Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/mSZq-n4fANafXjseOXOkDwf1_pI.roa
File:                     mSZq-n4fANafXjseOXOkDwf1_pI.roa (raw, json)
Hash identifier:          azocMOmw7a1Ojh5BpGgKVUayNT9e81QgUGJa41aISEk=
Subject key identifier:   99:26:6A:FA:7E:1F:00:D6:9F:5E:3B:1E:39:73:A4:0F:07:F5:FE:92
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       0894
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/mSZq-n4fANafXjseOXOkDwf1_pI.roa
Signing time:             Fri 11 Dec 2020 08:52:41 +0000
ROA not before:           Fri 11 Dec 2020 08:52:41 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     198949
IP address blocks:        124.150.130.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2196 (0x894)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Dec 11 08:52:41 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=99266AFA7E1F00D69F5E3B1E3973A40F07F5FE92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a7:18:21:d9:2e:65:2a:7f:22:04:a0:b9:2a:
                    a3:72:e7:70:d0:32:37:a2:ca:db:0f:68:7f:a9:cd:
                    d4:06:ca:b8:b6:85:bb:6c:21:86:1f:db:53:58:46:
                    fe:7e:2e:3b:b1:38:fe:df:2a:ab:ff:16:1a:86:7e:
                    50:58:36:60:aa:86:f2:1c:fb:b3:a1:85:5b:14:81:
                    db:39:3b:6a:92:7f:6f:d6:fb:ba:30:9d:47:e6:37:
                    f5:04:e3:6e:8c:58:50:91:b0:8d:e7:9a:29:48:97:
                    d5:90:e4:cf:5d:34:9b:5a:e6:6b:d9:a3:e2:1d:7c:
                    d3:41:1c:b0:c8:2f:e6:fe:76:f1:1c:63:14:eb:68:
                    24:ef:50:68:31:cd:cb:60:29:98:57:53:64:e7:25:
                    de:7c:be:ae:fc:92:eb:8f:17:ee:82:29:0a:ca:63:
                    fc:3c:42:0b:71:09:ac:1d:39:d0:71:aa:94:d4:9c:
                    72:96:5e:74:03:11:a4:b0:61:e0:a7:8b:0c:75:11:
                    98:8c:ac:d7:aa:8b:af:e5:68:57:89:12:1c:a7:8f:
                    cf:16:35:4d:d4:ce:1b:00:28:98:4f:8a:b2:37:02:
                    a8:87:ac:f7:00:bc:00:cf:41:07:25:56:0d:05:6b:
                    69:39:e6:83:50:dc:e6:54:77:a8:b8:bf:ed:b2:56:
                    7d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:26:6A:FA:7E:1F:00:D6:9F:5E:3B:1E:39:73:A4:0F:07:F5:FE:92
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/mSZq-n4fANafXjseOXOkDwf1_pI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.150.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:7d:b0:61:e1:91:ad:0e:0b:28:60:42:62:8c:11:00:81:5d:
         2f:65:59:13:a8:0f:cd:67:83:94:34:3b:90:97:23:de:b5:54:
         7e:32:e3:cc:71:8a:89:14:a8:c4:40:3b:91:e2:bf:2b:45:eb:
         37:1f:69:bd:5c:cf:91:fb:d2:67:5a:83:4f:63:fa:5c:08:4d:
         8b:e7:e0:65:32:e2:72:e2:68:97:36:7d:bb:4c:4b:46:25:b8:
         26:d3:90:3b:a0:db:b4:a3:86:d1:32:67:49:2c:bf:dc:0d:ae:
         aa:1d:4e:3f:94:15:0b:76:8f:56:39:a7:9b:67:e7:c7:dd:44:
         69:1b:17:18:f5:34:60:0e:9d:e0:15:2c:5d:3d:f0:dd:a8:fa:
         ef:1d:e0:b1:99:f0:1f:d1:42:c5:29:0b:3a:11:ac:6a:32:4f:
         07:cd:c3:25:02:5e:3f:01:97:95:4d:98:d1:9f:95:23:b0:76:
         37:6f:e7:b2:a5:b9:3a:b6:af:f0:8e:53:a4:4b:d5:00:ec:72:
         ff:2c:a8:ed:bf:f6:77:ff:2e:9e:99:ff:b4:df:98:cc:a9:4e:
         fb:fa:43:0b:80:da:e4:66:44:0a:6b:ed:d9:cc:7a:fd:c2:09:
         99:08:dc:a6:da:aa:fa:f6:5b:e5:3f:10:aa:ca:1a:56:f8:85:
         24:d9:f2:6d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMDEyMTEw
ODUyNDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDk5MjY2QUZBN0UxRjAw
RDY5RjVFM0IxRTM5NzNBNDBGMDdGNUZFOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDpxgh2S5lKn8iBKC5KqNy53DQMjeiytsPaH+pzdQGyri2hbts
IYYf21NYRv5+LjuxOP7fKqv/FhqGflBYNmCqhvIc+7OhhVsUgds5O2qSf2/W+7ow
nUfmN/UE426MWFCRsI3nmilIl9WQ5M9dNJta5mvZo+IdfNNBHLDIL+b+dvEcYxTr
aCTvUGgxzctgKZhXU2TnJd58vq78kuuPF+6CKQrKY/w8QgtxCawdOdBxqpTUnHKW
XnQDEaSwYeCniwx1EZiMrNeqi6/laFeJEhynj88WNU3UzhsAKJhPirI3AqiHrPcA
vADPQQclVg0Fa2k55oNQ3OZUd6i4v+2yVn3VAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUmSZq+n4fANafXjseOXOkDwf1/pIwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vbVNacS1uNGZBTmFmWGpzZU9YT2tE
d2YxX3BJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHyWgjAN
BgkqhkiG9w0BAQsFAAOCAQEAbH2wYeGRrQ4LKGBCYowRAIFdL2VZE6gPzWeDlDQ7
kJcj3rVUfjLjzHGKiRSoxEA7keK/K0XrNx9pvVzPkfvSZ1qDT2P6XAhNi+fgZTLi
cuJolzZ9u0xLRiW4JtOQO6DbtKOG0TJnSSy/3A2uqh1OP5QVC3aPVjmnm2fnx91E
aRsXGPU0YA6d4BUsXT3w3aj67x3gsZnwH9FCxSkLOhGsajJPB83DJQJePwGXlU2Y
0Z+VI7B2N2/nsqW5Orav8I5TpEvVAOxy/yyo7b/2d/8unpn/tN+YzKlO+/pDC4Da
5GZECmvt2cx6/cIJmQjcptqq+vZb5T8QqsoaVviFJNnybQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org