Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/dukDbtekrzqB_5u6MZ2oEl-6Hlw.roa
File:                     dukDbtekrzqB_5u6MZ2oEl-6Hlw.roa (raw, json)
Hash identifier:          hUX9cfCdlffb1jnVpiAY1UuKzROgewry6eTbfGAXxlg=
Subject key identifier:   76:E9:03:6E:D7:A4:AF:3A:81:FF:9B:BA:31:9D:A8:12:5F:BA:1E:5C
Certificate issuer:       /CN=8477B4B9FE729925D912C66D00B681DDA10A2A01
Certificate serial:       08AD
Authority key identifier: 84:77:B4:B9:FE:72:99:25:D9:12:C6:6D:00:B6:81:DD:A1:0A:2A:01
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/hHe0uf5ymSXZEsZtALaB3aEKKgE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/dukDbtekrzqB_5u6MZ2oEl-6Hlw.roa
Signing time:             Fri 29 Jan 2021 07:24:27 +0000
ROA not before:           Fri 29 Jan 2021 07:24:27 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131627
IP address blocks:        103.117.224.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2221 (0x8ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8477B4B9FE729925D912C66D00B681DDA10A2A01
        Validity
            Not Before: Jan 29 07:24:27 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=76E9036ED7A4AF3A81FF9BBA319DA8125FBA1E5C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:32:de:07:b3:bf:27:a9:3f:e0:f9:72:f0:6a:
                    b8:31:69:10:8e:45:7b:24:66:32:10:35:44:a2:ea:
                    80:0d:b3:d5:8f:af:22:fb:eb:a0:30:fc:8d:83:55:
                    25:c3:28:76:f9:f2:ed:7b:5d:87:76:5b:29:d3:7a:
                    35:5b:72:94:50:6b:c6:89:61:64:ae:b9:1f:fa:97:
                    70:66:62:da:91:64:c0:ad:d0:ba:d3:99:1f:13:c1:
                    e3:fa:0b:1e:ad:32:f8:c7:aa:32:75:8b:15:12:88:
                    12:7e:28:9d:7e:96:60:9e:75:77:c6:84:6c:6a:e1:
                    01:62:d5:69:78:57:bc:48:35:47:81:4a:a8:7a:72:
                    d9:68:5b:30:c2:0e:47:7a:b9:3b:95:6e:11:1f:50:
                    0f:df:06:b8:57:d2:f7:a4:03:78:63:e9:53:ed:fc:
                    be:f3:59:63:39:03:fd:6e:7f:d5:94:8e:ed:64:88:
                    87:71:48:11:fd:57:d5:7d:65:94:cd:3c:15:29:90:
                    0f:9f:df:67:6a:cf:8b:4f:e0:2f:3e:33:20:e1:96:
                    d4:9a:da:41:98:3f:ab:17:11:05:42:a5:05:df:68:
                    a7:41:0c:ed:e6:2a:68:ea:90:1a:02:3f:a8:48:03:
                    92:25:02:59:ce:c9:2a:e3:7e:32:3e:32:ef:a4:b4:
                    78:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:E9:03:6E:D7:A4:AF:3A:81:FF:9B:BA:31:9D:A8:12:5F:BA:1E:5C
            X509v3 Authority Key Identifier:
                keyid:84:77:B4:B9:FE:72:99:25:D9:12:C6:6D:00:B6:81:DD:A1:0A:2A:01

