Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TTNS/W43jzYXA24ucqrJ7tb-JAN1hWwI.roa
File:                     W43jzYXA24ucqrJ7tb-JAN1hWwI.roa (raw, json)
Hash identifier:          0drYI+qSKO7LdJqb9WRDU0z08RuJsCk4gWTojBJa/VU=
Subject key identifier:   5B:8D:E3:CD:85:C0:DB:8B:9C:AA:B2:7B:B5:BF:89:00:DD:61:5B:02
Certificate issuer:       /CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94
Certificate serial:       EE
Authority key identifier: 29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/W43jzYXA24ucqrJ7tb-JAN1hWwI.roa
Signing time:             Wed 21 Jun 2023 07:52:33 +0000
ROA not before:           Wed 21 Jun 2023 07:52:33 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     31972
IP address blocks:        103.159.206.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 238 (0xee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94
        Validity
            Not Before: Jun 21 07:52:33 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=5B8DE3CD85C0DB8B9CAAB27BB5BF8900DD615B02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ae:df:be:d8:5a:3a:97:7d:e9:db:5d:76:49:
                    ce:88:44:9b:f1:bb:26:6a:67:af:1d:50:a6:1d:41:
                    9f:d4:84:03:13:87:50:d7:01:78:1a:b6:c4:65:a6:
                    c2:97:bb:ab:35:7f:a5:a8:88:28:d1:2b:96:b5:b5:
                    1a:f1:8c:ed:9f:4a:7e:d5:73:3b:93:5a:8a:cb:6e:
                    5c:c4:82:f7:02:8c:e8:b6:87:6f:37:c7:62:d7:b3:
                    c1:5e:44:46:3a:0a:b6:ce:13:52:a6:09:07:14:1d:
                    e5:2c:26:27:1c:28:d9:cc:fd:04:ff:65:c1:18:d5:
                    d8:84:a4:8d:59:47:ed:85:43:d2:d1:b7:72:33:a0:
                    af:48:63:92:b8:c1:43:10:a5:09:18:2d:c5:46:10:
                    ed:ed:04:b4:6c:87:9f:8d:d2:ea:9a:4c:e5:df:c4:
                    d1:98:d8:0a:e3:ae:08:01:d7:b4:11:7c:f2:9a:f9:
                    70:00:57:73:3c:27:f9:47:71:de:d7:2f:e2:ef:64:
                    ea:03:8a:9c:de:3f:87:a4:24:ed:bf:86:df:a0:13:
                    73:68:87:ee:e4:94:7c:23:de:3b:da:12:9c:1a:8e:
                    0e:52:51:fc:4b:19:a7:29:56:5a:f7:40:4b:ee:cc:
                    83:b1:26:35:0b:98:08:e3:1b:a0:1c:e3:24:12:19:
                    6f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:8D:E3:CD:85:C0:DB:8B:9C:AA:B2:7B:B5:BF:89:00:DD:61:5B:02
            X509v3 Authority Key Identifier:
                keyid:29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/W43jzYXA24ucqrJ7tb-JAN1hWwI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:f7:74:0b:de:7f:7b:ec:50:e7:7c:50:0d:74:d4:2c:c2:84:
         f9:6e:32:4a:ec:ee:ae:0b:b9:5f:89:be:33:a6:97:cd:10:fd:
         79:6f:cb:0b:ea:c2:d7:76:81:44:9d:f3:e3:18:a2:ac:cb:e6:
         cf:30:bc:7d:08:24:f2:e3:4f:24:e9:0f:2a:64:df:43:78:4e:
         65:e4:b1:3b:79:02:68:94:14:96:ca:9b:f5:ec:c9:b8:25:ed:
         f7:e6:0f:94:d8:54:22:e7:93:b7:78:c3:e4:51:8d:fc:2b:19:
         99:b2:a4:26:35:72:bd:8a:b9:79:13:36:ae:3b:d2:9f:a0:8a:
         2b:b1:0a:f9:c0:eb:d8:f4:8f:83:be:a5:c5:71:ea:5b:d1:f2:
         a4:5a:98:27:7c:68:6e:2d:84:3b:8d:d2:66:ea:71:90:f6:66:
         a0:ec:01:a5:7c:5c:e7:95:cd:56:22:97:4f:b9:dc:c4:50:29:
         4a:69:13:76:8a:42:fa:f3:db:36:c0:b4:44:52:ab:1b:07:e7:
         a6:10:2c:dd:7b:21:9b:65:22:5d:ea:25:87:b8:2f:57:cf:e6:
         c5:8e:89:f3:34:6d:38:3e:e3:db:45:bc:cb:9c:cd:34:d4:cc:
         0c:b6:57:58:56:19:ab:3f:31:87:64:a9:34:31:a7:da:cc:82:
         77:a5:b1:92
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk4
RUQyRkQ2QUQ1QzVCNTY4N0RGNjE0QTI3NUMyRkM4NDhENEU5NDAeFw0yMzA2MjEw
NzUyMzNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVCOERFM0NEODVDMERC
OEI5Q0FBQjI3QkI1QkY4OTAwREQ2MTVCMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDirt++2Fo6l33p2112Sc6IRJvxuyZqZ68dUKYdQZ/UhAMTh1DX
AXgatsRlpsKXu6s1f6WoiCjRK5a1tRrxjO2fSn7VczuTWorLblzEgvcCjOi2h283
x2LXs8FeREY6CrbOE1KmCQcUHeUsJiccKNnM/QT/ZcEY1diEpI1ZR+2FQ9LRt3Iz
oK9IY5K4wUMQpQkYLcVGEO3tBLRsh5+N0uqaTOXfxNGY2ArjrggB17QRfPKa+XAA
V3M8J/lHcd7XL+LvZOoDipzeP4ekJO2/ht+gE3Noh+7klHwj3jvaEpwajg5SUfxL
GacpVlr3QEvuzIOxJjULmAjjG6Ac4yQSGW8rAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUW43jzYXA24ucqrJ7tb+JAN1hWwIwHwYDVR0jBBgwFoAUKY7S/WrVxbVoffYU
onXC/ISNTpQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFROUy9L
WTdTX1dyVnhiVm9mZllVb25YQ19JU05UcFEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tZN1NfV3JWeGJWb2ZmWVVvblhDX0lTTlRwUS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RUTlMvVzQzanpZWEEyNHVjcXJKN3RiLUpB
TjFoV3dJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWefzjAN
BgkqhkiG9w0BAQsFAAOCAQEAMfd0C95/e+xQ53xQDXTULMKE+W4ySuzurgu5X4m+
M6aXzRD9eW/LC+rC13aBRJ3z4xiirMvmzzC8fQgk8uNPJOkPKmTfQ3hOZeSxO3kC
aJQUlsqb9ezJuCXt9+YPlNhUIueTt3jD5FGN/CsZmbKkJjVyvYq5eRM2rjvSn6CK
K7EK+cDr2PSPg76lxXHqW9HypFqYJ3xobi2EO43SZupxkPZmoOwBpXxc55XNViKX
T7ncxFApSmkTdopC+vPbNsC0RFKrGwfnphAs3Xshm2UiXeolh7gvV8/mxY6J8zRt
OD7j20W8y5zNNNTMDLZXWFYZqz8xh2SpNDGn2syCd6Wxkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-fra.rpki-client.org