Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/0JRcEm3Ka7xgZGSE9L7PpTkz5ww.roa
File:                     0JRcEm3Ka7xgZGSE9L7PpTkz5ww.roa (raw, json)
Hash identifier:          VlClO9pmu+jS6RvG3G79Ajuz/SJl8iM+meCZbBod4QY=
Subject key identifier:   D0:94:5C:12:6D:CA:6B:BC:60:64:64:84:F4:BE:CF:A5:39:33:E7:0C
Certificate issuer:       /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial:       0968
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0JRcEm3Ka7xgZGSE9L7PpTkz5ww.roa
Signing time:             Wed 29 Sep 2021 02:53:11 +0000
ROA not before:           Wed 29 Sep 2021 02:53:11 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131639
IP address blocks:        103.129.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2408 (0x968)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
        Validity
            Not Before: Sep 29 02:53:11 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=D0945C126DCA6BBC60646484F4BECFA53933E70C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:92:43:d4:a5:05:9d:5c:00:15:1c:64:63:2d:
                    4a:11:96:50:c2:a4:e6:21:bb:e8:01:e7:08:fb:af:
                    67:5e:62:44:a4:43:ac:d6:4f:9a:b1:d4:41:35:ff:
                    a7:3c:4c:15:e0:60:a0:8e:03:5f:cf:1e:73:60:90:
                    d8:66:5b:ee:63:67:1f:bb:2f:72:95:ad:99:15:bb:
                    eb:bc:42:93:19:27:20:0b:8c:51:b2:87:9d:c9:50:
                    5f:6c:b8:d3:9a:e6:ec:65:fc:96:1e:0b:a0:33:99:
                    eb:49:b4:92:e9:8b:44:dd:f4:7f:ff:2c:83:7f:03:
                    d7:d7:6f:98:86:6e:72:57:9a:7f:99:a3:64:60:31:
                    0e:cb:d5:05:59:0e:80:07:ac:02:ae:e4:e6:37:58:
                    4d:3a:40:43:ee:f4:00:eb:f2:4c:52:3f:09:31:84:
                    c4:43:3c:4c:e2:8c:61:b9:bb:c1:36:b4:2e:e0:7a:
                    27:be:68:7b:e6:90:46:d6:6f:70:e2:53:9a:83:b7:
                    cc:0d:13:97:cb:0c:3b:39:18:42:9c:7e:13:bc:6e:
                    0e:1b:12:cc:19:42:a0:1d:a1:12:a9:4d:e0:12:21:
                    28:f2:75:c1:1f:0a:c9:44:33:5d:33:b2:37:aa:54:
                    85:47:1a:58:05:f4:4b:39:ba:82:82:cc:6b:37:10:
                    f8:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:94:5C:12:6D:CA:6B:BC:60:64:64:84:F4:BE:CF:A5:39:33:E7:0C
            X509v3 Authority Key Identifier:
                keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0JRcEm3Ka7xgZGSE9L7PpTkz5ww.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.129.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:51:07:5f:f5:84:19:a2:0e:1e:ba:41:21:8a:11:ce:8d:59:
         cf:4a:b4:1b:90:1b:05:01:6e:44:99:7d:4c:61:71:05:31:80:
         98:36:03:99:7b:31:02:f2:bb:d0:9c:8e:e9:5a:65:fd:b8:b3:
         6e:8f:0d:51:8e:66:eb:e4:e9:d2:a4:28:1a:2e:b9:53:9a:9a:
         33:25:cb:60:a7:af:3b:f0:59:54:15:08:3f:70:69:e5:59:ff:
         a4:c9:ab:fd:f2:4e:f8:40:f3:e4:1f:cc:6a:2d:e7:30:a6:0f:
         9f:6c:a1:fd:25:bb:9b:b2:eb:42:cc:97:cc:d2:19:92:fe:f7:
         f4:89:49:29:f6:86:b6:2b:37:16:9c:72:35:51:9b:1d:42:c9:
         b6:81:dc:a3:94:66:c7:65:6c:bb:8f:81:24:ec:65:1a:34:9e:
         91:66:ae:98:f3:fe:91:ce:8a:73:14:a2:ad:5b:2b:c1:4e:e4:
         12:e5:70:ee:f0:ca:70:1d:e1:cf:90:b9:1e:c3:b5:a7:3e:04:
         e6:7a:45:f2:00:8f:92:3b:24:25:32:51:60:56:96:d3:9e:a8:
         ac:9e:3a:0e:da:7e:f7:a2:ef:48:81:a1:bc:91:5c:40:9c:61:
         bb:94:fb:1d:64:4f:b7:eb:40:54:fe:10:88:af:4f:d0:16:fb:
         88:31:49:e4
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMTA5Mjkw
MjUzMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQwOTQ1QzEyNkRDQTZC
QkM2MDY0NjQ4NEY0QkVDRkE1MzkzM0U3MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4kkPUpQWdXAAVHGRjLUoRllDCpOYhu+gB5wj7r2deYkSkQ6zW
T5qx1EE1/6c8TBXgYKCOA1/PHnNgkNhmW+5jZx+7L3KVrZkVu+u8QpMZJyALjFGy
h53JUF9suNOa5uxl/JYeC6AzmetJtJLpi0Td9H//LIN/A9fXb5iGbnJXmn+Zo2Rg
MQ7L1QVZDoAHrAKu5OY3WE06QEPu9ADr8kxSPwkxhMRDPEzijGG5u8E2tC7geie+
aHvmkEbWb3DiU5qDt8wNE5fLDDs5GEKcfhO8bg4bEswZQqAdoRKpTeASISjydcEf
CslEM10zsjeqVIVHGlgF9Es5uoKCzGs3EPhbAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU0JRcEm3Ka7xgZGSE9L7PpTkz5wwwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzBKUmNFbTNLYTd4Z1pHU0U5TDdQcFRr
ejV3dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZIwDQYJ
KoZIhvcNAQELBQADggEBACNRB1/1hBmiDh66QSGKEc6NWc9KtBuQGwUBbkSZfUxh
cQUxgJg2A5l7MQLyu9CcjulaZf24s26PDVGOZuvk6dKkKBouuVOamjMly2Cnrzvw
WVQVCD9waeVZ/6TJq/3yTvhA8+QfzGot5zCmD59sof0lu5uy60LMl8zSGZL+9/SJ
SSn2hrYrNxaccjVRmx1CybaB3KOUZsdlbLuPgSTsZRo0npFmrpjz/pHOinMUoq1b
K8FO5BLlcO7wynAd4c+QuR7Dtac+BOZ6RfIAj5I7JCUyUWBWltOeqKyeOg7afvei
70iBobyRXECcYbuU+x1kT7frQFT+EIivT9AW+4gxSeQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:22 2024 by rpki-client on console-ams.rpki-client.org