUJBRUY5MzUxMzY5RDk2MUQ2QkEyNTU2RDQ3MB4XDTIzMDUwOTAz
MDgzOFoXDTI0MDQxMDE1MzAwOVowMzExMC8GA1UEAxMoQkZEQzY3RTdDRjUzREI1
RTMxRDBDNDk3Q0NCQUY2NjE2RDhBRDY2MDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK1wS3hFarWLdmkNcv+brqbW5vM2pmLWSUj9IQHX/7A+B9mdfeqe
iJaamYmlXRmlfxR20sGej8WSJTy/hgEBgreJBRxy2Nxi5aW95UOFz5VtWdiDfw1c
IZm6++kt54D+/exHtYR4Lv5QUDNv1xYOHxgCjnS0gt7CQ86bFymWkktl67MqIrGp
OmxKMGkDhr78mKYIriD7kTnrIegATpfbfctlzHGSf+u1bFK8cimtFqrfNIJBXthc
bV8xGpcyI+n6n6QWMJEPfzuEvBXZ0AMkn440DGAR3KPXCUFL3CdE9oZc95G1uaIT
zKBtb1vUWKmK6z+MwNHqpHeckJy2/YJZETECAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBS/3Gfnz1PbXjHQxJfMuvZhbYrWYDAfBgNVHSMEGDAWgBT1pEteB4hluu+TUTad
lh1rolVtRzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GA1UdHwRYMFYwVKBS
oFCGTnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9PTkVERUdS
RUUvOWFSTFhnZUlaYnJ2azFFMm5aWWRhNkpWYlVjLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS85YVJMWGdlSVpicnZrMUUyblpZZGE2SlZiVWMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnwYIKwYBBQUHAQsEgZIwgY8wWgYIKwYBBQUHMAuGTnJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9PTkVERUdSRUUvdjl4bjU4OVQyMTR4
ME1TWHpMcjJZVzJLMW1BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3
bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGeDlTANBgkqhkiG9w0BAQsFAAOCAQEALVPAi/KS+dTX+pppGZGNFnTsBrfg
24iote3ZdQLmsibHBBfKIMbiFp23QWHfhoJLKw4XpinjN9bpWRZNealyeMKxYgqK
0jBZeSULII6hyw59Z8VnKEYpPZmjwGCWcnxxxroP85BVqNwLjZBcpoxRd83QWkow
jQ7bi+8GSt/mbalS/38EoN8vuGroh3pco+vc9gnMk33wmsfXZYMUNJSYTaekhNHT
oAORLEI/zeD8tbeqYAAlkz2a3UAIgb20JlPVyDVWOV+TqAfg5Xs/+exfE3Wi72Lg
jWm24M7v9Z1qOHlGc4uuN61pbNJl1zgJMi4lw/kjpDvRYMO2GnzrahmviA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org