Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHUNYING/3V0kiF_PyjYt6WDY6oD3ZgCXXPY.roa
File:                     3V0kiF_PyjYt6WDY6oD3ZgCXXPY.roa (raw, json)
Hash identifier:          wv5EPrZc9VKeR/PcCbBhIr5H24E95gQCuKy9PRRPcso=
Subject key identifier:   DD:5D:24:88:5F:CF:CA:36:2D:E9:60:D8:EA:80:F7:66:00:97:5C:F6
Certificate issuer:       /CN=ED186F6314D7B5713EFFECFB93EBC3E82197E2EF
Certificate serial:       0DA3
Authority key identifier: ED:18:6F:63:14:D7:B5:71:3E:FF:EC:FB:93:EB:C3:E8:21:97:E2:EF
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/7RhvYxTXtXE-_-z7k-vD6CGX4u8.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SHUNYING/3V0kiF_PyjYt6WDY6oD3ZgCXXPY.roa
Signing time:             Mon 11 Jan 2021 11:49:29 +0000
ROA not before:           Mon 11 Jan 2021 11:49:29 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131633
IP address blocks:        103.127.236.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3491 (0xda3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ED186F6314D7B5713EFFECFB93EBC3E82197E2EF
        Validity
            Not Before: Jan 11 11:49:29 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=DD5D24885FCFCA362DE960D8EA80F76600975CF6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:71:70:89:dd:d3:de:46:4d:9a:2a:46:0d:a7:
                    db:df:01:e4:06:73:00:2b:68:e0:69:8a:6c:02:55:
                    c5:17:3b:04:29:92:e3:58:bd:ae:98:c6:fa:62:39:
                    10:77:8f:dc:55:b2:4e:d7:5d:2e:37:20:18:e0:9a:
                    90:87:5d:e9:b8:0d:f9:7c:df:8d:99:e7:28:f8:7e:
                    de:be:e6:c1:a7:eb:60:d4:13:db:f8:16:36:57:77:
                    71:3c:bc:d4:d8:e9:b4:44:2b:f9:fd:5a:93:82:d0:
                    d1:87:65:a7:7c:2b:22:43:48:11:f8:d9:82:f1:da:
                    2d:49:38:8a:31:d1:a3:3b:dc:92:9f:4a:32:10:06:
                    56:8b:ea:da:18:3f:f1:79:27:aa:5f:10:64:76:0e:
                    6d:ff:8e:39:13:6c:28:b3:6b:de:32:4b:49:b6:be:
                    66:6b:c3:fd:7e:18:5f:ca:8f:53:56:21:bf:28:35:
                    ba:d3:89:91:29:e4:bd:77:10:b3:47:6a:64:a4:58:
                    40:e5:92:0c:cb:49:14:77:89:02:60:20:df:2a:1d:
                    66:25:40:53:8a:27:26:3f:9b:1b:70:94:fb:ed:11:
                    22:b7:15:39:18:ed:d5:98:a6:bc:d8:7c:ab:21:20:
                    00:6c:91:43:41:8a:20:09:9f:ec:f6:70:98:9c:eb:
                    9f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:5D:24:88:5F:CF:CA:36:2D:E9:60:D8:EA:80:F7:66:00:97:5C:F6
            X509v3 Authority Key Identifier:
