Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SPETW/bRdaw18BWw0PJ1d-vxZOQ6iqBPk.roa
File:                     bRdaw18BWw0PJ1d-vxZOQ6iqBPk.roa (raw, json)
Hash identifier:          R+iTAhAG7ejtLlyPpOr0jn0KtHvQF1pQCZyuvkJUisQ=
Subject key identifier:   6D:17:5A:C3:5F:01:5B:0D:0F:27:57:7E:BF:16:4E:43:A8:AA:04:F9
Certificate issuer:       /CN=6F8C92DFC78CBFE8C5EFD6BA5A37A1628221FFE2
Certificate serial:       074F
Authority key identifier: 6F:8C:92:DF:C7:8C:BF:E8:C5:EF:D6:BA:5A:37:A1:62:82:21:FF:E2
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/b4yS38eMv-jF79a6WjehYoIh_-I.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SPETW/bRdaw18BWw0PJ1d-vxZOQ6iqBPk.roa
Signing time:             Tue 29 Sep 2020 10:06:14 +0000
ROA not before:           Tue 29 Sep 2020 10:06:14 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131623
IP address blocks:        103.117.4.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1871 (0x74f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6F8C92DFC78CBFE8C5EFD6BA5A37A1628221FFE2
        Validity
            Not Before: Sep 29 10:06:14 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=6D175AC35F015B0D0F27577EBF164E43A8AA04F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e2:7f:7c:ea:ce:d7:df:a8:3e:a1:63:65:9e:
                    a9:3a:16:2c:5e:70:51:d2:c7:8d:3e:39:e8:ad:35:
                    f1:cf:6e:44:da:a3:b8:c6:0c:f6:23:62:2d:25:5e:
                    4a:26:ad:ab:7d:22:a6:2e:c4:20:64:cc:f0:19:fd:
                    ac:e7:b3:d7:f3:8c:35:8b:ff:f8:33:2e:65:64:37:
                    35:6b:8a:ec:3b:b1:ae:c0:70:34:1e:bc:05:80:06:
                    a4:55:62:2e:98:e5:4c:3e:32:27:ed:dd:4d:63:c2:
                    6a:36:64:3c:6e:47:aa:d0:1b:47:c4:00:8d:3d:8e:
                    bb:44:70:2b:ec:ad:e3:8f:dd:fc:1c:67:49:86:cd:
                    8f:d0:9f:73:b4:d9:5c:b3:6e:0e:82:ac:80:c0:61:
                    8c:64:91:86:da:a8:cc:52:20:56:88:ca:3a:2e:58:
                    00:87:c4:1a:c5:1e:4b:c1:7f:12:50:3a:1b:04:81:
                    1f:f7:bb:17:f5:a0:c7:0d:0a:72:2b:9c:30:bf:31:
                    9c:b3:a8:95:86:3d:0c:4f:9f:fa:20:b5:66:f6:28:
                    d8:5c:cd:d6:2b:11:de:f2:5d:26:66:d5:32:4b:f0:
                    33:4e:c7:d4:a5:58:18:d4:5a:3d:d5:b7:ec:49:dc:
                    fc:9a:14:1c:b1:81:b1:ca:67:41:13:2a:39:5b:cd:
                    72:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:17:5A:C3:5F:01:5B:0D:0F:27:57:7E:BF:16:4E:43:A8:AA:04:F9
            X509v3 Authority Key Identifier:
