Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/O6ogrO2JPOB5OqwkqOGYQrtPt7M.roa
File:                     O6ogrO2JPOB5OqwkqOGYQrtPt7M.roa (raw, json)
Hash identifier:          sMUfe/IzyLrsthRlWPgBL0L4+DMwciwdMdgG4mFGVoI=
Subject key identifier:   3B:AA:20:AC:ED:89:3C:E0:79:3A:AC:24:A8:E1:98:42:BB:4F:B7:B3
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       0776
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/O6ogrO2JPOB5OqwkqOGYQrtPt7M.roa
Signing time:             Tue 29 Sep 2020 09:51:40 +0000
ROA not before:           Tue 29 Sep 2020 09:51:40 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38843
IP address blocks:        103.20.40.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1910 (0x776)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Sep 29 09:51:40 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=3BAA20ACED893CE0793AAC24A8E19842BB4FB7B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ae:61:46:b9:44:2a:21:ba:56:fd:65:6b:19:
                    a3:d4:2e:ed:29:99:4a:08:1c:c9:ab:33:8e:32:03:
                    04:00:e4:ef:5e:f2:d1:03:aa:aa:66:f7:42:fd:08:
                    cf:75:09:45:2b:c7:a1:85:c8:ea:a5:08:0d:54:34:
                    ac:d7:14:19:e7:1f:6a:94:70:7f:27:33:12:03:26:
                    d7:0c:9b:72:42:07:de:01:2e:f9:17:85:dd:29:6b:
                    3b:49:99:6c:8d:01:eb:53:51:f5:10:69:f3:72:98:
                    d2:f8:01:a6:a3:bd:68:9a:fb:0f:6d:a1:40:da:07:
                    83:9f:a6:0d:11:cc:74:73:4d:01:3f:d2:f9:3f:b8:
                    5a:eb:31:44:27:a6:ad:a7:52:25:a6:95:82:c1:20:
                    39:b0:f4:08:15:b0:b5:85:77:c8:d8:fc:87:80:be:
                    97:53:3b:9d:8d:0b:18:58:72:c2:a3:4f:a5:9f:55:
                    fb:41:4c:43:46:f9:05:48:f9:05:77:dc:36:5a:0a:
                    d1:af:c5:9e:2a:3b:c7:29:69:e0:48:fa:a5:75:12:
                    c7:61:6e:4e:c5:23:7e:ad:53:5d:3c:63:89:1e:69:
                    d8:6c:c7:fd:56:b4:d0:58:c6:0d:63:f0:79:26:5d:
                    9b:c4:16:eb:5c:a2:9e:18:a8:57:03:37:4d:05:7b:
                    fa:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:AA:20:AC:ED:89:3C:E0:79:3A:AC:24:A8:E1:98:42:BB:4F:B7:B3
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/O6ogrO2JPOB5OqwkqOGYQrtPt7M.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.20.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:d8:b2:b8:71:25:80:0b:5c:83:0e:d8:2a:c3:15:42:ce:2d:
         f1:4e:fe:e5:6c:08:0b:c8:a7:46:23:b9:b0:a2:b9:37:2f:3b:
         a5:ea:60:b7:87:a9:4b:da:9c:d6:e9:00:65:bd:1b:a2:c3:66:
         f9:5a:d3:41:1f:aa:c9:d2:a2:a1:3a:2f:89:70:4b:31:26:cd:
         19:41:ed:9f:8c:84:86:5c:12:46:df:1c:e3:53:f8:03:f9:dc:
         f6:87:7b:28:5b:b3:96:6e:bf:d9:69:eb:3f:3f:0a:2a:eb:90:
         98:18:0a:2a:a9:aa:16:7d:48:17:c9:bf:47:d0:d7:4d:d1:62:
         c6:5c:a7:3f:24:06:9c:52:2f:89:39:a0:eb:e0:17:83:06:90:
         5f:3d:d8:f8:af:a3:56:d5:dc:69:b1:81:7b:3c:8e:5d:d2:7a:
         dc:cc:3a:b0:79:28:17:0c:af:4c:93:b4:5a:45:f2:b2:5c:13:
         61:07:31:bd:05:db:09:eb:5d:c4:1f:45:27:b4:ea:ad:6b:80:
         6b:70:ca:83:09:40:c4:19:4a:bc:af:6b:1b:dd:17:8b:eb:14:
         19:aa:3f:be:ef:0e:22:f6:a9:72:f3:51:ca:ff:c8:e4:b2:4b:
         04:09:fb:26:53:86:9b:68:2e:22:dc:9b:36:3a:c6:69:47:4b:
         34:30:8d:98
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICB3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDA5Mjkw
OTUxNDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNCQUEyMEFDRUQ4OTND
RTA3OTNBQUMyNEE4RTE5ODQyQkI0RkI3QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2rmFGuUQqIbpW/WVrGaPULu0pmUoIHMmrM44yAwQA5O9e8tED
qqpm90L9CM91CUUrx6GFyOqlCA1UNKzXFBnnH2qUcH8nMxIDJtcMm3JCB94BLvkX
hd0paztJmWyNAetTUfUQafNymNL4AaajvWia+w9toUDaB4Ofpg0RzHRzTQE/0vk/
uFrrMUQnpq2nUiWmlYLBIDmw9AgVsLWFd8jY/IeAvpdTO52NCxhYcsKjT6WfVftB
TENG+QVI+QV33DZaCtGvxZ4qO8cpaeBI+qV1Esdhbk7FI36tU108Y4keadhsx/1W
tNBYxg1j8HkmXZvEFutcop4YqFcDN00Fe/oRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUO6ogrO2JPOB5OqwkqOGYQrtPt7MwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vTzZvZ3JPMkpQT0I1T3F3a3FPR1lR
cnRQdDdNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmcUKDAN
BgkqhkiG9w0BAQsFAAOCAQEABNiyuHElgAtcgw7YKsMVQs4t8U7+5WwIC8inRiO5
sKK5Ny87pepgt4epS9qc1ukAZb0bosNm+VrTQR+qydKioToviXBLMSbNGUHtn4yE
hlwSRt8c41P4A/nc9od7KFuzlm6/2WnrPz8KKuuQmBgKKqmqFn1IF8m/R9DXTdFi
xlynPyQGnFIviTmg6+AXgwaQXz3Y+K+jVtXcabGBezyOXdJ63Mw6sHkoFwyvTJO0
WkXyslwTYQcxvQXbCetdxB9FJ7TqrWuAa3DKgwlAxBlKvK9rG90Xi+sUGao/vu8O
IvapcvNRyv/I5LJLBAn7JlOGm2guItybNjrGaUdLNDCNmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org