Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/cY9yirw1o5gBDR01QpDtjsWmYVo.roa
File:                     cY9yirw1o5gBDR01QpDtjsWmYVo.roa (raw, json)
Hash identifier:          0EC5P4NkZQDqiBpA3aRoIG67pDBtfWaiYhLrdsvU4mo=
Subject key identifier:   71:8F:72:8A:BC:35:A3:98:01:0D:1D:35:42:90:ED:8E:C5:A6:61:5A
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0940
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/cY9yirw1o5gBDR01QpDtjsWmYVo.roa
Signing time:             Thu 07 Jan 2021 06:44:42 +0000
ROA not before:           Thu 07 Jan 2021 06:44:42 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     1659
IP address blocks:        203.68.203.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2368 (0x940)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Jan  7 06:44:42 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=718F728ABC35A398010D1D354290ED8EC5A6615A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d9:42:bb:7c:37:b9:5f:0f:67:4f:62:fc:32:
                    f8:3c:63:a4:e7:94:ad:ae:17:54:eb:9a:4a:51:44:
                    b7:5d:eb:73:c5:b9:5b:ed:f8:18:fd:af:c7:72:f3:
                    12:cc:46:5e:b9:14:5f:88:99:b6:84:4d:e5:91:5b:
                    04:e2:7c:e6:8e:ac:ec:c2:19:d7:88:da:35:6f:68:
                    34:de:be:ad:f2:ba:ca:fd:4e:61:b2:30:ad:51:ef:
                    82:b5:a5:77:fd:2d:bc:27:b7:76:6a:8b:70:30:33:
                    ab:73:2e:37:e3:a9:f6:d2:b5:eb:b1:13:cd:fd:f1:
                    f8:2a:84:2a:21:30:07:b7:43:2a:fb:87:f0:6d:06:
                    48:42:6a:c8:c6:a3:4a:d6:0e:75:bd:ea:3f:4b:2e:
                    68:6e:f7:e3:78:19:18:76:b6:ab:2b:ce:8d:fb:81:
                    b3:0c:51:65:1e:bc:3f:16:b3:20:f1:96:a2:2e:8c:
                    50:57:65:3c:a3:26:e9:c4:79:60:ac:4d:6d:aa:38:
                    39:ec:87:13:06:6d:2d:63:ca:ec:5e:e2:b3:5e:da:
                    96:5d:9c:ed:42:34:38:dc:40:e1:42:7d:87:fe:c2:
                    26:2c:11:c1:8b:58:e2:ff:20:fa:22:47:57:ef:8c:
                    09:99:c0:b5:bb:d8:65:db:93:e1:09:5d:f9:9b:5c:
                    39:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:8F:72:8A:BC:35:A3:98:01:0D:1D:35:42:90:ED:8E:C5:A6:61:5A
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/cY9yirw1o5gBDR01QpDtjsWmYVo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.68.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:43:54:03:de:ee:40:64:ef:ba:ce:fa:ba:c2:ff:07:08:8b:
         d4:72:5b:c7:b0:4a:20:bc:99:eb:a0:f9:03:aa:36:85:2e:0e:
         1d:27:54:73:bf:52:65:d6:c5:9a:94:39:5f:71:92:73:39:cd:
         97:f5:19:ae:54:4e:b4:8a:a5:cc:98:dd:bd:ce:27:2d:21:32:
         55:1a:68:b1:2e:5f:1b:bc:5d:a4:52:f6:eb:d8:5c:91:72:fb:
         7d:64:62:31:f9:f9:14:ba:13:db:ee:b0:8a:8e:f7:1a:d9:d6:
         b9:67:59:13:f6:3b:e9:66:df:ac:4c:08:42:a9:b2:d2:ac:b4:
         7a:5a:df:ff:9b:8c:2c:bc:18:ec:6d:8a:b4:a3:aa:5a:13:ec:
         df:7d:27:72:00:2c:33:42:20:e7:f1:f4:70:d6:c0:1f:37:b3:
         91:0a:c0:0c:e7:26:f6:39:44:0f:c0:18:65:6f:22:ab:80:70:
         42:21:75:8c:38:9b:42:3e:b7:87:49:d4:9c:e4:32:2b:9c:60:
         f8:cd:93:70:cd:33:b8:e5:af:4a:92:d2:77:bf:4d:01:2a:1e:
         3c:6f:32:b6:8a:d3:90:67:b9:14:66:aa:c2:be:30:6b:04:be:
         b3:e8:7d:b8:87:fd:c2:c5:fe:0a:be:b9:12:bf:2d:82:c6:f7:
         27:95:9d:f8
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCUAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTAxMDcw
NjQ0NDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDcxOEY3MjhBQkMzNUEz
OTgwMTBEMUQzNTQyOTBFRDhFQzVBNjYxNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR2UK7fDe5Xw9nT2L8Mvg8Y6TnlK2uF1TrmkpRRLdd63PFuVvt
+Bj9r8dy8xLMRl65FF+ImbaETeWRWwTifOaOrOzCGdeI2jVvaDTevq3yusr9TmGy
MK1R74K1pXf9Lbwnt3Zqi3AwM6tzLjfjqfbSteuxE8398fgqhCohMAe3Qyr7h/Bt
BkhCasjGo0rWDnW96j9LLmhu9+N4GRh2tqsrzo37gbMMUWUevD8WsyDxlqIujFBX
ZTyjJunEeWCsTW2qODnshxMGbS1jyuxe4rNe2pZdnO1CNDjcQOFCfYf+wiYsEcGL
WOL/IPoiR1fvjAmZwLW72GXbk+EJXfmbXDn9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUcY9yirw1o5gBDR01QpDtjsWmYVowHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9jWTl5aXJ3MW81Z0JEUjAxUXBE
dGpzV21ZVm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0TL
MA0GCSqGSIb3DQEBCwUAA4IBAQCJQ1QD3u5AZO+6zvq6wv8HCIvUclvHsEogvJnr
oPkDqjaFLg4dJ1Rzv1Jl1sWalDlfcZJzOc2X9RmuVE60iqXMmN29zictITJVGmix
Ll8bvF2kUvbr2FyRcvt9ZGIx+fkUuhPb7rCKjvca2da5Z1kT9jvpZt+sTAhCqbLS
rLR6Wt//m4wsvBjsbYq0o6paE+zffSdyACwzQiDn8fRw1sAfN7ORCsAM5yb2OUQP
wBhlbyKrgHBCIXWMOJtCPreHSdSc5DIrnGD4zZNwzTO45a9KktJ3v00BKh48bzK2
itOQZ7kUZqrCvjBrBL6z6H24h/3Cxf4KvrkSvy2CxvcnlZ34
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org