Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/zIkNzdbUC1FRB0Hl94MVz336J2Y.roa
File:                     zIkNzdbUC1FRB0Hl94MVz336J2Y.roa (raw, json)
Hash identifier:          J+/ZXRadxDJLDyrtBysO3RFs8dPR9E6MkbY3FC+7RGc=
Subject key identifier:   CC:89:0D:CD:D6:D4:0B:51:51:07:41:E5:F7:83:15:CF:7D:FA:27:66
Certificate issuer:       /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial:       0969
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/zIkNzdbUC1FRB0Hl94MVz336J2Y.roa
Signing time:             Wed 29 Sep 2021 02:53:11 +0000
ROA not before:           Wed 29 Sep 2021 02:53:11 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     20473
IP address blocks:        103.129.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2409 (0x969)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
        Validity
            Not Before: Sep 29 02:53:11 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=CC890DCDD6D40B51510741E5F78315CF7DFA2766
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:fb:17:23:33:c9:af:73:12:27:e6:b8:c3:24:
                    5f:86:81:60:bf:75:a4:3e:42:89:93:c5:ee:bd:97:
                    48:09:b7:5f:4a:37:bc:65:1c:27:5f:cf:f5:92:3d:
                    64:d2:69:90:3f:6d:59:cc:ff:14:93:93:98:ac:70:
                    5d:e9:c2:bb:74:bb:83:20:e2:47:5e:8a:a5:a0:c0:
                    50:e3:39:9d:0f:08:e6:04:37:05:6c:68:48:d4:8a:
                    73:87:a9:4e:3a:63:f3:a2:e8:8d:d7:f2:d2:2c:02:
                    79:88:1d:09:22:e3:02:f6:99:fa:c2:e9:0f:ac:0a:
                    8e:ce:6c:7e:fb:81:b8:9a:24:a3:ca:29:97:87:a1:
                    45:9e:e2:81:ae:c4:08:a3:3a:65:69:50:6f:b3:24:
                    45:c9:34:5e:98:a9:1a:62:15:b5:21:f4:91:db:af:
                    14:0c:53:c4:ee:b4:9b:76:ce:15:2a:b5:cd:bc:ed:
                    8f:8b:99:a0:e8:a0:42:91:c7:65:6c:3b:9c:c8:5d:
                    f3:b2:ba:3c:f8:0a:d4:35:de:5a:a9:87:8d:30:5f:
                    c8:b7:62:c9:3a:8c:71:4f:76:c3:7b:84:4b:da:6f:
                    d1:7f:e3:69:1b:f1:ed:9e:99:b6:4d:70:9d:64:7e:
                    8c:78:dd:46:6c:70:4a:d6:96:1e:b7:7a:14:94:07:
                    9a:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:89:0D:CD:D6:D4:0B:51:51:07:41:E5:F7:83:15:CF:7D:FA:27:66
            X509v3 Authority Key Identifier:
                keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/zIkNzdbUC1FRB0Hl94MVz336J2Y.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.129.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:72:6e:74:75:15:61:50:7c:7f:6a:14:30:09:e6:27:51:d6:
         f9:fc:f4:79:b7:79:08:9a:d2:7b:40:d6:5e:0d:6e:5f:49:5a:
         46:b0:11:9b:68:ab:7d:a4:3a:fa:95:e1:0f:3d:7c:e3:c0:ee:
         c3:b0:c7:8e:e9:64:cc:7f:f2:4c:79:ac:13:e9:58:76:44:b0:
         35:6c:0e:48:a9:09:af:75:f3:4f:f5:6a:49:bb:e4:69:98:e7:
         a4:68:9c:07:13:70:a9:8d:3f:60:7a:6c:f8:a7:b6:00:46:3c:
         26:f4:cb:8d:e4:a0:aa:04:6a:0c:b4:9b:ca:13:03:99:85:af:
         6e:c6:fe:48:ad:f2:4f:f9:4a:ca:21:44:9e:6b:e2:f5:e3:cd:
         2d:b6:7b:0d:0e:74:30:fa:a1:3c:5d:3b:eb:77:b7:fe:22:3c:
         3b:0f:2d:b4:e3:f7:ff:98:08:73:55:69:3b:8c:05:77:aa:dc:
         f8:b4:92:40:03:24:cb:29:d4:c0:2e:cd:5a:7d:9d:e0:97:5c:
         95:9b:d3:d2:37:ff:aa:d9:9d:bb:08:42:13:f2:70:e0:ea:19:
         e9:3b:7f:ad:65:48:a6:04:07:79:40:3b:32:66:93:97:b5:1f:
         0b:26:28:de:e6:53:9b:95:dc:90:88:0b:b6:51:24:ba:f5:27:
         06:26:5b:d8
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCWkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMTA5Mjkw
MjUzMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENDODkwRENERDZENDBC
NTE1MTA3NDFFNUY3ODMxNUNGN0RGQTI3NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1+xcjM8mvcxIn5rjDJF+GgWC/daQ+QomTxe69l0gJt19KN7xl
HCdfz/WSPWTSaZA/bVnM/xSTk5iscF3pwrt0u4Mg4kdeiqWgwFDjOZ0PCOYENwVs
aEjUinOHqU46Y/Oi6I3X8tIsAnmIHQki4wL2mfrC6Q+sCo7ObH77gbiaJKPKKZeH
oUWe4oGuxAijOmVpUG+zJEXJNF6YqRpiFbUh9JHbrxQMU8TutJt2zhUqtc287Y+L
maDooEKRx2VsO5zIXfOyujz4CtQ13lqph40wX8i3Ysk6jHFPdsN7hEvab9F/42kb
8e2embZNcJ1kfox43UZscErWlh63ehSUB5qhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUzIkNzdbUC1FRB0Hl94MVz336J2YwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL3pJa056ZGJVQzFGUkIwSGw5NE1WejMz
NkoyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZMwDQYJ
KoZIhvcNAQELBQADggEBAHVybnR1FWFQfH9qFDAJ5idR1vn89Hm3eQia0ntA1l4N
bl9JWkawEZtoq32kOvqV4Q89fOPA7sOwx47pZMx/8kx5rBPpWHZEsDVsDkipCa91
80/1akm75GmY56RonAcTcKmNP2B6bPintgBGPCb0y43koKoEagy0m8oTA5mFr27G
/kit8k/5SsohRJ5r4vXjzS22ew0OdDD6oTxdO+t3t/4iPDsPLbTj9/+YCHNVaTuM
BXeq3Pi0kkADJMsp1MAuzVp9neCXXJWb09I3/6rZnbsIQhPycODqGek7f61lSKYE
B3lAOzJmk5e1HwsmKN7mU5uV3JCIC7ZRJLr1JwYmW9g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org