Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/E6vZogOnb7uf0VAb1B1jhh7XWNI.roa
File:                     E6vZogOnb7uf0VAb1B1jhh7XWNI.roa (raw, json)
Hash identifier:          i9DZiS9v1d8sa/2X5jv8uy429VB3WF1CzQYmpGGbk2Y=
Subject key identifier:   13:AB:D9:A2:03:A7:6F:BB:9F:D1:50:1B:D4:1D:63:86:1E:D7:58:D2
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       0643
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/E6vZogOnb7uf0VAb1B1jhh7XWNI.roa
Signing time:             Sun 07 Feb 2021 12:48:25 +0000
ROA not before:           Sun 07 Feb 2021 12:48:25 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131668
IP address blocks:        103.147.22.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1603 (0x643)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Feb  7 12:48:25 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=13ABD9A203A76FBB9FD1501BD41D63861ED758D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:64:3f:b7:c4:c6:b4:01:e4:ea:3b:78:e7:2f:
                    9a:35:85:2f:39:6e:10:d5:ac:a3:18:a2:24:7a:b3:
                    c6:39:d2:d9:ad:56:80:a3:24:11:83:30:1d:47:84:
                    bb:7e:8c:2d:14:61:a8:43:a3:63:13:02:c7:d3:27:
                    d1:7a:3b:5d:f6:fa:b1:58:20:7e:6f:0d:2b:4f:68:
                    3e:ac:67:f8:e9:00:a2:47:2d:b5:47:93:5b:3e:b9:
                    d0:d7:17:b2:6a:fd:20:86:dc:5a:71:8a:6a:3d:60:
                    f1:7d:52:13:43:9b:7d:0b:e1:70:2e:12:5f:e9:cf:
                    55:1f:89:fd:fb:ae:57:ca:ab:60:52:a6:b1:08:9b:
                    bf:d3:e5:46:bf:79:6f:19:cc:82:6c:fb:9d:c6:de:
                    27:28:78:70:cb:98:6b:14:36:c1:31:d1:5c:53:06:
                    5f:8f:16:4f:3c:8d:6b:f3:4a:49:a9:12:66:16:cf:
                    65:f7:2d:d6:16:3b:cb:e7:b1:b8:69:47:f5:7a:54:
                    30:40:c1:89:13:cc:d9:a6:75:59:38:65:05:06:80:
                    fb:4d:68:fb:ec:5d:e5:95:bc:b2:11:70:6e:83:4b:
                    dc:3a:e7:21:53:60:fb:04:0c:b4:27:2e:5b:f6:40:
                    32:4e:ef:48:9a:68:0a:b1:58:c3:46:69:23:00:0a:
                    c6:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:AB:D9:A2:03:A7:6F:BB:9F:D1:50:1B:D4:1D:63:86:1E:D7:58:D2
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/E6vZogOnb7uf0VAb1B1jhh7XWNI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c5:19:3b:51:f2:f6:9b:d1:d0:2d:21:7c:37:d8:dd:b3:b4:3b:
         05:7d:d2:e1:1b:65:41:ff:97:23:f0:30:44:0b:9c:8c:3c:a6:
         2b:02:39:81:24:d1:99:48:76:ef:67:fd:9b:9c:23:f1:f2:82:
         35:60:35:c8:fe:43:97:98:60:a2:3d:fe:0f:fc:73:40:15:ce:
         58:74:21:0d:d0:ff:c2:e6:61:a3:ca:aa:aa:d3:58:32:1c:13:
         88:4d:78:0d:e9:b9:a1:68:54:4b:41:71:00:cb:c5:f9:ad:61:
         e3:db:32:89:80:2c:cd:59:2c:eb:22:69:ef:ce:1a:37:c5:f0:
         61:72:9a:eb:1a:77:79:73:3d:21:03:06:7a:05:58:2c:28:4b:
         bf:c5:11:65:85:bf:0b:29:ed:41:50:b6:af:e6:65:e3:bc:75:
         0a:bf:9f:db:89:a8:21:9a:51:46:19:e1:0f:f4:dc:b5:ff:b9:
         36:b7:64:35:c8:19:df:bb:86:f5:73:fb:75:e2:4a:a3:85:ae:
         be:2f:34:e1:aa:3a:2e:e5:dc:33:cf:3b:e3:98:40:f3:d0:18:
         3c:88:b2:a8:45:70:b6:42:43:34:fc:0f:bf:d6:c2:1f:4f:6f:
         26:54:57:0f:05:e0:df:52:4d:1d:8c:cd:67:4b:07:1b:e1:73:
         89:8b:7c:2f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICBkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMTAyMDcx
MjQ4MjVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDEzQUJEOUEyMDNBNzZG
QkI5RkQxNTAxQkQ0MUQ2Mzg2MUVENzU4RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqZD+3xMa0AeTqO3jnL5o1hS85bhDVrKMYoiR6s8Y50tmtVoCj
JBGDMB1HhLt+jC0UYahDo2MTAsfTJ9F6O132+rFYIH5vDStPaD6sZ/jpAKJHLbVH
k1s+udDXF7Jq/SCG3Fpximo9YPF9UhNDm30L4XAuEl/pz1Ufif37rlfKq2BSprEI
m7/T5Ua/eW8ZzIJs+53G3icoeHDLmGsUNsEx0VxTBl+PFk88jWvzSkmpEmYWz2X3
LdYWO8vnsbhpR/V6VDBAwYkTzNmmdVk4ZQUGgPtNaPvsXeWVvLIRcG6DS9w65yFT
YPsEDLQnLlv2QDJO70iaaAqxWMNGaSMACsb9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUE6vZogOnb7uf0VAb1B1jhh7XWNIwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvRTZ2Wm9nT25iN3VmMFZBYjFCMWpo
aDdYV05JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeTFjAN
BgkqhkiG9w0BAQsFAAOCAQEAxRk7UfL2m9HQLSF8N9jds7Q7BX3S4RtlQf+XI/Aw
RAucjDymKwI5gSTRmUh272f9m5wj8fKCNWA1yP5Dl5hgoj3+D/xzQBXOWHQhDdD/
wuZho8qqqtNYMhwTiE14Dem5oWhUS0FxAMvF+a1h49syiYAszVks6yJp784aN8Xw
YXKa6xp3eXM9IQMGegVYLChLv8URZYW/CyntQVC2r+Zl47x1Cr+f24moIZpRRhnh
D/Tctf+5NrdkNcgZ37uG9XP7deJKo4Wuvi804ao6LuXcM88745hA89AYPIiyqEVw
tkJDNPwPv9bCH09vJlRXDwXg31JNHYzNZ0sHG+FziYt8Lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org