Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/R7F3bIUlsM2LAwxW6T7hIESHwVU.roa
File:                     R7F3bIUlsM2LAwxW6T7hIESHwVU.roa (raw, json)
Hash identifier:          YV4ftb0jamQ5kxfd7frFTZ2+FQ+QX0DRdp+61yKYTL4=
Subject key identifier:   47:B1:77:6C:85:25:B0:CD:8B:03:0C:56:E9:3E:E1:20:44:87:C1:55
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/R7F3bIUlsM2LAwxW6T7hIESHwVU.roa
Signing time:             Thu 15 Sep 2022 02:42:26 +0000
ROA not before:           Thu 15 Sep 2022 02:42:26 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38843
IP address blocks:        223.27.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2985 (0xba9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Sep 15 02:42:26 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=47B1776C8525B0CD8B030C56E93EE1204487C155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:11:00:70:96:9e:ae:93:cd:8d:9b:bd:c1:41:
                    5b:d1:a1:cd:37:6d:8b:6b:e6:a6:32:7e:50:4c:36:
                    c6:c0:8b:fd:41:09:14:4b:8e:97:ee:0c:03:48:b9:
                    09:57:cf:4d:97:1e:a3:f6:ce:5c:fe:ed:e0:03:c0:
                    9a:e6:13:9d:9f:3f:fe:69:98:32:25:d7:3b:58:72:
                    a8:f2:b2:ed:68:92:ae:df:8a:5b:31:bf:b4:54:22:
                    53:74:d1:c2:6d:a0:42:99:9e:6c:8d:cd:bb:4a:42:
                    7a:a7:f8:a4:93:5b:f5:58:15:62:0d:33:b7:e2:18:
                    44:2a:96:9b:72:3f:de:32:dc:00:ff:78:27:55:8d:
                    82:4b:69:50:8e:cc:09:10:48:87:2f:b8:81:e5:24:
                    fa:3d:72:91:2b:21:65:79:52:f8:08:f0:08:ed:c2:
                    4a:33:49:b2:13:34:df:61:b6:92:44:91:7e:d2:06:
                    dc:16:2c:86:61:06:76:93:4e:89:01:0b:1a:7b:2f:
                    6a:38:9a:db:61:9d:0e:d7:db:1b:c2:27:b8:8f:36:
                    db:05:c3:93:ff:58:a7:01:1a:69:02:85:8e:6f:36:
                    97:56:04:09:55:08:4e:dd:e3:bd:f2:ec:cf:d4:ac:
                    5c:09:82:79:09:55:8d:6d:37:4a:83:51:13:8e:f9:
                    ba:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:B1:77:6C:85:25:B0:CD:8B:03:0C:56:E9:3E:E1:20:44:87:C1:55
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/R7F3bIUlsM2LAwxW6T7hIESHwVU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:79:9a:c2:47:8d:ef:47:b4:26:4f:f0:8f:80:00:e8:ac:07:
         09:c5:15:e1:4d:7d:39:5a:2b:2d:88:be:f4:dd:04:d1:3f:51:
         d8:18:b2:da:ed:3a:97:63:1f:9d:4a:de:57:9f:06:f8:cf:d2:
         5c:1c:71:18:49:bb:dd:3b:0e:f8:ac:9e:c9:61:55:a3:e1:ce:
         a5:50:bd:99:2a:57:74:f0:3c:9e:3f:2b:0f:4e:07:92:39:0a:
         06:9b:1f:41:bd:a2:58:45:15:49:06:43:0e:0a:1c:d8:a8:4e:
         d5:c6:b4:9b:24:34:10:f3:98:c2:d9:64:d0:6e:a6:0d:bf:6f:
         b7:4e:b2:26:64:c8:40:67:45:3a:13:64:fb:c7:54:9b:e0:7b:
         28:ef:74:9a:61:e4:0d:4c:68:20:1b:98:6e:7e:58:77:76:23:
         67:3c:fe:cf:e6:c8:66:e4:1d:15:bf:b5:1e:37:6d:74:e9:8d:
         05:31:9a:4e:bc:79:de:f4:42:09:34:ff:a0:f7:54:9c:7b:74:
         44:81:f9:50:cc:9f:05:c8:e0:20:bf:5b:53:4f:d0:01:c0:29:
         1a:89:4b:9f:09:3f:52:bb:28:0f:a4:07:3b:f8:01:d0:24:42:
         38:a0:1c:55:11:9d:86:78:46:68:a6:fd:34:bf:24:f7:11:5b:
         9e:06:ba:b5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMjZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQ3QjE3NzZDODUyNUIw
Q0Q4QjAzMEM1NkU5M0VFMTIwNDQ4N0MxNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXEQBwlp6uk82Nm73BQVvRoc03bYtr5qYyflBMNsbAi/1BCRRL
jpfuDANIuQlXz02XHqP2zlz+7eADwJrmE52fP/5pmDIl1ztYcqjysu1okq7filsx
v7RUIlN00cJtoEKZnmyNzbtKQnqn+KSTW/VYFWINM7fiGEQqlptyP94y3AD/eCdV
jYJLaVCOzAkQSIcvuIHlJPo9cpErIWV5UvgI8AjtwkozSbITNN9htpJEkX7SBtwW
LIZhBnaTTokBCxp7L2o4mtthnQ7X2xvCJ7iPNtsFw5P/WKcBGmkChY5vNpdWBAlV
CE7d473y7M/UrFwJgnkJVY1tN0qDUROO+boZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUR7F3bIUlsM2LAwxW6T7hIESHwVUwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUjdGM2JJVWxzTTJMQXd4VzZUN2hJ
RVNId1ZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bLzAN
BgkqhkiG9w0BAQsFAAOCAQEAsHmawkeN70e0Jk/wj4AA6KwHCcUV4U19OVorLYi+
9N0E0T9R2Biy2u06l2MfnUreV58G+M/SXBxxGEm73TsO+KyeyWFVo+HOpVC9mSpX
dPA8nj8rD04HkjkKBpsfQb2iWEUVSQZDDgoc2KhO1ca0myQ0EPOYwtlk0G6mDb9v
t06yJmTIQGdFOhNk+8dUm+B7KO90mmHkDUxoIBuYbn5Yd3YjZzz+z+bIZuQdFb+1
HjdtdOmNBTGaTrx53vRCCTT/oPdUnHt0RIH5UMyfBcjgIL9bU0/QAcApGolLnwk/
UrsoD6QHO/gB0CRCOKAcVRGdhnhGaKb9NL8k9xFbnga6tQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org