Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/Qi0ZKxQXRH-pRwIGDlnShz7qADk.roa
File:                     Qi0ZKxQXRH-pRwIGDlnShz7qADk.roa (raw, json)
Hash identifier:          kryWcvPKAqbghNuW3b4W2YILo6kUERXBxRX+spdvWsw=
Subject key identifier:   42:2D:19:2B:14:17:44:7F:A9:47:02:06:0E:59:D2:87:3E:EA:00:39
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       0807
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/Qi0ZKxQXRH-pRwIGDlnShz7qADk.roa
Signing time:             Wed 09 Nov 2022 23:48:47 +0000
ROA not before:           Wed 09 Nov 2022 23:48:47 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18041
IP address blocks:        103.147.22.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2055 (0x807)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Nov  9 23:48:47 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=422D192B1417447FA94702060E59D2873EEA0039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ac:21:d5:06:83:1c:bd:fa:47:36:1b:f1:23:
                    bc:30:79:d6:49:e8:2f:fc:a7:e0:97:2e:03:16:97:
                    1d:4f:6d:8f:64:2b:b3:59:62:48:ef:fb:57:fe:f5:
                    8e:53:fe:99:f1:f7:9f:f9:f9:f1:16:9a:a7:6e:02:
                    c7:cf:29:a5:5d:9c:b3:db:bc:5b:a6:d7:b2:1a:d3:
                    b1:1c:cc:0e:96:6a:a6:ce:40:07:c2:a5:c9:a0:47:
                    7c:ef:8f:cb:b1:9e:55:69:34:06:ac:8e:eb:78:21:
                    12:20:b0:c5:20:15:13:c4:fd:d0:7d:46:93:04:9b:
                    04:b8:18:c8:1b:7a:e1:e6:21:f7:10:8c:9a:85:3b:
                    4b:b9:2e:98:1e:05:70:55:8c:2d:13:bd:0b:d2:c0:
                    ef:d5:30:00:f4:0d:cc:1b:1b:0c:4f:99:c8:43:79:
                    01:da:29:95:a0:3d:64:93:ce:8e:0e:9a:95:eb:3c:
                    1a:b1:57:a6:09:f8:ec:e8:6c:cf:54:96:7f:52:ff:
                    34:e5:8a:cd:b0:aa:81:f4:a8:2e:74:14:ee:92:79:
                    ac:9b:4b:7b:47:83:81:7b:a2:87:e4:1c:e3:26:82:
                    17:1c:75:76:04:ab:fc:85:bf:5d:66:7a:04:58:75:
                    55:ae:c3:25:68:f7:f8:28:7c:f1:86:5b:f6:f8:05:
                    66:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:2D:19:2B:14:17:44:7F:A9:47:02:06:0E:59:D2:87:3E:EA:00:39
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/Qi0ZKxQXRH-pRwIGDlnShz7qADk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         22:25:b6:f9:6f:2e:8b:56:65:9d:dc:28:62:4b:3f:ea:94:d5:
         9b:c0:f7:1e:f5:47:27:4a:d4:c8:5c:45:49:51:1b:fd:ce:a6:
         c1:c4:2e:0a:57:94:08:12:85:c0:4a:f3:b5:5b:d9:5b:98:3e:
         d7:e2:cf:96:f0:7f:17:a6:41:48:72:56:18:6c:4b:b8:67:27:
         cf:ef:91:77:a6:88:81:54:57:fa:07:cc:4b:63:bd:4a:80:79:
         55:8e:e1:c6:7a:dc:39:0b:b0:91:16:c1:ee:38:12:68:5b:f1:
         bf:37:5c:96:17:61:40:b7:ba:aa:b2:b6:6c:a9:f7:1d:df:2b:
         73:53:6e:7d:d3:6e:17:01:df:eb:9b:07:39:aa:9c:92:9b:e3:
         39:24:e4:05:b2:f8:17:2b:25:d0:25:60:e8:13:25:07:3e:d0:
         73:0d:d3:bd:8f:d0:f8:3e:d9:58:3d:4d:a4:4b:75:13:c6:70:
         08:d2:71:df:d2:d2:a3:73:60:7f:72:30:28:65:16:04:95:4f:
         bf:ad:c0:db:5b:10:08:59:ab:f0:70:2d:9a:14:b2:a7:fc:fc:
         e8:53:68:2d:09:0e:90:07:91:37:05:65:ca:bb:37:0f:84:64:
         02:de:9e:b1:b7:7f:d1:a0:04:27:9c:92:ba:f4:46:f5:07:2b:
         c7:94:f1:92
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCAcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMjExMDky
MzQ4NDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQyMkQxOTJCMTQxNzQ0
N0ZBOTQ3MDIwNjBFNTlEMjg3M0VFQTAwMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUrCHVBoMcvfpHNhvxI7wwedZJ6C/8p+CXLgMWlx1PbY9kK7NZ
Ykjv+1f+9Y5T/pnx95/5+fEWmqduAsfPKaVdnLPbvFum17Ia07EczA6WaqbOQAfC
pcmgR3zvj8uxnlVpNAasjut4IRIgsMUgFRPE/dB9RpMEmwS4GMgbeuHmIfcQjJqF
O0u5LpgeBXBVjC0TvQvSwO/VMAD0DcwbGwxPmchDeQHaKZWgPWSTzo4OmpXrPBqx
V6YJ+OzobM9Uln9S/zTlis2wqoH0qC50FO6SeaybS3tHg4F7oofkHOMmghccdXYE
q/yFv11megRYdVWuwyVo9/gofPGGW/b4BWbdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQi0ZKxQXRH+pRwIGDlnShz7qADkwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvUWkwWkt4UVhSSC1wUndJR0RsblNo
ejdxQURrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeTFjAN
BgkqhkiG9w0BAQsFAAOCAQEAIiW2+W8ui1ZlndwoYks/6pTVm8D3HvVHJ0rUyFxF
SVEb/c6mwcQuCleUCBKFwErztVvZW5g+1+LPlvB/F6ZBSHJWGGxLuGcnz++Rd6aI
gVRX+gfMS2O9SoB5VY7hxnrcOQuwkRbB7jgSaFvxvzdclhdhQLe6qrK2bKn3Hd8r
c1NufdNuFwHf65sHOaqckpvjOSTkBbL4Fysl0CVg6BMlBz7Qcw3TvY/Q+D7ZWD1N
pEt1E8ZwCNJx39LSo3Ngf3IwKGUWBJVPv63A21sQCFmr8HAtmhSyp/z86FNoLQkO
kAeRNwVlyrs3D4RkAt6esbd/0aAEJ5ySuvRG9Qcrx5Txkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org