Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/iqnB2D7u_fWQSGbCC_oe_HVOHNc.roa
File:                     iqnB2D7u_fWQSGbCC_oe_HVOHNc.roa (raw, json)
Hash identifier:          flT2bhXWEFoUmchS/9YD4qQvDIcq3GJ3X+OlyVCYFaI=
Subject key identifier:   8A:A9:C1:D8:3E:EE:FD:F5:90:48:66:C2:0B:FA:1E:FC:75:4E:1C:D7
Certificate issuer:       /CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC
Certificate serial:       05A7
Authority key identifier: CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/iqnB2D7u_fWQSGbCC_oe_HVOHNc.roa
Signing time:             Thu 14 Oct 2021 05:55:00 +0000
ROA not before:           Thu 14 Oct 2021 05:55:00 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9678
IP address blocks:        103.150.37.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1447 (0x5a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC
        Validity
            Not Before: Oct 14 05:55:00 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=8AA9C1D83EEEFDF5904866C20BFA1EFC754E1CD7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:23:3f:1f:cd:b2:0e:8c:80:61:d8:39:a9:8c:
                    a8:ec:9e:70:41:c5:2e:90:a3:04:70:fe:55:7d:d0:
                    4e:76:94:90:44:04:f6:74:35:72:e7:02:f1:10:5e:
                    b1:35:7b:0c:76:85:e6:a1:26:48:97:45:94:1a:de:
                    ba:ac:0d:c4:de:6f:7d:0e:17:dc:44:75:fd:32:a1:
                    35:10:13:62:26:16:23:61:9e:7d:1a:d1:e2:53:d3:
                    31:86:87:96:f1:76:6f:44:7d:cd:f4:27:3f:09:ed:
                    8c:67:e7:9a:3b:18:3a:61:d7:9f:85:a3:16:07:d5:
                    c3:72:9f:83:e7:f0:2c:36:fe:f2:1c:c1:1d:42:35:
                    7f:82:17:9e:8f:8a:0b:7c:93:23:21:57:05:83:76:
                    16:42:f1:f5:33:61:72:73:f6:21:c3:58:9c:cf:1f:
                    16:bb:a3:de:71:ff:26:b9:5c:8f:f8:1c:b8:6f:db:
                    3a:2e:8b:e8:20:a1:0d:06:5b:c4:d2:dd:02:23:6d:
                    9e:ea:47:cc:50:8d:e3:fc:07:69:92:8a:a4:df:df:
                    94:29:b6:d0:e8:ba:13:e2:d6:3b:e6:08:d1:80:a8:
                    43:bb:9b:ff:ec:8d:7b:3a:60:1c:bd:ca:82:7f:b2:
                    28:d5:3b:6c:64:c2:dd:b7:5a:3e:ad:5b:6f:1b:23:
                    9d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:A9:C1:D8:3E:EE:FD:F5:90:48:66:C2:0B:FA:1E:FC:75:4E:1C:D7
            X509v3 Authority Key Identifier:
                keyid:CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/iqnB2D7u_fWQSGbCC_oe_HVOHNc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.150.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:44:13:be:52:2c:8b:50:34:94:c7:49:ed:4a:89:3e:5b:19:
         d8:86:ad:bb:b8:31:7d:eb:80:48:dd:f6:7c:2b:52:c5:d3:9b:
         0a:79:7c:87:e8:59:80:ad:85:22:f6:70:71:29:4c:ce:a5:0c:
         ac:21:62:bb:33:c6:aa:26:cd:dd:e9:1c:ee:57:f3:e6:a6:b9:
         2f:5f:78:48:e9:3e:bf:07:73:19:1c:ce:81:e4:98:c5:7a:fc:
         73:a4:53:bf:0d:ff:be:0e:7e:87:b9:20:dc:e1:8c:3c:9e:2f:
         24:db:d0:66:4c:95:3d:30:52:d4:99:7f:ae:d6:3a:f3:67:28:
         e0:7c:bf:23:33:18:99:55:e4:d2:42:fa:2b:df:33:11:a9:c4:
         83:e4:60:f8:eb:c2:5b:2b:08:ba:fc:a6:42:5f:d7:6e:47:1d:
         eb:6b:f4:e7:91:69:73:40:38:f4:a3:72:5f:7e:09:28:94:8c:
         9e:d5:38:f5:6d:2b:1d:a1:58:17:2e:50:c3:24:c2:be:7d:8b:
         7e:bb:c6:42:9a:03:49:eb:b2:bb:5d:06:56:47:f6:5b:19:51:
         f0:0f:86:b8:70:98:bb:24:91:68:97:d6:b2:bd:36:e8:6b:e9:
         dc:c8:b8:4a:3e:91:9a:1d:1a:21:a6:90:8a:6b:70:68:a8:0c:
         49:41:2d:1d
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICBacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0FE
NTI3MDIyQzhDRDA3NTY4RUM5RkM4MkExQ0UwRERFNUIyQzRBQzAeFw0yMTEwMTQw
NTU1MDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDhBQTlDMUQ4M0VFRUZE
RjU5MDQ4NjZDMjBCRkExRUZDNzU0RTFDRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrIz8fzbIOjIBh2DmpjKjsnnBBxS6QowRw/lV90E52lJBEBPZ0
NXLnAvEQXrE1ewx2heahJkiXRZQa3rqsDcTeb30OF9xEdf0yoTUQE2ImFiNhnn0a
0eJT0zGGh5bxdm9Efc30Jz8J7Yxn55o7GDph15+FoxYH1cNyn4Pn8Cw2/vIcwR1C
NX+CF56Pigt8kyMhVwWDdhZC8fUzYXJz9iHDWJzPHxa7o95x/ya5XI/4HLhv2zou
i+ggoQ0GW8TS3QIjbZ7qR8xQjeP8B2mSiqTf35QpttDouhPi1jvmCNGAqEO7m//s
jXs6YBy9yoJ/sijVO2xkwt23Wj6tW28bI53pAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUiqnB2D7u/fWQSGbCC/oe/HVOHNcwHwYDVR0jBBgwFoAUytUnAiyM0HVo7J/I
Khzg3eWyxKwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdCRVNU
V0FSRS95dFVuQWl5TTBIVm83Sl9JS2h6ZzNlV3l4S3cuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL3l0VW5BaXlNMEhWbzdKX0lLaHpnM2VXeXhLdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXQkVTVFdBUkUvaXFuQjJEN3Vf
ZldRU0diQ0Nfb2VfSFZPSE5jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAGeWJTANBgkqhkiG9w0BAQsFAAOCAQEAe0QTvlIsi1A0lMdJ7UqJPlsZ
2Iatu7gxfeuASN32fCtSxdObCnl8h+hZgK2FIvZwcSlMzqUMrCFiuzPGqibN3ekc
7lfz5qa5L194SOk+vwdzGRzOgeSYxXr8c6RTvw3/vg5+h7kg3OGMPJ4vJNvQZkyV
PTBS1Jl/rtY682co4Hy/IzMYmVXk0kL6K98zEanEg+Rg+OvCWysIuvymQl/Xbkcd
62v055Fpc0A49KNyX34JKJSMntU49W0rHaFYFy5QwyTCvn2LfrvGQpoDSeuyu10G
Vkf2WxlR8A+GuHCYuySRaJfWsr026Gvp3Mi4Sj6Rmh0aIaaQimtwaKgMSUEtHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org