Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/MGy8zpaYXPXxqy0ST7eAlX0YIP0.roa
File:                     MGy8zpaYXPXxqy0ST7eAlX0YIP0.roa (raw, json)
Hash identifier:          jgp6zAiCHlAIdZCx5ZgOKV2IpKjZlQk1ISMx83xcc/M=
Subject key identifier:   30:6C:BC:CE:96:98:5C:F5:F1:AB:2D:12:4F:B7:80:95:7D:18:20:FD
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0BD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/MGy8zpaYXPXxqy0ST7eAlX0YIP0.roa
Signing time:             Thu 15 Sep 2022 02:41:05 +0000
ROA not before:           Thu 15 Sep 2022 02:41:05 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9916
IP address blocks:        120.126.32.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3032 (0xbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 15 02:41:05 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=306CBCCE96985CF5F1AB2D124FB780957D1820FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:1c:a5:6c:36:62:91:2c:46:43:42:db:8b:92:
                    67:2f:f4:3e:fc:e2:dc:51:b8:36:82:2b:90:b7:4a:
                    49:40:25:9e:3e:14:cb:65:c9:30:fa:df:bb:6f:7e:
                    75:c1:d6:61:fa:ec:c1:2c:e5:96:45:fe:35:0a:be:
                    bf:ed:97:48:13:50:71:9b:95:4a:15:b1:02:00:bc:
                    94:4e:05:60:ff:0b:c0:be:47:39:f3:45:16:7d:24:
                    d7:96:c5:93:67:6d:9e:43:c3:b3:a1:7e:83:84:13:
                    fe:d3:fd:9e:fa:df:3e:32:7c:cb:49:a1:21:58:88:
                    70:fd:02:1b:35:5d:82:69:b7:de:e0:e5:ab:c4:aa:
                    0a:6d:f3:aa:e5:9c:7f:69:7c:0d:03:1f:3f:33:0b:
                    9a:66:88:36:5d:5a:76:75:30:47:a2:23:49:ee:86:
                    3e:45:b0:d5:ef:a7:df:68:4d:91:e9:2f:44:e6:45:
                    58:91:01:32:23:b7:a6:76:59:d7:e0:e3:be:19:fa:
                    e9:a2:34:af:c7:23:c9:27:49:4e:2e:bd:5d:2d:15:
                    d3:a9:d7:b3:1d:9a:ad:06:26:f9:55:ed:20:a9:4e:
                    e1:09:e2:3c:84:00:8d:11:b8:fa:cc:0e:97:f9:db:
                    d0:db:64:6f:4e:2e:d0:98:db:89:07:28:69:5f:4a:
                    f7:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:6C:BC:CE:96:98:5C:F5:F1:AB:2D:12:4F:B7:80:95:7D:18:20:FD
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/MGy8zpaYXPXxqy0ST7eAlX0YIP0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.126.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         90:ea:3e:f8:de:02:03:f4:48:3c:62:64:0b:a7:0e:9c:e7:1d:
         57:ab:01:22:a1:6e:24:f2:98:d7:ca:d5:7c:b9:72:1b:c4:04:
         6a:aa:cb:cf:13:4f:38:37:f2:85:b1:85:6a:3e:4c:d5:b0:c0:
         2e:bc:2b:49:aa:81:a6:8d:24:79:9e:04:3a:23:31:27:cc:9e:
         06:47:ea:a4:e1:97:33:88:3e:7f:91:b7:f4:16:76:67:a3:65:
         b5:39:45:b8:fe:a6:81:a5:d4:22:f1:36:aa:75:0b:d8:8c:a7:
         f2:9b:79:e5:63:b1:94:d0:f7:97:7e:2c:44:6d:af:85:ec:d5:
         f2:ca:77:64:a4:9a:d8:af:fa:8b:76:91:b0:cf:f8:85:df:3b:
         a1:2e:52:9b:3e:cd:4f:ac:1c:f6:2c:16:35:c8:d4:4f:e6:b0:
         57:01:2f:1b:c9:b1:ab:33:2b:dd:d7:0c:c1:a6:4b:3b:15:74:
         fc:be:bf:7d:41:80:94:8d:f2:e0:17:80:8a:3c:ec:f8:bf:8a:
         5b:b8:5e:8b:28:e8:69:f0:6d:75:e8:a2:03:22:83:13:40:3e:
         80:f6:3e:8b:ee:5f:ca:85:99:f0:4f:9c:ba:39:62:f0:c5:be:
         f3:36:1a:a5:3e:09:f7:3e:ce:c8:de:f7:1b:63:08:24:f1:f7:
         c7:9a:31:a0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMjA5MTUw
MjQxMDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMwNkNCQ0NFOTY5ODVD
RjVGMUFCMkQxMjRGQjc4MDk1N0QxODIwRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzHKVsNmKRLEZDQtuLkmcv9D784txRuDaCK5C3SklAJZ4+FMtl
yTD637tvfnXB1mH67MEs5ZZF/jUKvr/tl0gTUHGblUoVsQIAvJROBWD/C8C+Rznz
RRZ9JNeWxZNnbZ5Dw7OhfoOEE/7T/Z763z4yfMtJoSFYiHD9Ahs1XYJpt97g5avE
qgpt86rlnH9pfA0DHz8zC5pmiDZdWnZ1MEeiI0nuhj5FsNXvp99oTZHpL0TmRViR
ATIjt6Z2Wdfg474Z+umiNK/HI8knSU4uvV0tFdOp17Mdmq0GJvlV7SCpTuEJ4jyE
AI0RuPrMDpf529DbZG9OLtCY24kHKGlfSve9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUMGy8zpaYXPXxqy0ST7eAlX0YIP0wHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9NR3k4enBhWVhQWHhxeTBTVDdl
QWxYMFlJUDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFeH4g
MA0GCSqGSIb3DQEBCwUAA4IBAQCQ6j743gID9Eg8YmQLpw6c5x1XqwEioW4k8pjX
ytV8uXIbxARqqsvPE084N/KFsYVqPkzVsMAuvCtJqoGmjSR5ngQ6IzEnzJ4GR+qk
4ZcziD5/kbf0FnZno2W1OUW4/qaBpdQi8TaqdQvYjKfym3nlY7GU0PeXfixEba+F
7NXyyndkpJrYr/qLdpGwz/iF3zuhLlKbPs1PrBz2LBY1yNRP5rBXAS8bybGrMyvd
1wzBpks7FXT8vr99QYCUjfLgF4CKPOz4v4pbuF6LKOhp8G116KIDIoMTQD6A9j6L
7l/KhZnwT5y6OWLwxb7zNhqlPgn3Ps7I3vcbYwgk8ffHmjGg
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org