Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/zo9fTrf3nr0d-0UzC28lI8gTGuM.roa
File:                     zo9fTrf3nr0d-0UzC28lI8gTGuM.roa (raw, json)
Hash identifier:          gWgmXuWUdIi7097UWAJhv8z2Qiv0nUEk+cQ5M/Gmhhc=
Subject key identifier:   CE:8F:5F:4E:B7:F7:9E:BD:1D:FB:45:33:0B:6F:25:23:C8:13:1A:E3
Certificate issuer:       /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial:       111F
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/zo9fTrf3nr0d-0UzC28lI8gTGuM.roa
Signing time:             Wed 05 Oct 2022 00:58:17 +0000
ROA not before:           Wed 05 Oct 2022 00:58:17 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131631
IP address blocks:        103.123.219.0/24 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4383 (0x111f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
        Validity
            Not Before: Oct  5 00:58:17 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=CE8F5F4EB7F79EBD1DFB45330B6F2523C8131AE3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:5e:68:c7:fa:86:c7:04:5f:e1:a4:70:66:34:
                    9f:8b:37:dc:03:34:de:bd:b0:72:70:ef:bf:f0:0b:
                    ca:81:a3:ed:4a:8a:30:47:cd:4a:a0:db:2f:b6:fa:
                    89:34:cd:9e:a8:25:b1:34:ba:a2:45:c4:18:e1:2d:
                    e9:61:8a:b4:49:a0:3e:15:f5:55:44:c9:05:e6:1f:
                    2d:e4:11:b1:b0:ef:fa:0a:85:55:70:da:33:e2:67:
                    bc:4d:d1:e1:18:83:97:3c:44:c3:6c:ac:9f:42:41:
                    24:ed:36:f1:46:5d:5f:d2:84:69:11:53:a1:a7:4e:
                    72:2f:be:0e:c2:48:f4:15:a7:08:6f:af:f2:4c:02:
                    af:b7:e0:b3:95:cd:5d:ab:16:98:4a:39:bb:ab:c2:
                    89:aa:8d:08:ba:11:f4:ac:1b:ee:2c:e5:b1:f5:01:
                    29:b4:1a:1c:28:e8:dd:e2:6b:4a:a2:d9:33:e7:69:
                    50:23:c6:94:c6:d2:87:84:de:f9:f2:65:42:5f:d9:
                    5b:4a:db:07:72:b7:89:7d:b1:2e:fe:45:55:96:66:
                    ab:e7:1d:39:87:76:75:05:75:b7:39:f7:b0:a3:81:
                    cc:29:67:55:df:03:7e:7e:2b:cc:31:f6:6b:14:57:
                    3d:59:48:bb:28:46:80:b7:cf:9b:e0:35:66:53:ab:
                    80:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:8F:5F:4E:B7:F7:9E:BD:1D:FB:45:33:0B:6F:25:23:C8:13:1A:E3
            X509v3 Authority Key Identifier:
                keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/zo9fTrf3nr0d-0UzC28lI8gTGuM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.123.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:4b:13:8e:c5:ae:f5:b3:d6:86:b5:39:93:9f:37:9e:03:d0:
         79:26:95:20:e9:6b:85:82:56:b9:d2:e1:86:9d:64:72:d7:2a:
         22:af:04:2c:e0:ee:85:a8:40:d1:fb:51:41:aa:32:d4:de:71:
         47:16:b9:2c:da:d9:5d:62:37:97:90:c6:c4:61:fd:73:15:ef:
         89:79:e2:b5:d3:4a:4e:70:2f:c3:11:76:5c:ed:e0:c7:d5:fa:
         d4:f2:12:64:5b:32:7a:58:62:c9:06:91:da:f6:00:2a:64:99:
         08:fc:95:7e:e0:b5:45:f9:e8:72:2b:a1:73:de:7a:e5:14:53:
         b0:4d:aa:9a:9a:af:32:60:fd:76:24:6c:c2:5d:c6:3f:ad:44:
         d8:da:3c:df:24:76:ef:da:a2:01:87:ad:2b:18:e0:eb:2e:a6:
         81:ce:34:d3:87:da:3e:80:6d:6d:fd:7d:0b:cd:59:a5:62:05:
         85:26:7b:7e:78:93:25:50:e9:a9:2c:55:80:a5:c2:0e:24:dd:
         bd:e4:de:bc:13:59:d3:a5:da:4c:44:25:35:f8:aa:e5:6b:00:
         9a:f6:99:d1:ed:70:55:8d:8a:e0:8c:58:8a:fa:1f:da:85:80:
         26:5c:92:42:c9:aa:87:5d:01:a9:87:09:8d:b0:57:5d:30:44:
         e7:e8:08:c4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICER8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yMjEwMDUw
MDU4MTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENFOEY1RjRFQjdGNzlF
QkQxREZCNDUzMzBCNkYyNTIzQzgxMzFBRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiXmjH+obHBF/hpHBmNJ+LN9wDNN69sHJw77/wC8qBo+1KijBH
zUqg2y+2+ok0zZ6oJbE0uqJFxBjhLelhirRJoD4V9VVEyQXmHy3kEbGw7/oKhVVw
2jPiZ7xN0eEYg5c8RMNsrJ9CQSTtNvFGXV/ShGkRU6GnTnIvvg7CSPQVpwhvr/JM
Aq+34LOVzV2rFphKOburwomqjQi6EfSsG+4s5bH1ASm0Ghwo6N3ia0qi2TPnaVAj
xpTG0oeE3vnyZUJf2VtK2wdyt4l9sS7+RVWWZqvnHTmHdnUFdbc597CjgcwpZ1Xf
A35+K8wx9msUVz1ZSLsoRoC3z5vgNWZTq4BXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUzo9fTrf3nr0d+0UzC28lI8gTGuMwHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC96bzlmVHJmM25yMGQtMFV6QzI4
bEk4Z1RHdU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3vb
MA0GCSqGSIb3DQEBCwUAA4IBAQC2SxOOxa71s9aGtTmTnzeeA9B5JpUg6WuFgla5
0uGGnWRy1yoirwQs4O6FqEDR+1FBqjLU3nFHFrks2tldYjeXkMbEYf1zFe+JeeK1
00pOcC/DEXZc7eDH1frU8hJkWzJ6WGLJBpHa9gAqZJkI/JV+4LVF+ehyK6Fz3nrl
FFOwTaqamq8yYP12JGzCXcY/rUTY2jzfJHbv2qIBh60rGODrLqaBzjTTh9o+gG1t
/X0LzVmlYgWFJnt+eJMlUOmpLFWApcIOJN295N68E1nTpdpMRCU1+KrlawCa9pnR
7XBVjYrgjFiK+h/ahYAmXJJCyaqHXQGphwmNsFddMETn6AjE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org