Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/MDtxsslIjXqtJFT6_6a4o9JOXnc.roa
File:                     MDtxsslIjXqtJFT6_6a4o9JOXnc.roa (raw, json)
Hash identifier:          bGOkxdXJsbQbY8FK+jCMYkeq6ZiyvjcOo/RPXLi8mSU=
Subject key identifier:   30:3B:71:B2:C9:48:8D:7A:AD:24:54:FA:FF:A6:B8:A3:D2:4E:5E:77
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       20E1
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/MDtxsslIjXqtJFT6_6a4o9JOXnc.roa
Signing time:             Fri 25 Nov 2022 04:39:14 +0000
ROA not before:           Fri 25 Nov 2022 04:39:14 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        180.177.20.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8417 (0x20e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Nov 25 04:39:14 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=303B71B2C9488D7AAD2454FAFFA6B8A3D24E5E77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:7a:31:f1:48:48:f4:82:e7:5d:2c:0d:82:7d:
                    cb:5a:52:77:27:a4:71:e7:73:fc:a7:39:2d:47:0a:
                    65:65:c7:a6:2b:d7:af:62:6b:54:a0:72:a7:ba:96:
                    f1:95:57:a0:6b:30:e9:db:53:8c:22:e7:07:3d:e9:
                    fa:0f:56:d8:d8:b9:39:51:6d:bd:3c:bb:a8:18:be:
                    50:a4:56:0b:3b:fe:77:91:39:cd:d9:21:25:5a:0f:
                    2a:cb:fe:4a:51:e1:98:48:d8:93:d9:e3:26:11:18:
                    cc:d9:41:61:8f:77:f2:01:81:22:37:93:d3:30:f3:
                    21:9e:8c:d3:96:ce:99:47:86:02:c0:f1:51:a0:65:
                    ce:ec:aa:de:29:69:f6:49:cb:3b:36:e1:6f:04:be:
                    2e:13:7e:4c:f0:15:04:d7:14:4b:f6:53:d4:ad:96:
                    bb:d0:19:99:75:44:09:10:11:7a:3f:03:28:97:5b:
                    b6:e0:20:22:bc:d7:0f:7f:3e:5c:42:40:cf:f3:77:
                    59:d5:81:c0:2a:da:0b:cc:f5:1c:01:05:a4:20:b5:
                    af:c4:a3:8d:c9:d7:65:66:33:84:e6:35:08:04:0b:
                    75:e3:dd:4c:f6:3b:6c:16:f9:a3:ea:22:22:8c:7f:
                    c2:8e:08:99:bd:46:75:38:10:65:32:fc:74:98:4e:
                    cf:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:3B:71:B2:C9:48:8D:7A:AD:24:54:FA:FF:A6:B8:A3:D2:4E:5E:77
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/MDtxsslIjXqtJFT6_6a4o9JOXnc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.177.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:7d:3b:fd:81:61:dd:98:8a:20:a9:3d:35:2a:dc:cb:23:c6:
         93:42:af:a2:40:6a:28:2b:91:7c:22:81:b5:c1:7b:85:78:a8:
         3b:af:b3:e1:1e:e6:a2:c7:ca:b2:e7:99:c2:f0:a9:df:cc:6d:
         91:48:23:15:ce:61:dc:5d:c5:a0:6c:13:6b:1b:d1:c7:80:c5:
         dc:e9:8d:8f:98:61:bb:5b:1f:11:5c:12:42:f6:46:1a:72:0f:
         ef:4f:82:19:44:6b:5d:73:bb:77:3c:ec:e9:cc:ca:f0:8d:29:
         7b:da:55:be:26:cb:60:ed:42:f2:75:f0:4f:51:49:fe:5f:0d:
         1a:03:af:4c:f7:83:71:75:d9:85:4e:b2:4c:d6:f1:7a:e2:a1:
         8b:68:c8:28:68:89:69:33:13:d8:2c:7e:4d:c6:9e:f7:67:c7:
         44:c2:76:72:9b:28:7c:5a:5b:b2:26:54:30:0c:0a:c9:1e:0d:
         c3:92:da:76:1c:50:57:97:5c:f7:93:16:c6:85:e9:a6:9b:d6:
         e1:98:f8:7b:29:3c:7b:4e:73:2b:71:93:a7:76:04:8d:8c:8b:
         95:9b:c9:4e:ed:a0:b9:67:bd:30:b0:48:d6:d0:91:25:e3:36:
         47:44:57:97:99:67:da:29:45:ba:91:35:61:a1:1f:30:f3:7b:
         21:17:a5:14
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDM5MTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMwM0I3MUIyQzk0ODhE
N0FBRDI0NTRGQUZGQTZCOEEzRDI0RTVFNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUejHxSEj0guddLA2CfctaUncnpHHnc/ynOS1HCmVlx6Yr169i
a1Sgcqe6lvGVV6BrMOnbU4wi5wc96foPVtjYuTlRbb08u6gYvlCkVgs7/neROc3Z
ISVaDyrL/kpR4ZhI2JPZ4yYRGMzZQWGPd/IBgSI3k9Mw8yGejNOWzplHhgLA8VGg
Zc7sqt4pafZJyzs24W8Evi4TfkzwFQTXFEv2U9StlrvQGZl1RAkQEXo/AyiXW7bg
ICK81w9/PlxCQM/zd1nVgcAq2gvM9RwBBaQgta/Eo43J12VmM4TmNQgEC3Xj3Uz2
O2wW+aPqIiKMf8KOCJm9RnU4EGUy/HSYTs8LAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUMDtxsslIjXqtJFT6/6a4o9JOXncwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL01EdHhzc2xJalhxdEpGVDZf
NmE0bzlKT1huYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK0
sRQwDQYJKoZIhvcNAQELBQADggEBAEZ9O/2BYd2YiiCpPTUq3MsjxpNCr6JAaigr
kXwigbXBe4V4qDuvs+Ee5qLHyrLnmcLwqd/MbZFIIxXOYdxdxaBsE2sb0ceAxdzp
jY+YYbtbHxFcEkL2RhpyD+9PghlEa11zu3c87OnMyvCNKXvaVb4my2DtQvJ18E9R
Sf5fDRoDr0z3g3F12YVOskzW8XrioYtoyChoiWkzE9gsfk3Gnvdnx0TCdnKbKHxa
W7ImVDAMCskeDcOS2nYcUFeXXPeTFsaF6aab1uGY+HspPHtOcytxk6d2BI2Mi5Wb
yU7toLlnvTCwSNbQkSXjNkdEV5eZZ9opRbqRNWGhHzDzeyEXpRQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:51 2024 by rpki-client on console-fra.rpki-client.org