Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/JghEsWLnb8q2gmD9noLM5Iy4ObY.roa
File:                     JghEsWLnb8q2gmD9noLM5Iy4ObY.roa (raw, json)
Hash identifier:          HNPxK4C6D0L7T7etNn5bSrsqScEH0EafeVGQHRjtuy4=
Subject key identifier:   26:08:44:B1:62:E7:6F:CA:B6:82:60:FD:9E:82:CC:E4:8C:B8:39:B6
Certificate issuer:       /CN=8477B4B9FE729925D912C66D00B681DDA10A2A01
Certificate serial:       0773
Authority key identifier: 84:77:B4:B9:FE:72:99:25:D9:12:C6:6D:00:B6:81:DD:A1:0A:2A:01
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/hHe0uf5ymSXZEsZtALaB3aEKKgE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/JghEsWLnb8q2gmD9noLM5Iy4ObY.roa
Signing time:             Tue 29 Sep 2020 10:05:30 +0000
ROA not before:           Tue 29 Sep 2020 10:05:30 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131627
IP address blocks:        103.117.224.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1907 (0x773)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8477B4B9FE729925D912C66D00B681DDA10A2A01
        Validity
            Not Before: Sep 29 10:05:30 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=260844B162E76FCAB68260FD9E82CCE48CB839B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:cd:3a:a0:0a:57:c4:6f:d9:35:1c:84:5a:b6:
                    63:45:07:f8:64:b3:ec:10:0d:a6:a9:35:c9:7a:b3:
                    9e:ee:55:5a:eb:40:67:fa:e5:d9:79:0d:14:77:69:
                    d6:24:5a:63:1e:0c:29:df:a0:d4:df:6e:09:e1:1c:
                    28:32:bd:35:3b:d1:1c:09:e2:b6:ba:ff:7b:4d:5f:
                    e7:bf:8c:3b:7a:34:f7:ce:6e:4c:82:ba:00:20:1c:
                    03:17:c5:a8:24:38:69:57:a6:6d:77:14:e5:4d:92:
                    f8:3c:68:63:41:98:a0:ad:ea:a4:9f:e4:44:b5:f4:
                    2a:00:44:3d:eb:08:db:db:f2:b6:dd:25:3e:c1:bc:
                    b5:75:04:d0:ce:5c:6f:5e:b7:de:26:57:f5:b8:06:
                    72:58:e7:fc:69:89:ab:18:09:bf:8e:3f:39:45:1e:
                    76:dc:4b:13:ea:3d:da:45:9b:43:3b:91:95:f3:f5:
                    59:3e:30:0d:66:a9:7c:20:24:70:2c:3b:68:89:49:
                    cd:d7:96:6f:e8:24:4b:3a:5f:17:27:7f:fb:16:ef:
                    32:9f:d7:b4:13:bb:9c:03:73:e0:f5:0f:c4:08:e8:
                    b7:2a:3a:84:50:66:f7:f4:d7:dc:36:08:a7:d0:fb:
                    71:91:70:29:d8:0d:84:20:c1:c8:1b:d9:14:79:89:
                    e0:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:08:44:B1:62:E7:6F:CA:B6:82:60:FD:9E:82:CC:E4:8C:B8:39:B6
            X509v3 Authority Key Identifier:
                keyid:84:77:B4:B9:FE:72:99:25:D9:12:C6:6D:00:B6:81:DD:A1:0A:2A:01

