Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/xB5iSlFceyskRrofEK8rQQPFlp8.roa
File:                     xB5iSlFceyskRrofEK8rQQPFlp8.roa (raw, json)
Hash identifier:          fBSxmhXz1ZNjevakEgLYKqRbP/PfAz4LfQGjasx39VQ=
Subject key identifier:   C4:1E:62:4A:51:5C:7B:2B:24:46:BA:1F:10:AF:2B:41:03:C5:96:9F
Certificate issuer:       /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial:       1104
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/xB5iSlFceyskRrofEK8rQQPFlp8.roa
Signing time:             Thu 15 Sep 2022 02:50:52 +0000
ROA not before:           Thu 15 Sep 2022 02:50:52 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131631
IP address blocks:        103.123.216.0/24 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4356 (0x1104)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
        Validity
            Not Before: Sep 15 02:50:52 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C41E624A515C7B2B2446BA1F10AF2B4103C5969F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ae:a9:26:01:39:f8:05:73:54:e6:54:c9:10:
                    da:6c:f9:f4:29:eb:fb:1a:c8:10:35:fd:48:45:bb:
                    e0:d8:c4:bf:24:44:fa:5a:d4:97:83:49:34:6a:4a:
                    04:a5:82:15:ad:ac:52:a2:15:62:19:bb:b8:b3:d7:
                    83:42:13:85:eb:9a:1a:97:48:01:7b:b9:41:ba:a8:
                    5b:6c:7d:bb:a9:7a:15:30:51:51:e3:a3:3d:7c:64:
                    be:0c:71:76:9b:de:09:9d:56:78:50:d4:30:d9:4d:
                    f5:ea:c4:22:f8:d7:53:51:c6:9a:a2:e3:bf:31:69:
                    23:31:0d:bb:50:e7:c9:19:f2:70:e1:66:cf:b7:da:
                    f1:69:07:06:47:d2:b9:19:a5:3f:83:cb:f1:72:06:
                    6a:fe:94:f9:08:c2:56:be:b3:23:73:f5:55:88:e3:
                    4c:52:1b:42:05:00:28:3a:85:d8:83:bb:dc:61:86:
                    b9:91:6c:da:81:f7:72:3c:a1:e5:57:46:d7:a0:b5:
                    e3:31:9d:75:2f:f8:9f:92:15:96:fd:04:0a:1a:9e:
                    ee:7e:94:52:f5:e6:bd:6c:9a:8a:0b:d3:ac:5d:df:
                    8f:6d:91:01:e0:34:84:1e:78:9a:7a:ff:18:cd:8d:
                    56:9f:2f:f4:6c:53:c4:2a:88:06:22:16:71:0a:29:
                    bf:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:1E:62:4A:51:5C:7B:2B:24:46:BA:1F:10:AF:2B:41:03:C5:96:9F
            X509v3 Authority Key Identifier:
                keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/xB5iSlFceyskRrofEK8rQQPFlp8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.123.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:e1:95:e7:9b:cf:d5:dd:ef:5f:69:a0:47:5c:74:88:9c:2e:
         68:b3:b5:99:78:3e:39:7f:f3:95:8c:10:ac:c6:71:df:db:86:
         67:62:15:85:26:bd:1c:52:cf:53:35:06:c0:cb:14:f3:47:4b:
         19:1d:a7:fc:a8:cd:7a:1b:fa:26:be:bb:5b:9d:9a:a2:bc:10:
         63:a9:9f:92:ad:03:78:4f:eb:c9:13:df:57:9f:1d:a1:50:84:
         c6:2f:47:92:1a:b3:55:8b:56:a1:7a:d2:47:74:62:59:1c:53:
         52:9f:ad:6f:97:68:76:ea:32:fd:3d:16:8e:d5:2a:db:db:79:
         3f:b5:71:af:45:59:54:78:ff:52:8c:92:c8:0d:74:de:c9:7b:
         79:4e:70:dd:af:50:9d:fe:0a:c9:22:85:c6:4c:ac:ec:6b:d6:
         0c:ac:ae:b3:3d:d1:f5:4f:fa:f2:bd:2b:86:1c:a9:a7:6d:32:
         7a:21:01:95:2e:dd:51:02:e5:05:a5:73:2e:ac:e3:5a:75:19:
         75:33:1b:59:fe:11:a3:45:8b:5f:e4:5c:23:ac:ec:06:c8:50:
         44:46:ba:d8:11:a7:90:7b:3d:68:17:2f:71:a6:40:e9:f3:65:
         51:17:18:a4:12:3d:66:59:28:50:4e:e6:dc:56:da:9f:f9:ec:
         89:2e:2a:a0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yMjA5MTUw
MjUwNTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM0MUU2MjRBNTE1QzdC
MkIyNDQ2QkExRjEwQUYyQjQxMDNDNTk2OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCarqkmATn4BXNU5lTJENps+fQp6/sayBA1/UhFu+DYxL8kRPpa
1JeDSTRqSgSlghWtrFKiFWIZu7iz14NCE4XrmhqXSAF7uUG6qFtsfbupehUwUVHj
oz18ZL4McXab3gmdVnhQ1DDZTfXqxCL411NRxpqi478xaSMxDbtQ58kZ8nDhZs+3
2vFpBwZH0rkZpT+Dy/FyBmr+lPkIwla+syNz9VWI40xSG0IFACg6hdiDu9xhhrmR
bNqB93I8oeVXRtegteMxnXUv+J+SFZb9BAoanu5+lFL15r1smooL06xd349tkQHg
NIQeeJp6/xjNjVafL/RsU8QqiAYiFnEKKb+hAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUxB5iSlFceyskRrofEK8rQQPFlp8wHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC94QjVpU2xGY2V5c2tScm9mRUs4
clFRUEZscDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3vY
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ4ZXnm8/V3e9faaBHXHSInC5os7WZeD45f/OV
jBCsxnHf24ZnYhWFJr0cUs9TNQbAyxTzR0sZHaf8qM16G/omvrtbnZqivBBjqZ+S
rQN4T+vJE99Xnx2hUITGL0eSGrNVi1ahetJHdGJZHFNSn61vl2h26jL9PRaO1Srb
23k/tXGvRVlUeP9SjJLIDXTeyXt5TnDdr1Cd/grJIoXGTKzsa9YMrK6zPdH1T/ry
vSuGHKmnbTJ6IQGVLt1RAuUFpXMurONadRl1MxtZ/hGjRYtf5FwjrOwGyFBERrrY
EaeQez1oFy9xpkDp82VRFxikEj1mWShQTubcVtqf+eyJLiqg
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org