Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/ofjo4TZfT9gKvHl0YI8wbHQhCfQ.roa
File:                     ofjo4TZfT9gKvHl0YI8wbHQhCfQ.roa (raw, json)
Hash identifier:          e6GbNmXDYUanRcRGvZPROxG6t6zCSE7nmFsR8ikoO+E=
Subject key identifier:   A1:F8:E8:E1:36:5F:4F:D8:0A:BC:79:74:60:8F:30:6C:74:21:09:F4
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       0173
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/ofjo4TZfT9gKvHl0YI8wbHQhCfQ.roa
Signing time:             Tue 14 Apr 2020 08:18:17 +0000
ROA not before:           Tue 14 Apr 2020 08:18:17 +0000
ROA not after:            Tue 02 Feb 2021 02:23:59 +0000
asID:                     131668
IP address blocks:        103.147.22.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 371 (0x173)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Apr 14 08:18:17 2020 GMT
            Not After : Feb  2 02:23:59 2021 GMT
        Subject: CN=A1F8E8E1365F4FD80ABC7974608F306C742109F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:12:c7:6a:4d:0e:4e:19:f8:6b:cf:ff:79:1d:
                    55:fc:a8:32:db:79:db:72:dd:68:f9:ba:58:d9:93:
                    2d:ad:70:d1:65:6c:6e:42:9e:52:94:71:92:53:f3:
                    cf:7b:fc:c2:8f:76:11:81:51:2f:6c:ca:a3:f4:ba:
                    34:50:15:82:2a:2d:ce:24:1a:b4:1a:79:84:a6:52:
                    1b:ce:74:05:0f:ed:cb:e0:97:ba:9b:4a:95:46:51:
                    c5:6b:a1:77:65:fa:c9:30:4e:2f:d0:9f:f1:1d:a1:
                    a7:73:82:19:31:30:8e:68:9c:f8:0c:fc:b1:43:b5:
                    af:8f:2c:d3:f1:b9:55:80:de:de:38:0f:3c:b8:0d:
                    0f:7a:87:ce:56:dd:87:a5:50:f8:b6:43:3c:42:4c:
                    43:ab:dd:2f:57:93:48:7e:ca:d3:ca:22:f1:13:a7:
                    90:d0:5d:fa:20:67:2f:52:e3:8d:b2:6a:d8:3b:81:
                    1f:9c:ec:65:99:30:f8:5d:cc:01:b1:5f:ec:5f:8e:
                    8c:11:25:5d:b3:1b:2a:89:cb:5f:ca:4e:4b:88:c6:
                    20:72:f7:4b:d1:9f:c5:43:81:9f:05:95:25:65:78:
                    6e:a6:b9:ae:23:50:57:ff:e9:c0:27:c5:a1:51:64:
                    82:39:94:d4:34:8a:fb:7a:78:a4:58:e3:a8:92:83:
                    0a:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:F8:E8:E1:36:5F:4F:D8:0A:BC:79:74:60:8F:30:6C:74:21:09:F4
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/ofjo4TZfT9gKvHl0YI8wbHQhCfQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         73:28:b5:a6:36:0e:cf:a5:92:f6:fd:3f:f2:1d:a0:eb:ea:ad:
         c5:ea:e0:20:2a:60:07:89:21:05:77:c1:82:c6:c7:a6:98:2c:
         a0:98:e4:b2:bb:23:ff:d1:05:b4:ea:c8:21:1e:15:7c:c1:41:
         be:8d:5a:44:08:73:93:40:aa:43:48:c9:a1:f2:70:36:ca:80:
         5f:06:6d:f4:2a:98:c0:cd:c3:6b:12:d5:66:ca:8d:89:9d:7e:
         6d:b4:66:76:f0:98:cb:59:2a:10:99:44:ef:41:a3:36:a5:09:
         52:04:f9:b9:dc:2a:55:db:2a:8f:37:2d:e8:9c:17:bc:70:9e:
         b1:4a:a6:a6:8e:66:98:5a:24:bd:68:f3:fa:15:cd:71:95:e4:
         7e:d2:2d:38:62:64:55:d3:0f:f4:4a:01:aa:3d:d7:4f:84:b1:
         31:79:50:c3:21:8c:f0:9e:6f:6d:ee:5b:6a:0d:83:8b:de:6b:
         67:d6:0f:3a:65:7a:65:e5:a1:47:8d:7b:b3:29:22:a6:02:fd:
         d1:5d:c4:ad:d0:25:a9:df:f1:f4:80:88:8b:ae:2e:58:eb:a0:
         2e:77:fa:85:4a:c2:ac:69:df:bd:25:73:3c:34:65:e2:b4:72:
         a9:2b:9e:4c:d0:83:1c:41:22:41:8c:b2:11:2e:40:82:9a:ff:
         e3:de:50:a3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAXMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMDA0MTQw
ODE4MTdaFw0yMTAyMDIwMjIzNTlaMDMxMTAvBgNVBAMTKEExRjhFOEUxMzY1RjRG
RDgwQUJDNzk3NDYwOEYzMDZDNzQyMTA5RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3EsdqTQ5OGfhrz/95HVX8qDLbedty3Wj5uljZky2tcNFlbG5C
nlKUcZJT8897/MKPdhGBUS9syqP0ujRQFYIqLc4kGrQaeYSmUhvOdAUP7cvgl7qb
SpVGUcVroXdl+skwTi/Qn/EdoadzghkxMI5onPgM/LFDta+PLNPxuVWA3t44Dzy4
DQ96h85W3YelUPi2QzxCTEOr3S9Xk0h+ytPKIvETp5DQXfogZy9S442yatg7gR+c
7GWZMPhdzAGxX+xfjowRJV2zGyqJy1/KTkuIxiBy90vRn8VDgZ8FlSVleG6mua4j
UFf/6cAnxaFRZII5lNQ0ivt6eKRY46iSgwp3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUofjo4TZfT9gKvHl0YI8wbHQhCfQwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvb2ZqbzRUWmZUOWdLdkhsMFlJOHdi
SFFoQ2ZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeTFjAN
BgkqhkiG9w0BAQsFAAOCAQEAcyi1pjYOz6WS9v0/8h2g6+qtxergICpgB4khBXfB
gsbHppgsoJjksrsj/9EFtOrIIR4VfMFBvo1aRAhzk0CqQ0jJofJwNsqAXwZt9CqY
wM3DaxLVZsqNiZ1+bbRmdvCYy1kqEJlE70GjNqUJUgT5udwqVdsqjzct6JwXvHCe
sUqmpo5mmFokvWjz+hXNcZXkftItOGJkVdMP9EoBqj3XT4SxMXlQwyGM8J5vbe5b
ag2Di95rZ9YPOmV6ZeWhR417sykipgL90V3ErdAlqd/x9ICIi64uWOugLnf6hUrC
rGnfvSVzPDRl4rRyqSueTNCDHEEiQYyyES5Agpr/495Qow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org