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/hHe0uf5ymSXZEsZtALaB3aEKKgE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/hHe0uf5ymSXZEsZtALaB3aEKKgE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/JghEsWLnb8q2gmD9noLM5Iy4ObY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:b8:ff:1d:52:17:40:ba:51:36:4d:75:5b:e2:72:9a:0c:0d:
         9a:74:26:c9:0b:e0:22:bc:41:73:f4:7f:89:0a:07:67:4c:0f:
         58:dc:e9:a0:9c:2d:db:13:6f:ed:b3:63:6d:52:f9:df:4c:37:
         b1:bf:5a:08:3f:4b:5d:d6:78:49:47:4e:2c:d7:cd:c2:34:31:
         bd:9d:63:0e:a5:bd:9c:43:a2:00:9e:59:86:e8:e0:45:ab:2b:
         0e:e0:0c:8c:a2:7e:6f:8a:66:ba:0c:d7:f8:cc:42:bb:7c:1d:
         61:4a:9e:6d:ab:57:bf:96:c4:6e:0e:c8:d3:28:a4:40:1d:77:
         1b:4c:ec:87:89:d1:ab:81:fd:dd:a5:7f:32:d2:05:f6:b6:a5:
         f3:d7:c8:e9:f3:c9:7c:e6:c8:3d:3b:f2:2f:7e:42:af:90:16:
         21:5c:98:dd:4d:e3:8d:6f:f9:09:e4:33:0b:b8:02:68:c2:f7:
         de:eb:fa:3c:3a:a7:bf:fc:39:9d:90:7b:5a:6c:2e:f2:e2:28:
         72:0e:1f:65:ea:90:b1:9c:02:37:f8:cb:af:d8:a4:e6:df:83:
         64:66:35:5c:19:fd:10:b9:0f:e0:f6:8d:25:2a:c5:97:49:fd:
         c4:80:9e:71:c8:34:45:75:b8:bf:23:7f:c8:7d:ea:88:cd:16:
         44:7a:d4:b3
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICB3MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODQ3
N0I0QjlGRTcyOTkyNUQ5MTJDNjZEMDBCNjgxRERBMTBBMkEwMTAeFw0yMDA5Mjkx
MDA1MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI2MDg0NEIxNjJFNzZG
Q0FCNjgyNjBGRDlFODJDQ0U0OENCODM5QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJzTqgClfEb9k1HIRatmNFB/hks+wQDaapNcl6s57uVVrrQGf6
5dl5DRR3adYkWmMeDCnfoNTfbgnhHCgyvTU70RwJ4ra6/3tNX+e/jDt6NPfObkyC
ugAgHAMXxagkOGlXpm13FOVNkvg8aGNBmKCt6qSf5ES19CoARD3rCNvb8rbdJT7B
vLV1BNDOXG9et94mV/W4BnJY5/xpiasYCb+OPzlFHnbcSxPqPdpFm0M7kZXz9Vk+
MA1mqXwgJHAsO2iJSc3Xlm/oJEs6Xxcnf/sW7zKf17QTu5wDc+D1D8QI6LcqOoRQ
Zvf019w2CKfQ+3GRcCnYDYQgwcgb2RR5ieDXAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUJghEsWLnb8q2gmD9noLM5Iy4ObYwHwYDVR0jBBgwFoAUhHe0uf5ymSXZEsZt
ALaB3aEKKgEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUEVJQ0lU
WTI2MC9oSGUwdWY1eW1TWFpFc1p0QUxhQjNhRUtLZ0UuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL2hIZTB1ZjV5bVNYWkVzWnRBTGFCM2FFS0tnRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BFSUNJVFkyNjAvSmdoRXNXTG5i
OHEyZ21EOW5vTE01SXk0T2JZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAmd14DANBgkqhkiG9w0BAQsFAAOCAQEAh7j/HVIXQLpRNk11W+JymgwN
mnQmyQvgIrxBc/R/iQoHZ0wPWNzpoJwt2xNv7bNjbVL530w3sb9aCD9LXdZ4SUdO
LNfNwjQxvZ1jDqW9nEOiAJ5ZhujgRasrDuAMjKJ+b4pmugzX+MxCu3wdYUqebatX
v5bEbg7I0yikQB13G0zsh4nRq4H93aV/MtIF9ral89fI6fPJfObIPTvyL35Cr5AW
IVyY3U3jjW/5CeQzC7gCaML33uv6PDqnv/w5nZB7Wmwu8uIocg4fZeqQsZwCN/jL
r9ik5t+DZGY1XBn9ELkP4PaNJSrFl0n9xICeccg0RXW4vyN/yH3qiM0WRHrUsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org