                keyid:6F:8C:92:DF:C7:8C:BF:E8:C5:EF:D6:BA:5A:37:A1:62:82:21:FF:E2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SPETW/b4yS38eMv-jF79a6WjehYoIh_-I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/b4yS38eMv-jF79a6WjehYoIh_-I.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SPETW/bRdaw18BWw0PJ1d-vxZOQ6iqBPk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:de:34:b0:7a:ee:f7:d5:12:9d:95:7d:c8:2a:00:3b:77:12:
         1e:6e:68:55:38:b7:b0:89:5b:09:c8:28:56:f9:11:f1:3d:1a:
         58:41:56:52:c4:c4:fa:c1:f7:3c:da:95:5b:14:ca:d6:96:ac:
         55:71:da:97:83:00:ed:a3:22:bb:89:f4:53:1a:47:77:b3:02:
         50:2d:96:d6:66:96:10:d6:7f:89:3d:e4:c0:e7:27:47:c2:0b:
         4e:e5:5b:19:c6:87:6a:bc:8d:58:88:f0:25:5a:60:65:5d:f6:
         7b:8e:2f:99:8e:be:c0:60:7b:99:1c:d4:e5:27:4a:5b:c5:1f:
         dc:2c:07:8c:8b:cb:f0:cd:e9:0d:a3:2b:cf:4b:5e:b2:b7:82:
         46:41:ce:37:b8:a8:a3:75:5c:5c:ea:44:4b:cd:df:0e:ab:de:
         e6:47:16:2d:2c:25:4d:99:27:32:37:ed:5b:f2:e0:03:42:14:
         ef:43:71:a3:59:5f:20:ab:df:10:f6:e6:21:2d:66:7e:9f:aa:
         3d:d0:9b:39:47:c2:3c:13:9d:56:c2:18:f1:61:71:74:cb:b4:
         49:6b:40:74:55:c3:23:33:a8:ca:22:81:3f:df:1d:65:3f:a7:
         ec:83:f1:d4:6d:fd:c7:40:8f:22:0f:36:b2:6d:bc:d0:d5:63:
         3c:8a:a1:15
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB08wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkY4
QzkyREZDNzhDQkZFOEM1RUZENkJBNUEzN0ExNjI4MjIxRkZFMjAeFw0yMDA5Mjkx
MDA2MTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZEMTc1QUMzNUYwMTVC
MEQwRjI3NTc3RUJGMTY0RTQzQThBQTA0RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ4n986s7X36g+oWNlnqk6FixecFHSx40+OeitNfHPbkTao7jG
DPYjYi0lXkomrat9IqYuxCBkzPAZ/azns9fzjDWL//gzLmVkNzVriuw7sa7AcDQe
vAWABqRVYi6Y5Uw+Mift3U1jwmo2ZDxuR6rQG0fEAI09jrtEcCvsreOP3fwcZ0mG
zY/Qn3O02Vyzbg6CrIDAYYxkkYbaqMxSIFaIyjouWACHxBrFHkvBfxJQOhsEgR/3
uxf1oMcNCnIrnDC/MZyzqJWGPQxPn/ogtWb2KNhczdYrEd7yXSZm1TJL8DNOx9Sl
WBjUWj3Vt+xJ3PyaFByxgbHKZ0ETKjlbzXKpAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUbRdaw18BWw0PJ1d+vxZOQ6iqBPkwHwYDVR0jBBgwFoAUb4yS38eMv+jF79a6
WjehYoIh/+IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1BFVFcv
YjR5UzM4ZU12LWpGNzlhNldqZWhZb0loXy1JLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9iNHlTMzhlTXYtakY3OWE2V2plaFlvSWhfLUkuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TUEVUVy9iUmRhdzE4Qld3MFBKMWQtdnha
T1E2aXFCUGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ3UE
MA0GCSqGSIb3DQEBCwUAA4IBAQCT3jSweu731RKdlX3IKgA7dxIebmhVOLewiVsJ
yChW+RHxPRpYQVZSxMT6wfc82pVbFMrWlqxVcdqXgwDtoyK7ifRTGkd3swJQLZbW
ZpYQ1n+JPeTA5ydHwgtO5VsZxodqvI1YiPAlWmBlXfZ7ji+Zjr7AYHuZHNTlJ0pb
xR/cLAeMi8vwzekNoyvPS16yt4JGQc43uKijdVxc6kRLzd8Oq97mRxYtLCVNmScy
N+1b8uADQhTvQ3GjWV8gq98Q9uYhLWZ+n6o90Js5R8I8E51WwhjxYXF0y7RJa0B0
VcMjM6jKIoE/3x1lP6fsg/HUbf3HQI8iDzaybbzQ1WM8iqEV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org