Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/5Z8qtkSyYsbJ43DZL6Bel0iqZMg.roa
File:                     5Z8qtkSyYsbJ43DZL6Bel0iqZMg.roa (raw, json)
Hash identifier:          NQKIJNtufluCIKWtvylpg29I6hartoRiTbDspOCQyLo=
Subject key identifier:   E5:9F:2A:B6:44:B2:62:C6:C9:E3:70:D9:2F:A0:5E:97:48:AA:64:C8
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0BD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/5Z8qtkSyYsbJ43DZL6Bel0iqZMg.roa
Signing time:             Thu 15 Sep 2022 02:41:15 +0000
ROA not before:           Thu 15 Sep 2022 02:41:15 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     1659
IP address blocks:        203.72.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3032 (0xbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 15 02:41:15 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=E59F2AB644B262C6C9E370D92FA05E9748AA64C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d8:c0:23:07:9a:cf:82:ca:eb:fd:af:6c:1a:
                    e3:ea:a8:48:c4:ae:c3:6f:74:37:ea:3e:0d:83:62:
                    0a:2a:35:e8:38:b7:3b:62:d8:48:de:e0:59:e7:d0:
                    69:a9:94:63:9f:7f:20:84:8c:51:7d:39:8f:83:09:
                    35:53:9f:e6:01:74:da:89:4e:87:b3:0e:41:fa:1b:
                    7c:cf:9b:58:42:c9:01:d5:b2:77:86:e1:66:5b:79:
                    e9:e0:94:60:2d:45:a1:8c:6c:6d:7c:4c:a5:f0:78:
                    fc:5a:57:7e:e5:af:ef:7f:2b:a1:32:50:b1:55:5d:
                    c2:9a:4d:eb:18:99:fc:a0:c8:3f:af:bf:77:75:4f:
                    dc:84:29:cc:4b:f8:b7:54:7a:2a:53:e8:f9:5c:2e:
                    77:1a:fd:b3:6e:9a:7c:b2:cc:00:13:75:1c:15:d4:
                    51:18:14:af:75:f8:c6:12:f3:0b:d9:5a:7d:f9:79:
                    f5:f0:7d:4f:8a:fd:e2:e8:63:48:f5:52:95:6d:5d:
                    27:1e:bc:0e:fb:8f:97:cb:84:28:7a:f7:9b:3f:8d:
                    62:4a:14:c8:87:49:bd:ab:03:27:49:dc:da:fb:0b:
                    65:86:73:4a:c3:01:77:c4:cc:60:1f:eb:0b:b1:4d:
                    82:6a:78:05:b5:96:e1:d0:11:88:d6:b8:b3:dd:0b:
                    ab:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:9F:2A:B6:44:B2:62:C6:C9:E3:70:D9:2F:A0:5E:97:48:AA:64:C8
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/5Z8qtkSyYsbJ43DZL6Bel0iqZMg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.72.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ac:07:62:87:7c:22:6b:22:7c:15:7c:8a:bf:44:53:d0:4e:ef:
         7a:26:9a:30:4e:a9:b7:3a:5a:8b:05:db:46:9c:39:ee:89:58:
         ce:4d:1e:e1:34:be:ad:7f:a9:aa:0e:52:51:71:10:dd:f8:c5:
         19:4f:7d:34:1f:11:64:47:6e:ea:33:31:ac:66:93:dd:ec:51:
         75:00:d1:92:85:b5:dc:eb:5f:dc:71:67:91:a6:3e:5d:e6:bb:
         7d:f7:b9:fb:8b:8a:fa:2e:2a:2b:9b:49:ee:5c:cf:bc:bf:95:
         ef:7d:ec:8d:29:22:3a:1f:fe:25:84:3c:c1:ef:df:10:de:8c:
         e4:77:fc:04:b4:a7:8b:2e:cd:86:85:34:a5:39:40:6a:41:f2:
         94:d0:f0:e1:8a:2d:1f:fb:0b:d6:65:c5:0a:bf:ad:83:6c:cb:
         d2:81:f9:61:1e:38:76:2a:3d:8c:ea:d0:4a:28:5c:b7:78:5c:
         fc:42:78:3b:80:a3:cd:f1:75:bb:f4:af:46:fb:b7:e9:38:39:
         d3:24:1e:c3:f1:67:66:82:d0:59:cc:33:01:a9:a8:f2:71:c5:
         8d:56:f7:ff:28:45:46:cd:3a:f6:03:fc:e3:48:45:fe:13:42:
         30:af:0c:92:78:07:0b:42:a8:e9:40:17:46:ff:33:73:c0:b4:
         90:38:1e:c7
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMjA5MTUw
MjQxMTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEU1OUYyQUI2NDRCMjYy
QzZDOUUzNzBEOTJGQTA1RTk3NDhBQTY0QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa2MAjB5rPgsrr/a9sGuPqqEjErsNvdDfqPg2DYgoqNeg4tzti
2Eje4Fnn0GmplGOffyCEjFF9OY+DCTVTn+YBdNqJToezDkH6G3zPm1hCyQHVsneG
4WZbeenglGAtRaGMbG18TKXwePxaV37lr+9/K6EyULFVXcKaTesYmfygyD+vv3d1
T9yEKcxL+LdUeipT6PlcLnca/bNumnyyzAATdRwV1FEYFK91+MYS8wvZWn35efXw
fU+K/eLoY0j1UpVtXScevA77j5fLhCh695s/jWJKFMiHSb2rAydJ3Nr7C2WGc0rD
AXfEzGAf6wuxTYJqeAW1luHQEYjWuLPdC6vJAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU5Z8qtkSyYsbJ43DZL6Bel0iqZMgwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC81WjhxdGtTeVlzYko0M0RaTDZC
ZWwwaXFaTWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAy0gw
DQYJKoZIhvcNAQELBQADggEBAKwHYod8ImsifBV8ir9EU9BO73ommjBOqbc6WosF
20acOe6JWM5NHuE0vq1/qaoOUlFxEN34xRlPfTQfEWRHbuozMaxmk93sUXUA0ZKF
tdzrX9xxZ5GmPl3mu333ufuLivouKiubSe5cz7y/le997I0pIjof/iWEPMHv3xDe
jOR3/AS0p4suzYaFNKU5QGpB8pTQ8OGKLR/7C9ZlxQq/rYNsy9KB+WEeOHYqPYzq
0EooXLd4XPxCeDuAo83xdbv0r0b7t+k4OdMkHsPxZ2aC0FnMMwGpqPJxxY1W9/8o
RUbNOvYD/ONIRf4TQjCvDJJ4BwtCqOlAF0b/M3PAtJA4Hsc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org