Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/ygQXwxDxJsrBK8gMoASJFL7MaqE.roa
File:                     ygQXwxDxJsrBK8gMoASJFL7MaqE.roa (raw, json)
Hash identifier:          X5ZRYRUZzsIdUsrIXgBLH4ION2oWRL8dhg48zTPPIaY=
Subject key identifier:   CA:04:17:C3:10:F1:26:CA:C1:2B:C8:0C:A0:04:89:14:BE:CC:6A:A1
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       07DE
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/ygQXwxDxJsrBK8gMoASJFL7MaqE.roa
Signing time:             Tue 29 Sep 2020 10:06:34 +0000
ROA not before:           Tue 29 Sep 2020 10:06:34 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38844
IP address blocks:        203.68.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2014 (0x7de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 10:06:34 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=CA0417C310F126CAC12BC80CA0048914BECC6AA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e2:99:bd:e9:4d:23:e0:d2:51:fa:86:b0:82:
                    54:ee:9e:53:ac:10:57:61:25:03:cb:0b:c2:86:d0:
                    70:62:48:00:62:cd:ef:87:d3:b4:65:1c:32:aa:9d:
                    15:cf:5d:eb:35:d7:58:02:92:f1:81:62:38:12:d9:
                    01:d7:13:71:25:7d:a9:30:47:8c:5f:ce:2a:6d:39:
                    42:17:fd:94:2e:e1:9e:97:e5:46:0e:1d:0e:1e:f8:
                    0c:f0:85:73:1b:91:f4:86:63:68:c7:9f:ed:df:f2:
                    c2:b0:81:a6:97:9e:e0:9c:75:9a:cf:09:9e:84:00:
                    fe:99:e3:7d:21:96:10:96:6e:d2:79:f9:cd:44:bc:
                    77:6d:aa:2f:a5:63:25:3a:8c:22:c7:da:b8:9f:cb:
                    e3:be:52:f6:1e:16:87:d3:9c:73:a8:4d:cf:27:83:
                    0e:b7:9b:27:7f:76:59:3d:dc:4e:bc:44:c5:40:5b:
                    79:5b:ff:42:2f:ce:fd:0d:9f:57:49:97:80:8b:f6:
                    2b:f9:83:2a:55:6a:79:f5:b4:cc:50:d8:c4:58:11:
                    5e:41:bf:4b:9d:3e:c6:8d:84:f0:c9:15:ac:11:21:
                    08:5a:08:a9:7f:03:d3:9a:a2:82:73:6d:a5:ea:7f:
                    b2:cc:10:61:8d:00:8d:85:16:a1:68:5e:e7:c5:b3:
                    26:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:04:17:C3:10:F1:26:CA:C1:2B:C8:0C:A0:04:89:14:BE:CC:6A:A1
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/ygQXwxDxJsrBK8gMoASJFL7MaqE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.68.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:48:a3:4c:a6:02:a7:6b:a1:95:6f:df:b2:99:db:cc:30:37:
         f9:b0:c5:60:d8:7b:ad:d4:25:8a:ea:97:08:49:ba:8f:b7:04:
         6b:50:03:dd:83:e8:3c:1e:7e:d1:9d:a2:a1:cc:99:02:49:3f:
         25:39:d4:76:fb:cd:fb:b2:25:c6:a1:ac:df:42:c4:4a:e2:3b:
         49:81:8f:23:5b:94:89:9f:73:47:80:7d:62:73:fb:4c:cf:f7:
         59:0f:95:60:c7:83:58:7a:d5:20:63:ef:0c:18:96:7f:58:15:
         58:0f:92:82:26:f0:a6:7a:19:c6:d5:d2:a1:71:7e:88:40:16:
         21:f3:2b:50:22:c7:32:95:6e:e8:52:84:f1:94:ec:61:a4:98:
         c6:eb:73:af:6b:b6:7e:73:35:92:86:89:bf:f9:2d:85:48:06:
         95:09:c3:d3:f5:d3:d3:a5:d9:d2:f1:d1:5d:28:d4:c3:c4:b0:
         07:10:f6:cf:e8:cd:dd:0b:ca:3d:7a:90:e3:e8:f6:20:fe:9a:
         a4:55:22:34:22:c9:14:ae:de:2c:25:df:7c:31:f9:41:f4:45:
         d1:d2:d7:3e:34:aa:4f:9f:0a:e1:ae:59:4a:a7:53:22:e5:83:
         4d:dc:d6:63:d9:ac:77:59:b1:d9:ff:c0:2a:7b:b2:09:98:4d:
         88:1b:a2:e0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMDA5Mjkx
MDA2MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENBMDQxN0MzMTBGMTI2
Q0FDMTJCQzgwQ0EwMDQ4OTE0QkVDQzZBQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS4pm96U0j4NJR+oawglTunlOsEFdhJQPLC8KG0HBiSABize+H
07RlHDKqnRXPXes111gCkvGBYjgS2QHXE3ElfakwR4xfziptOUIX/ZQu4Z6X5UYO
HQ4e+AzwhXMbkfSGY2jHn+3f8sKwgaaXnuCcdZrPCZ6EAP6Z430hlhCWbtJ5+c1E
vHdtqi+lYyU6jCLH2rify+O+UvYeFofTnHOoTc8ngw63myd/dlk93E68RMVAW3lb
/0Ivzv0Nn1dJl4CL9iv5gypVann1tMxQ2MRYEV5Bv0udPsaNhPDJFawRIQhaCKl/
A9OaooJzbaXqf7LMEGGNAI2FFqFoXufFsyaNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUygQXwxDxJsrBK8gMoASJFL7MaqEwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC95Z1FYd3hEeEpzckJLOGdNb0FT
SkZMN01hcUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0So
MA0GCSqGSIb3DQEBCwUAA4IBAQALSKNMpgKna6GVb9+ymdvMMDf5sMVg2Hut1CWK
6pcISbqPtwRrUAPdg+g8Hn7RnaKhzJkCST8lOdR2+837siXGoazfQsRK4jtJgY8j
W5SJn3NHgH1ic/tMz/dZD5Vgx4NYetUgY+8MGJZ/WBVYD5KCJvCmehnG1dKhcX6I
QBYh8ytQIscylW7oUoTxlOxhpJjG63Ova7Z+czWShom/+S2FSAaVCcPT9dPTpdnS
8dFdKNTDxLAHEPbP6M3dC8o9epDj6PYg/pqkVSI0IskUrt4sJd98MflB9EXR0tc+
NKpPnwrhrllKp1Mi5YNN3NZj2ax3WbHZ/8Aqe7IJmE2IG6Lg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org