Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/NDdtFuVSmb4yjfYZs2GhTaVLhgo.roa
File:                     NDdtFuVSmb4yjfYZs2GhTaVLhgo.roa (raw, json)
Hash identifier:          FgF24KLBx2q3nuce/Pofp8+jGGKg6aFhJip/4QS1Fe8=
Subject key identifier:   34:37:6D:16:E5:52:99:BE:32:8D:F6:19:B3:61:A1:4D:A5:4B:86:0A
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0ADF
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/NDdtFuVSmb4yjfYZs2GhTaVLhgo.roa
Signing time:             Wed 29 Sep 2021 02:41:11 +0000
ROA not before:           Wed 29 Sep 2021 02:41:11 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     1659
IP address blocks:        203.72.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2783 (0xadf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 02:41:11 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=34376D16E55299BE328DF619B361A14DA54B860A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c6:65:2e:99:52:7a:2d:53:a9:87:e2:b0:4b:
                    cc:75:ce:9f:bb:b6:c3:e5:34:c8:32:fd:4d:9a:3a:
                    c8:c7:c0:bb:2f:32:29:69:9e:9c:90:c6:e5:ec:2d:
                    9e:a4:08:82:82:41:e6:9e:bc:fc:e9:b6:ab:e6:c2:
                    2e:5d:85:11:09:8f:b7:bc:4e:be:f1:81:28:a2:10:
                    ca:14:c5:3b:1d:e5:c7:53:65:30:37:71:01:32:22:
                    60:ba:07:7f:86:29:69:e9:b1:10:bb:55:a4:2c:f7:
                    78:1b:d6:c3:df:ea:83:8c:9a:65:3c:db:60:da:c7:
                    d1:9b:0c:fb:72:4e:de:0d:04:10:9d:81:6f:97:86:
                    c2:a0:60:6e:33:fb:94:f1:14:a8:11:ba:a6:39:56:
                    4a:c9:fc:83:e7:36:1e:32:d4:b1:c5:1b:1f:15:fe:
                    fc:3a:c6:19:0f:8a:e6:2b:98:cb:4f:47:2d:a7:01:
                    9c:d4:79:fd:a1:b9:be:50:7b:a2:f9:30:62:e5:41:
                    be:5e:b5:8a:92:e1:4e:4c:72:82:78:e0:83:03:b9:
                    4a:3d:16:22:69:40:4c:51:4b:0c:27:f0:a6:a6:ae:
                    98:03:b1:bd:96:be:95:f1:f9:3c:50:51:5d:79:c4:
                    3c:78:8c:43:37:b2:ed:af:4f:26:e5:e5:85:fa:f2:
                    e5:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:37:6D:16:E5:52:99:BE:32:8D:F6:19:B3:61:A1:4D:A5:4B:86:0A
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/NDdtFuVSmb4yjfYZs2GhTaVLhgo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.72.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         92:36:3d:ed:30:12:1a:2f:d8:0b:3d:00:f4:f0:24:de:8a:08:
         10:4b:e5:5c:fb:27:6c:60:d3:17:2e:2a:85:0b:ae:45:dd:0e:
         8d:bb:00:fd:ee:ab:0b:34:b0:ac:3e:c4:e3:aa:4f:a2:e3:24:
         86:50:8a:0f:c3:0a:34:01:62:17:72:80:c6:72:09:16:fd:84:
         bc:16:79:97:2a:a1:89:44:ea:b3:22:2d:29:8c:dc:11:48:1e:
         49:01:39:21:a0:2d:da:bf:67:5e:89:95:53:23:90:28:1d:3e:
         05:65:30:ee:19:02:e9:2c:1f:ed:b7:c4:db:4b:d1:4b:53:6b:
         48:2b:8f:62:d7:9c:69:6e:e9:59:73:e0:75:9d:8b:5e:42:25:
         e1:c9:8f:30:fa:eb:c4:18:10:a1:49:03:c7:90:80:b6:c3:bb:
         84:58:d5:55:e2:3f:3b:34:4e:61:74:8b:ca:9a:76:47:47:02:
         56:a9:6e:ed:e9:17:e2:8f:4c:d0:30:9b:53:eb:23:ca:d5:ae:
         f3:04:0f:fa:1b:2e:b0:7e:d6:e6:e4:a2:97:9e:01:99:45:5e:
         6f:43:d7:82:39:52:7f:61:d2:a8:ce:72:fb:0b:a8:ee:36:34:
         e2:99:49:51:d3:36:c4:1d:a2:33:d3:e7:ab:7a:21:7c:48:86:
         82:dc:0c:aa
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTA5Mjkw
MjQxMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM0Mzc2RDE2RTU1Mjk5
QkUzMjhERjYxOUIzNjFBMTREQTU0Qjg2MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsxmUumVJ6LVOph+KwS8x1zp+7tsPlNMgy/U2aOsjHwLsvMilp
npyQxuXsLZ6kCIKCQeaevPzptqvmwi5dhREJj7e8Tr7xgSiiEMoUxTsd5cdTZTA3
cQEyImC6B3+GKWnpsRC7VaQs93gb1sPf6oOMmmU822Dax9GbDPtyTt4NBBCdgW+X
hsKgYG4z+5TxFKgRuqY5VkrJ/IPnNh4y1LHFGx8V/vw6xhkPiuYrmMtPRy2nAZzU
ef2hub5Qe6L5MGLlQb5etYqS4U5McoJ44IMDuUo9FiJpQExRSwwn8KamrpgDsb2W
vpXx+TxQUV15xDx4jEM3su2vTybl5YX68uWbAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUNDdtFuVSmb4yjfYZs2GhTaVLhgowHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9ORGR0RnVWU21iNHlqZllaczJH
aFRhVkxoZ28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAy0gw
DQYJKoZIhvcNAQELBQADggEBAJI2Pe0wEhov2As9APTwJN6KCBBL5Vz7J2xg0xcu
KoULrkXdDo27AP3uqws0sKw+xOOqT6LjJIZQig/DCjQBYhdygMZyCRb9hLwWeZcq
oYlE6rMiLSmM3BFIHkkBOSGgLdq/Z16JlVMjkCgdPgVlMO4ZAuksH+23xNtL0UtT
a0grj2LXnGlu6Vlz4HWdi15CJeHJjzD668QYEKFJA8eQgLbDu4RY1VXiPzs0TmF0
i8qadkdHAlapbu3pF+KPTNAwm1PrI8rVrvMED/obLrB+1ubkopeeAZlFXm9D14I5
Un9h0qjOcvsLqO42NOKZSVHTNsQdojPT56t6IXxIhoLcDKo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org