Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/mf0ATo1JdU-PJq-1vXeqd16eNfA.roa
File:                     mf0ATo1JdU-PJq-1vXeqd16eNfA.roa (raw, json)
Hash identifier:          KxPihFAy3NldJCvjmZf9mkSWeDo3S7ooGXhyGqBI724=
Subject key identifier:   99:FD:00:4E:8D:49:75:4F:8F:26:AF:B5:BD:77:AA:77:5E:9E:35:F0
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1D15
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/mf0ATo1JdU-PJq-1vXeqd16eNfA.roa
Signing time:             Wed 29 Sep 2021 02:48:36 +0000
ROA not before:           Wed 29 Sep 2021 02:48:36 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        106.1.101.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7445 (0x1d15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:48:36 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=99FD004E8D49754F8F26AFB5BD77AA775E9E35F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:36:5a:2c:6b:5f:92:82:3a:77:30:b1:26:c1:
                    fd:b2:1d:3a:22:ce:e8:c6:fe:eb:6d:05:ae:f1:bc:
                    a9:f1:55:c4:6a:e1:f0:23:13:15:dc:8e:24:d5:32:
                    c7:cc:6b:15:d8:ee:d3:2e:f9:bc:29:61:ae:11:0c:
                    54:b1:68:97:9f:4d:05:bf:c4:77:f4:40:6b:12:17:
                    dc:72:47:95:86:46:22:0a:1d:5d:93:db:5f:4e:df:
                    7c:0f:6b:80:a0:e7:dc:d2:36:db:01:1d:e0:32:c9:
                    0c:22:03:09:66:3e:a3:75:f9:ff:f7:0a:d3:f6:42:
                    41:48:16:1e:c8:c7:ba:af:f8:0c:3e:dc:9d:9d:be:
                    b9:83:14:6b:6f:ac:56:0d:43:ee:f9:ff:69:16:3b:
                    fd:b1:4d:9c:f4:06:d0:57:86:f0:f1:4d:d8:a0:ae:
                    50:70:64:ca:a4:0f:3a:86:51:36:b6:90:90:da:34:
                    66:99:de:a4:de:94:83:cb:0e:39:bd:4d:3d:92:69:
                    a9:88:f5:77:a6:65:18:f3:e5:1e:ed:56:0d:3f:f3:
                    b3:51:00:dc:f6:0e:72:0f:32:5a:bc:c0:09:b2:0d:
                    61:ac:95:60:74:fa:f5:e5:22:04:62:d7:80:20:2c:
                    2f:96:74:6b:7d:e3:6a:4e:3f:0e:73:85:40:6a:a5:
                    17:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:FD:00:4E:8D:49:75:4F:8F:26:AF:B5:BD:77:AA:77:5E:9E:35:F0
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/mf0ATo1JdU-PJq-1vXeqd16eNfA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.1.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:78:b8:34:96:79:1c:58:d7:51:39:26:4c:3f:70:99:f1:60:
         08:51:49:1e:f6:62:51:8a:7f:9d:ac:4b:9d:64:27:7d:d1:96:
         a3:2b:2c:39:58:3e:39:a9:4e:92:83:e8:f7:ea:2c:32:38:de:
         74:8d:b1:40:aa:ef:0a:62:21:a6:4e:65:5b:e4:14:9a:30:d6:
         f3:e6:27:b1:96:4b:51:56:e9:b9:94:e1:84:00:17:58:10:9c:
         75:1a:4b:88:9c:71:0d:3f:9d:44:af:7a:8e:18:cb:80:e4:25:
         c0:46:be:13:44:35:ca:b2:71:1d:cb:61:0d:64:7b:6d:1c:87:
         bb:db:7c:31:6c:5d:17:44:59:4d:75:5c:e4:f3:2b:e7:22:fd:
         9f:7e:fa:4b:92:37:0b:06:00:65:31:b5:66:8d:ec:82:c6:72:
         4d:8d:e5:b7:a8:45:ae:54:11:d2:0f:de:2b:8c:b5:40:f9:bc:
         7d:22:2d:a9:c9:f8:56:bf:86:59:3e:df:25:ef:47:a1:51:e1:
         a8:9f:35:e7:20:3a:7a:6b:64:70:3a:0e:1a:43:b6:6c:59:52:
         8f:4f:a1:11:1d:d4:ea:b4:24:24:be:fd:60:a4:7b:51:a8:1c:
         7f:b5:18:a3:dd:0c:f1:05:68:fa:57:97:fd:76:b9:3e:3a:10:
         55:3a:e6:90
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHRUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ4MzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk5RkQwMDRFOEQ0OTc1
NEY4RjI2QUZCNUJENzdBQTc3NUU5RTM1RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJNlosa1+Sgjp3MLEmwf2yHToizujG/uttBa7xvKnxVcRq4fAj
ExXcjiTVMsfMaxXY7tMu+bwpYa4RDFSxaJefTQW/xHf0QGsSF9xyR5WGRiIKHV2T
219O33wPa4Cg59zSNtsBHeAyyQwiAwlmPqN1+f/3CtP2QkFIFh7Ix7qv+Aw+3J2d
vrmDFGtvrFYNQ+75/2kWO/2xTZz0BtBXhvDxTdigrlBwZMqkDzqGUTa2kJDaNGaZ
3qTelIPLDjm9TT2SaamI9XemZRjz5R7tVg0/87NRANz2DnIPMlq8wAmyDWGslWB0
+vXlIgRi14AgLC+WdGt942pOPw5zhUBqpRdzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmf0ATo1JdU+PJq+1vXeqd16eNfAwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL21mMEFUbzFKZFUtUEpxLTF2
WGVxZDE2ZU5mQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABq
AWUwDQYJKoZIhvcNAQELBQADggEBADJ4uDSWeRxY11E5Jkw/cJnxYAhRSR72YlGK
f52sS51kJ33RlqMrLDlYPjmpTpKD6PfqLDI43nSNsUCq7wpiIaZOZVvkFJow1vPm
J7GWS1FW6bmU4YQAF1gQnHUaS4iccQ0/nUSveo4Yy4DkJcBGvhNENcqycR3LYQ1k
e20ch7vbfDFsXRdEWU11XOTzK+ci/Z9++kuSNwsGAGUxtWaN7ILGck2N5beoRa5U
EdIP3iuMtUD5vH0iLanJ+Fa/hlk+3yXvR6FR4aifNecgOnprZHA6DhpDtmxZUo9P
oREd1Oq0JCS+/WCke1GoHH+1GKPdDPEFaPpXl/12uT46EFU65pA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:39 2024 by rpki-client on console-ams.rpki-client.org