Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/SudzxrxsuMpVItdnZq9374M6q50.roa
File:                     SudzxrxsuMpVItdnZq9374M6q50.roa (raw, json)
Hash identifier:          2q3LHCUMxhqt5RIKZNV77LGirlfIzd38QK5SXtZq8uI=
Subject key identifier:   4A:E7:73:C6:BC:6C:B8:CA:55:22:D7:67:66:AF:77:EF:83:3A:AB:9D
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       0645
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/SudzxrxsuMpVItdnZq9374M6q50.roa
Signing time:             Sun 07 Feb 2021 13:08:08 +0000
ROA not before:           Sun 07 Feb 2021 13:08:08 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18041
IP address blocks:        103.147.22.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1605 (0x645)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Feb  7 13:08:08 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=4AE773C6BC6CB8CA5522D76766AF77EF833AAB9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ba:cb:da:d8:45:22:19:50:29:de:63:ef:59:
                    cf:09:1d:95:73:7c:3e:6b:d8:98:ab:b4:02:de:d7:
                    e3:bf:f0:ec:0f:18:57:3a:f4:d0:30:0d:f5:09:d1:
                    04:56:2a:32:8d:74:93:6b:78:e2:77:8c:00:e3:ef:
                    59:9f:5e:a3:3c:d0:2f:72:f4:2c:ed:c0:5d:b0:3a:
                    93:cd:20:39:ac:64:5d:da:64:78:11:6a:15:34:b1:
                    d4:92:09:92:dc:76:4f:b8:29:38:74:29:08:14:04:
                    cf:4c:ce:50:55:67:1c:8c:ee:89:f7:89:8d:67:9a:
                    10:e0:03:ca:72:9c:6a:1d:29:a5:46:d5:ab:86:73:
                    2e:c5:fc:d8:73:c0:3a:c9:4c:b3:7c:d8:a8:3e:59:
                    1b:e4:b0:14:1e:fb:e1:10:a8:b1:04:7e:d8:d8:94:
                    3e:c0:98:e6:8e:5e:76:e4:a3:e5:29:9d:eb:5d:a8:
                    4a:04:05:0e:42:68:f7:09:cd:a8:39:58:e4:80:88:
                    a8:35:3a:76:5d:4a:d3:25:5e:00:01:2e:14:d3:f0:
                    29:71:00:19:4a:ce:78:cb:2a:fe:5d:68:6b:5e:38:
                    d6:06:bf:00:1f:02:60:ba:e2:0f:85:d1:a8:7b:5b:
                    2c:98:59:f3:8e:a2:15:82:b9:6b:c1:1e:f9:8c:b3:
                    42:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:E7:73:C6:BC:6C:B8:CA:55:22:D7:67:66:AF:77:EF:83:3A:AB:9D
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/SudzxrxsuMpVItdnZq9374M6q50.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         02:69:8e:32:15:18:fb:b0:cd:14:0f:54:67:5c:d5:74:b1:29:
         c5:5e:ec:0a:ff:71:ad:23:99:9c:53:52:9e:cf:21:da:97:b3:
         9b:6f:6c:ec:22:33:99:14:55:88:cb:de:7d:44:6e:f1:a9:ec:
         89:03:95:55:9f:a8:f8:85:dc:9a:ad:fd:a3:ca:da:ca:d7:49:
         0a:7c:b1:27:bd:ea:4d:ec:7e:c4:19:0c:1a:30:af:7f:b4:e8:
         a4:12:3f:34:90:5c:05:66:fb:b9:b9:0d:1d:31:fb:79:6e:d7:
         6b:40:3c:ef:2b:9b:37:06:be:de:01:35:5c:99:bb:e2:00:61:
         76:6d:12:03:9f:f3:44:ac:d7:98:a5:80:3c:f5:59:83:ae:72:
         11:90:e8:07:9e:74:6e:d6:c6:f3:51:9b:bc:9e:29:b2:54:48:
         52:36:a1:32:1b:70:60:e7:9f:89:dd:5a:72:03:95:d0:d4:5a:
         7b:31:f5:44:40:14:e8:fc:bd:b7:79:e8:a3:15:f0:55:6a:0f:
         dd:c6:65:64:8b:fe:e7:93:da:5b:77:a5:78:d8:87:92:d7:66:
         c4:6a:71:76:a2:88:41:d9:c3:bd:e1:21:e7:cf:e2:52:da:e7:
         aa:c2:c9:b3:d0:91:25:be:c7:5d:72:75:54:46:3b:b6:15:f9:
         1f:71:bb:e2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICBkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMTAyMDcx
MzA4MDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDRBRTc3M0M2QkM2Q0I4
Q0E1NTIyRDc2NzY2QUY3N0VGODMzQUFCOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWusva2EUiGVAp3mPvWc8JHZVzfD5r2JirtALe1+O/8OwPGFc6
9NAwDfUJ0QRWKjKNdJNreOJ3jADj71mfXqM80C9y9CztwF2wOpPNIDmsZF3aZHgR
ahU0sdSSCZLcdk+4KTh0KQgUBM9MzlBVZxyM7on3iY1nmhDgA8pynGodKaVG1auG
cy7F/NhzwDrJTLN82Kg+WRvksBQe++EQqLEEftjYlD7AmOaOXnbko+UpnetdqEoE
BQ5CaPcJzag5WOSAiKg1OnZdStMlXgABLhTT8ClxABlKznjLKv5daGteONYGvwAf
AmC64g+F0ah7WyyYWfOOohWCuWvBHvmMs0KpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUSudzxrxsuMpVItdnZq9374M6q50wHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvU3VkenhyeHN1TXBWSXRkblpxOTM3
NE02cTUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeTFjAN
BgkqhkiG9w0BAQsFAAOCAQEAAmmOMhUY+7DNFA9UZ1zVdLEpxV7sCv9xrSOZnFNS
ns8h2pezm29s7CIzmRRViMvefURu8ansiQOVVZ+o+IXcmq39o8raytdJCnyxJ73q
Tex+xBkMGjCvf7TopBI/NJBcBWb7ubkNHTH7eW7Xa0A87yubNwa+3gE1XJm74gBh
dm0SA5/zRKzXmKWAPPVZg65yEZDoB550btbG81GbvJ4pslRIUjahMhtwYOefid1a
cgOV0NRaezH1REAU6Py9t3nooxXwVWoP3cZlZIv+55PaW3eleNiHktdmxGpxdqKI
QdnDveEh58/iUtrnqsLJs9CRJb7HXXJ1VEY7thX5H3G74g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org