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/hHe0uf5ymSXZEsZtALaB3aEKKgE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/hHe0uf5ymSXZEsZtALaB3aEKKgE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/dukDbtekrzqB_5u6MZ2oEl-6Hlw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:30:80:92:58:80:fe:9f:50:34:0b:6b:21:7e:29:10:48:36:
         9d:6e:1b:44:4d:48:88:42:d5:a4:16:16:03:c5:9a:0c:57:a6:
         e0:93:b1:66:7b:d7:e2:25:7c:5d:6e:b8:76:2f:30:6b:48:84:
         31:9d:3b:b4:62:5a:fd:c2:68:08:40:a7:ea:07:93:12:06:24:
         ae:5f:80:99:d4:57:fa:73:6c:7a:bc:36:6b:64:32:c7:23:68:
         4f:73:d6:39:f6:58:a6:bf:bc:64:6e:56:f4:a3:0b:ab:d9:61:
         42:ff:29:74:ae:97:d1:cb:a9:de:a2:da:55:f4:7b:c2:98:bd:
         f9:08:b5:ba:8f:4a:78:a8:1d:fb:5b:db:e7:38:72:da:c9:af:
         64:53:c1:c9:84:eb:cf:3e:a0:29:cd:f1:4a:dd:d8:e2:39:3b:
         6b:bc:5a:a6:cf:86:7a:0e:7a:f0:fd:03:51:9d:b8:37:3a:19:
         c6:84:81:ac:f3:33:90:8f:53:5a:f8:a7:30:83:03:60:6b:2a:
         8c:ab:f9:5d:da:e1:bc:00:75:67:5e:90:7f:ae:10:40:ec:ca:
         4d:e8:e7:a7:c1:c9:41:8f:f2:48:e2:4e:14:bd:42:a9:fc:f6:
         d1:00:b4:ea:72:bf:98:2c:71:bb:4c:d0:d3:94:8e:36:8c:b2:
         d4:cf:ba:50
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICCK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODQ3
N0I0QjlGRTcyOTkyNUQ5MTJDNjZEMDBCNjgxRERBMTBBMkEwMTAeFw0yMTAxMjkw
NzI0MjdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDc2RTkwMzZFRDdBNEFG
M0E4MUZGOUJCQTMxOURBODEyNUZCQTFFNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Mt4Hs78nqT/g+XLwargxaRCORXskZjIQNUSi6oANs9WPryL7
66Aw/I2DVSXDKHb58u17XYd2WynTejVbcpRQa8aJYWSuuR/6l3BmYtqRZMCt0LrT
mR8TweP6Cx6tMvjHqjJ1ixUSiBJ+KJ1+lmCedXfGhGxq4QFi1Wl4V7xINUeBSqh6
ctloWzDCDkd6uTuVbhEfUA/fBrhX0vekA3hj6VPt/L7zWWM5A/1uf9WUju1kiIdx
SBH9V9V9ZZTNPBUpkA+f32dqz4tP4C8+MyDhltSa2kGYP6sXEQVCpQXfaKdBDO3m
KmjqkBoCP6hIA5IlAlnOySrjfjI+Mu+ktHhFAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUdukDbtekrzqB/5u6MZ2oEl+6HlwwHwYDVR0jBBgwFoAUhHe0uf5ymSXZEsZt
ALaB3aEKKgEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUEVJQ0lU
WTI2MC9oSGUwdWY1eW1TWFpFc1p0QUxhQjNhRUtLZ0UuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL2hIZTB1ZjV5bVNYWkVzWnRBTGFCM2FFS0tnRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BFSUNJVFkyNjAvZHVrRGJ0ZWty
enFCXzV1Nk1aMm9FbC02SGx3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAmd14DANBgkqhkiG9w0BAQsFAAOCAQEAnjCAkliA/p9QNAtrIX4pEEg2
nW4bRE1IiELVpBYWA8WaDFem4JOxZnvX4iV8XW64di8wa0iEMZ07tGJa/cJoCECn
6geTEgYkrl+AmdRX+nNserw2a2QyxyNoT3PWOfZYpr+8ZG5W9KMLq9lhQv8pdK6X
0cup3qLaVfR7wpi9+Qi1uo9KeKgd+1vb5zhy2smvZFPByYTrzz6gKc3xSt3Y4jk7
a7xaps+Geg568P0DUZ24NzoZxoSBrPMzkI9TWvinMIMDYGsqjKv5XdrhvAB1Z16Q
f64QQOzKTejnp8HJQY/ySOJOFL1Cqfz20QC06nK/mCxxu0zQ05SONoyy1M+6UA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org