Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/L6MTZ6Cpqye8NkCnMp8HmjVh2GY.roa
File:                     L6MTZ6Cpqye8NkCnMp8HmjVh2GY.roa (raw, json)
Hash identifier:          l5bt6f4bitNMSDhZg4Sw6DWgIa2Isq0G485uR74VWtM=
Subject key identifier:   2F:A3:13:67:A0:A9:AB:27:BC:36:40:A7:32:9F:07:9A:35:61:D8:66
Certificate issuer:       /CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC
Certificate serial:       0688
Authority key identifier: CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/L6MTZ6Cpqye8NkCnMp8HmjVh2GY.roa
Signing time:             Thu 15 Sep 2022 02:37:15 +0000
ROA not before:           Thu 15 Sep 2022 02:37:15 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9678
IP address blocks:        103.150.36.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1672 (0x688)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC
        Validity
            Not Before: Sep 15 02:37:15 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=2FA31367A0A9AB27BC3640A7329F079A3561D866
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:80:3d:62:4e:22:a7:14:09:39:4f:04:e8:32:
                    9c:d6:46:6b:ef:3c:48:a1:eb:38:3f:3b:85:47:23:
                    a0:47:ac:4a:34:d4:3c:25:8e:0d:eb:36:fc:be:3c:
                    c3:6c:b6:84:07:0f:4d:70:17:0c:c9:6e:c8:32:dc:
                    58:96:dd:66:73:f9:2a:d0:5d:f0:7b:8d:b6:4e:8b:
                    18:98:b2:0f:34:56:15:7c:60:f6:d0:c4:77:7f:be:
                    55:3f:d0:d2:76:46:d1:86:08:34:9d:d7:8a:4b:a8:
                    5d:7b:43:aa:6b:75:61:77:9b:f7:3f:04:20:1b:8c:
                    52:ac:a2:ed:eb:0b:f4:40:5b:ec:63:d0:68:60:ab:
                    95:28:b8:d7:05:ab:36:d1:92:b1:29:77:9f:14:0c:
                    e0:2b:ec:a5:49:2a:6b:97:78:46:b0:04:1c:33:70:
                    63:46:e2:44:c8:d0:9e:23:76:43:22:fb:66:2d:d3:
                    86:d4:21:da:cc:91:3a:59:d5:3e:35:8e:cb:9c:b1:
                    d4:d7:d0:4d:9e:fc:ee:53:64:53:8c:34:ee:1f:2e:
                    b2:ca:58:f4:5a:c9:29:ec:84:11:97:02:5c:20:61:
                    db:20:c9:20:e0:e0:fd:d1:18:b2:7c:91:53:6b:78:
                    1b:db:40:c5:67:1e:0d:91:59:5c:6e:e7:bf:f4:5f:
                    15:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:A3:13:67:A0:A9:AB:27:BC:36:40:A7:32:9F:07:9A:35:61:D8:66
            X509v3 Authority Key Identifier:
                keyid:CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/L6MTZ6Cpqye8NkCnMp8HmjVh2GY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.150.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:ff:cf:60:60:24:4d:e3:f4:99:a7:0d:a0:f7:f4:19:8e:12:
         83:98:94:bc:36:3b:ba:41:ae:d7:de:13:df:2c:ba:e4:87:be:
         40:fc:1c:28:56:aa:70:ce:0d:4b:64:68:6b:84:87:4f:59:41:
         c1:8a:de:08:48:0e:29:58:57:f3:3e:9e:20:b1:ce:bf:d3:8f:
         af:8e:77:33:e6:61:5b:61:00:b8:08:2c:bd:c0:47:e2:9e:d9:
         50:8b:11:9e:46:81:a8:9b:61:f2:d7:d0:03:75:0e:6a:0c:f6:
         67:16:25:f6:47:d7:01:8a:e2:5d:96:6b:b3:19:b1:6a:a0:06:
         9c:d5:3a:14:13:01:09:57:36:60:59:66:d1:5e:c5:f5:bf:93:
         3a:40:cc:e1:fc:a4:b6:4e:46:f3:d6:79:93:91:bf:48:a8:90:
         32:af:46:5b:17:e6:49:c0:fd:a7:48:76:a4:be:6c:a1:d9:e4:
         76:16:87:63:5c:fe:bc:e0:69:b5:63:01:03:b4:db:84:d2:4f:
         42:eb:44:ec:fb:d7:ce:a6:7f:01:26:7f:94:8b:7a:77:80:6d:
         32:b4:b7:fa:68:cf:97:7b:d5:dc:45:eb:60:c3:01:22:fa:d6:
         c1:58:4a:01:ef:2a:11:41:28:72:ea:34:4e:61:4c:ff:bd:03:
         b6:be:ea:f2
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICBogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0FE
NTI3MDIyQzhDRDA3NTY4RUM5RkM4MkExQ0UwRERFNUIyQzRBQzAeFw0yMjA5MTUw
MjM3MTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJGQTMxMzY3QTBBOUFC
MjdCQzM2NDBBNzMyOUYwNzlBMzU2MUQ4NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOgD1iTiKnFAk5TwToMpzWRmvvPEih6zg/O4VHI6BHrEo01Dwl
jg3rNvy+PMNstoQHD01wFwzJbsgy3FiW3WZz+SrQXfB7jbZOixiYsg80VhV8YPbQ
xHd/vlU/0NJ2RtGGCDSd14pLqF17Q6prdWF3m/c/BCAbjFKsou3rC/RAW+xj0Ghg
q5UouNcFqzbRkrEpd58UDOAr7KVJKmuXeEawBBwzcGNG4kTI0J4jdkMi+2Yt04bU
IdrMkTpZ1T41jsucsdTX0E2e/O5TZFOMNO4fLrLKWPRaySnshBGXAlwgYdsgySDg
4P3RGLJ8kVNreBvbQMVnHg2RWVxu57/0XxXdAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUL6MTZ6Cpqye8NkCnMp8HmjVh2GYwHwYDVR0jBBgwFoAUytUnAiyM0HVo7J/I
Khzg3eWyxKwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdCRVNU
V0FSRS95dFVuQWl5TTBIVm83Sl9JS2h6ZzNlV3l4S3cuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL3l0VW5BaXlNMEhWbzdKX0lLaHpnM2VXeXhLdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXQkVTVFdBUkUvTDZNVFo2Q3Bx
eWU4TmtDbk1wOEhtalZoMkdZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAGeWJDANBgkqhkiG9w0BAQsFAAOCAQEAm//PYGAkTeP0macNoPf0GY4S
g5iUvDY7ukGu194T3yy65Ie+QPwcKFaqcM4NS2Roa4SHT1lBwYreCEgOKVhX8z6e
ILHOv9OPr453M+ZhW2EAuAgsvcBH4p7ZUIsRnkaBqJth8tfQA3UOagz2ZxYl9kfX
AYriXZZrsxmxaqAGnNU6FBMBCVc2YFlm0V7F9b+TOkDM4fyktk5G89Z5k5G/SKiQ
Mq9GWxfmScD9p0h2pL5sodnkdhaHY1z+vOBptWMBA7TbhNJPQutE7PvXzqZ/ASZ/
lIt6d4BtMrS3+mjPl3vV3EXrYMMBIvrWwVhKAe8qEUEocuo0TmFM/70Dtr7q8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org