Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/H62AO6T1Spu0DJWsK29wnuUeZsQ.roa
File:                     H62AO6T1Spu0DJWsK29wnuUeZsQ.roa (raw, json)
Hash identifier:          YhhD6n1mqemL29cB/Qg2GANkcQrgLePrEj0qIHa6e3c=
Subject key identifier:   1F:AD:80:3B:A4:F5:4A:9B:B4:0C:95:AC:2B:6F:70:9E:E5:1E:66:C4
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       0809
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/H62AO6T1Spu0DJWsK29wnuUeZsQ.roa
Signing time:             Wed 09 Nov 2022 23:48:48 +0000
ROA not before:           Wed 09 Nov 2022 23:48:48 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131668
IP address blocks:        103.147.22.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2057 (0x809)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Nov  9 23:48:48 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=1FAD803BA4F54A9BB40C95AC2B6F709EE51E66C4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:11:b0:78:be:4a:b8:9b:53:4e:be:75:8d:12:
                    c4:cd:6e:a2:b5:f4:ef:88:8a:83:94:29:92:ae:7e:
                    3f:5d:7e:78:b7:bc:3e:e1:96:a7:4a:0b:c8:36:67:
                    3e:b6:04:79:03:c3:69:8f:e8:39:2a:19:52:13:cc:
                    6f:a1:05:b5:ce:03:24:13:ff:91:01:d4:37:b2:2e:
                    ca:28:6b:93:25:32:7c:e6:a2:14:b9:e1:b0:8e:09:
                    d6:7b:37:ab:69:ea:5b:92:5c:1a:92:7c:d4:21:db:
                    02:96:cb:2b:4a:4d:de:36:69:64:8e:d2:86:52:cb:
                    e4:98:75:7c:80:c8:93:91:7c:18:d2:73:86:14:da:
                    d2:5c:f0:f0:f0:b4:b2:02:18:d3:ed:17:67:39:8f:
                    48:22:aa:26:11:32:ed:ad:16:e2:56:38:29:e2:9b:
                    49:a9:78:fc:ca:db:50:c3:41:7b:12:bf:bf:19:02:
                    f3:67:2a:a6:f4:d9:77:f9:87:c9:55:24:e4:1e:0c:
                    54:2b:0a:33:4f:98:89:8c:dd:d7:a0:ba:fc:55:25:
                    92:3b:3f:da:fc:ca:4d:5a:04:3d:73:31:6d:69:ce:
                    e9:95:2a:7a:0b:28:04:ea:4c:58:dc:fa:9a:36:33:
                    4c:9f:fb:d8:75:a9:19:de:f6:90:66:96:55:e7:4b:
                    a2:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:AD:80:3B:A4:F5:4A:9B:B4:0C:95:AC:2B:6F:70:9E:E5:1E:66:C4
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/H62AO6T1Spu0DJWsK29wnuUeZsQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c3:b7:84:83:ea:0e:8a:fa:72:7a:91:a2:92:7a:24:f6:15:34:
         3b:5d:33:43:c6:01:4a:fb:72:3d:da:cd:da:61:16:0b:e6:db:
         1c:b7:2b:5a:14:d1:0e:af:65:ef:05:0b:9e:21:7d:55:e9:0a:
         c7:95:22:7a:89:7e:b1:de:b4:70:44:47:28:a6:e6:2e:eb:3c:
         9f:9f:d1:90:8c:62:60:c7:ee:1a:cd:6b:c0:51:50:a0:04:71:
         0d:ad:40:ee:f2:ef:70:01:0a:63:b6:d6:12:96:7f:cc:4e:05:
         e1:f3:48:3e:db:a4:fa:80:4a:15:e8:de:0e:5b:a0:e2:12:29:
         12:7c:8b:c9:2e:05:18:f3:56:d0:a4:67:7f:47:02:6b:a5:c1:
         c2:1f:05:9c:4d:4b:f2:cb:0f:08:ab:a7:6f:17:86:3a:89:82:
         e9:2c:c0:2c:f4:ee:19:76:e2:89:85:0b:54:37:cb:c4:51:ea:
         ca:ac:dd:14:86:e7:d1:61:f5:3d:75:1e:d1:c6:79:e0:2d:a1:
         ea:e3:48:64:d8:8d:bc:d5:19:2a:17:60:39:01:42:92:cb:fa:
         7b:ad:98:50:54:0f:f3:e9:09:8f:e6:93:8c:1c:14:24:de:be:
         a0:be:76:9b:20:c1:03:71:5b:84:6a:7f:58:91:3b:74:10:d0:
         6c:55:9d:ff
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMjExMDky
MzQ4NDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFGQUQ4MDNCQTRGNTRB
OUJCNDBDOTVBQzJCNkY3MDlFRTUxRTY2QzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGEbB4vkq4m1NOvnWNEsTNbqK19O+IioOUKZKufj9dfni3vD7h
lqdKC8g2Zz62BHkDw2mP6DkqGVITzG+hBbXOAyQT/5EB1DeyLsooa5MlMnzmohS5
4bCOCdZ7N6tp6luSXBqSfNQh2wKWyytKTd42aWSO0oZSy+SYdXyAyJORfBjSc4YU
2tJc8PDwtLICGNPtF2c5j0giqiYRMu2tFuJWOCnim0mpePzK21DDQXsSv78ZAvNn
Kqb02Xf5h8lVJOQeDFQrCjNPmImM3deguvxVJZI7P9r8yk1aBD1zMW1pzumVKnoL
KATqTFjc+po2M0yf+9h1qRne9pBmllXnS6LRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUH62AO6T1Spu0DJWsK29wnuUeZsQwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvSDYyQU82VDFTcHUwREpXc0syOXdu
dVVlWnNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeTFjAN
BgkqhkiG9w0BAQsFAAOCAQEAw7eEg+oOivpyepGiknok9hU0O10zQ8YBSvtyPdrN
2mEWC+bbHLcrWhTRDq9l7wULniF9VekKx5Uieol+sd60cERHKKbmLus8n5/RkIxi
YMfuGs1rwFFQoARxDa1A7vLvcAEKY7bWEpZ/zE4F4fNIPtuk+oBKFejeDlug4hIp
EnyLyS4FGPNW0KRnf0cCa6XBwh8FnE1L8ssPCKunbxeGOomC6SzALPTuGXbiiYUL
VDfLxFHqyqzdFIbn0WH1PXUe0cZ54C2h6uNIZNiNvNUZKhdgOQFCksv6e62YUFQP
8+kJj+aTjBwUJN6+oL52myDBA3FbhGp/WJE7dBDQbFWd/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org