                keyid:ED:18:6F:63:14:D7:B5:71:3E:FF:EC:FB:93:EB:C3:E8:21:97:E2:EF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHUNYING/7RhvYxTXtXE-_-z7k-vD6CGX4u8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7RhvYxTXtXE-_-z7k-vD6CGX4u8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHUNYING/3V0kiF_PyjYt6WDY6oD3ZgCXXPY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.127.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5e:2d:52:58:e8:fe:d8:30:00:4e:48:f8:cf:53:a1:28:7b:36:
         b6:dc:f2:c9:db:36:5f:b5:7c:46:1e:ca:d8:69:5c:72:c0:7c:
         2d:af:a3:e5:7e:3a:cb:65:54:90:97:b6:78:ba:c5:00:5c:ee:
         2b:4b:29:6f:5c:6c:7a:00:7c:bf:b3:88:b5:0c:00:8f:c9:9f:
         b8:33:49:b6:84:b9:57:f7:ba:3b:ec:40:70:80:a4:46:43:bc:
         ab:63:31:08:32:80:1a:a8:78:de:06:ec:6e:23:b8:c2:84:a3:
         16:3c:1e:b1:9b:eb:b1:88:df:4b:32:0b:08:d7:ad:51:e5:30:
         b3:38:f9:84:e6:d8:5a:9f:54:42:45:9c:e2:7f:69:31:7b:ff:
         5e:b4:e2:44:6d:e7:f6:7c:c4:81:fa:ee:f2:0a:e3:9f:71:3e:
         81:aa:d9:cf:0c:f4:c3:ad:5e:cf:97:69:5a:a8:a2:de:47:d2:
         b7:70:b9:ce:fb:41:45:ac:d0:ef:e4:ac:5e:bf:0e:f4:a1:1a:
         33:ac:9a:de:a7:24:d2:f0:0f:c6:ea:d6:c8:0f:c3:d7:e1:fc:
         a7:46:f3:2f:85:7c:e7:3f:51:34:f3:a0:c0:93:c4:84:87:24:
         69:ab:69:8e:bf:b6:c8:68:61:8f:10:d1:08:4f:a1:a1:87:29:
         c3:fc:23:2e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQx
ODZGNjMxNEQ3QjU3MTNFRkZFQ0ZCOTNFQkMzRTgyMTk3RTJFRjAeFw0yMTAxMTEx
MTQ5MjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERENUQyNDg4NUZDRkNB
MzYyREU5NjBEOEVBODBGNzY2MDA5NzVDRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCQcXCJ3dPeRk2aKkYNp9vfAeQGcwAraOBpimwCVcUXOwQpkuNY
va6YxvpiORB3j9xVsk7XXS43IBjgmpCHXem4Dfl8342Z5yj4ft6+5sGn62DUE9v4
FjZXd3E8vNTY6bREK/n9WpOC0NGHZad8KyJDSBH42YLx2i1JOIox0aM73JKfSjIQ
BlaL6toYP/F5J6pfEGR2Dm3/jjkTbCiza94yS0m2vmZrw/1+GF/Kj1NWIb8oNbrT
iZEp5L13ELNHamSkWEDlkgzLSRR3iQJgIN8qHWYlQFOKJyY/mxtwlPvtESK3FTkY
7dWYprzYfKshIABskUNBiiAJn+z2cJic65/dAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU3V0kiF/PyjYt6WDY6oD3ZgCXXPYwHwYDVR0jBBgwFoAU7RhvYxTXtXE+/+z7
k+vD6CGX4u8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hVTllJ
TkcvN1Jodll4VFh0WEUtXy16N2stdkQ2Q0dYNHU4LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS83Umh2WXhUWHRYRS1fLXo3ay12RDZDR1g0dTguY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSFVOWUlORy8zVjBraUZfUHlqWXQ2
V0RZNm9EM1pnQ1hYUFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3/sMA0GCSqGSIb3DQEBCwUAA4IBAQBeLVJY6P7YMABOSPjPU6Eoeza23PLJ
2zZftXxGHsrYaVxywHwtr6PlfjrLZVSQl7Z4usUAXO4rSylvXGx6AHy/s4i1DACP
yZ+4M0m2hLlX97o77EBwgKRGQ7yrYzEIMoAaqHjeBuxuI7jChKMWPB6xm+uxiN9L
MgsI161R5TCzOPmE5than1RCRZzif2kxe/9etOJEbef2fMSB+u7yCuOfcT6BqtnP
DPTDrV7Pl2laqKLeR9K3cLnO+0FFrNDv5Kxevw70oRozrJrepyTS8A/G6tbID8PX
4fynRvMvhXznP1E086DAk8SEhyRpq2mOv7bIaGGPENEIT6GhhynD/CMu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org