Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/j42PnaEveAfwcpgw0LOvSjfKzCc.roa
File:                     j42PnaEveAfwcpgw0LOvSjfKzCc.roa (raw, json)
Hash identifier:          Q5e7YyD7MHvo8kAjis3Cx8FqlBDasiUF/zUIa4VP21Q=
Subject key identifier:   8F:8D:8F:9D:A1:2F:78:07:F0:72:98:30:D0:B3:AF:4A:37:CA:CC:27
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       0E36
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/j42PnaEveAfwcpgw0LOvSjfKzCc.roa
Signing time:             Sun 07 Feb 2021 11:47:37 +0000
ROA not before:           Sun 07 Feb 2021 11:47:37 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9311
IP address blocks:        203.119.94.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3638 (0xe36)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Feb  7 11:47:37 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=8F8D8F9DA12F7807F0729830D0B3AF4A37CACC27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:94:e0:f8:f7:36:71:d3:eb:a2:8b:d5:60:8f:
                    7f:0b:27:40:b1:c7:ad:fa:74:48:81:8d:0b:87:35:
                    4c:f3:dc:32:59:34:24:17:bb:ae:6f:ee:19:0d:12:
                    8c:e6:a4:a1:75:d1:a3:60:dc:10:f3:47:00:89:73:
                    53:a5:89:20:7c:c0:7a:94:c4:c5:cf:23:63:11:2f:
                    de:88:b4:8b:83:12:13:35:a8:71:04:94:3f:f4:49:
                    3a:2e:41:ac:df:01:c0:04:a1:46:26:40:4d:9c:f4:
                    cc:2f:9b:9d:03:81:8f:18:e6:b7:51:52:d7:ab:44:
                    63:b8:f4:34:31:45:80:dd:10:59:0b:70:b4:a2:97:
                    4e:45:e2:40:a5:37:b3:fc:69:fb:01:b5:8a:5d:88:
                    ef:7a:84:22:4f:7d:a8:41:9c:87:a3:c6:92:9a:8d:
                    e4:52:d7:d6:17:3c:4a:2d:05:39:d3:40:14:7c:4f:
                    d5:0e:0b:18:05:9d:a4:b2:70:7a:41:47:d6:c0:fc:
                    a0:96:44:a8:1c:1f:09:b4:c8:a9:28:db:57:fb:84:
                    35:ef:fd:cb:df:8c:87:02:d1:bb:6c:30:57:74:12:
                    1c:f6:83:87:05:f6:15:a6:b5:95:de:e3:4d:78:cd:
                    29:e9:7c:cd:ec:49:72:b6:14:61:1f:b2:9b:8d:ca:
                    df:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:8D:8F:9D:A1:2F:78:07:F0:72:98:30:D0:B3:AF:4A:37:CA:CC:27
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/j42PnaEveAfwcpgw0LOvSjfKzCc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.119.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:00:ef:3f:af:37:ae:92:58:32:53:5b:36:c8:28:cd:f6:f1:
         46:51:a0:cc:e2:b6:c8:24:a8:ee:77:c0:f8:a0:36:e5:6a:5e:
         3b:ff:72:cc:cf:ae:52:5f:60:26:d3:07:67:8a:bc:1d:c6:1d:
         d6:a3:32:5a:7f:be:5f:53:9f:a2:64:7e:73:16:6c:80:f1:6d:
         93:d9:55:cc:2e:48:e4:1d:d2:a1:8a:e2:e0:93:be:6d:f1:60:
         0a:3b:9d:a8:25:e9:38:6d:3c:04:9d:a4:f6:f3:0f:d5:cc:10:
         9d:b2:3b:db:04:71:12:7d:1b:23:d2:37:2f:2d:29:61:35:8c:
         ff:a5:fe:31:05:45:ee:c1:be:37:cb:bb:5f:cb:c4:79:4d:ee:
         49:aa:e3:a8:8e:d3:51:29:4d:00:54:5e:f6:2c:ed:3f:03:4f:
         86:81:9e:60:4b:5f:df:f5:f8:50:38:0e:d8:87:b1:20:b3:b4:
         84:94:26:8e:e4:e9:07:20:0b:37:58:8f:15:dc:ca:34:9c:c9:
         09:b0:cf:1b:0f:a8:11:ad:24:a2:74:4a:9e:a0:e2:e2:44:0a:
         1b:64:03:33:98:cb:0a:53:d8:9a:76:e0:8a:04:ab:f5:89:10:
         19:b5:c5:3e:8c:27:fd:bb:c0:03:07:b6:2e:7d:fa:6d:e3:20:
         71:7e:d7:91
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDjYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMTAyMDcx
MTQ3MzdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDhGOEQ4RjlEQTEyRjc4
MDdGMDcyOTgzMEQwQjNBRjRBMzdDQUNDMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCllOD49zZx0+uii9Vgj38LJ0Cxx636dEiBjQuHNUzz3DJZNCQX
u65v7hkNEozmpKF10aNg3BDzRwCJc1OliSB8wHqUxMXPI2MRL96ItIuDEhM1qHEE
lD/0STouQazfAcAEoUYmQE2c9Mwvm50DgY8Y5rdRUterRGO49DQxRYDdEFkLcLSi
l05F4kClN7P8afsBtYpdiO96hCJPfahBnIejxpKajeRS19YXPEotBTnTQBR8T9UO
CxgFnaSycHpBR9bA/KCWRKgcHwm0yKko21f7hDXv/cvfjIcC0btsMFd0Ehz2g4cF
9hWmtZXe4014zSnpfM3sSXK2FGEfspuNyt8tAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUj42PnaEveAfwcpgw0LOvSjfKzCcwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9qNDJQbmFFdmVBZndjcGd3MExP
dlNqZkt6Q2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy3de
MA0GCSqGSIb3DQEBCwUAA4IBAQCbAO8/rzeuklgyU1s2yCjN9vFGUaDM4rbIJKju
d8D4oDblal47/3LMz65SX2Am0wdnirwdxh3WozJaf75fU5+iZH5zFmyA8W2T2VXM
LkjkHdKhiuLgk75t8WAKO52oJek4bTwEnaT28w/VzBCdsjvbBHESfRsj0jcvLSlh
NYz/pf4xBUXuwb43y7tfy8R5Te5JquOojtNRKU0AVF72LO0/A0+GgZ5gS1/f9fhQ
OA7Yh7Egs7SElCaO5OkHIAs3WI8V3Mo0nMkJsM8bD6gRrSSidEqeoOLiRAobZAMz
mMsKU9iaduCKBKv1iRAZtcU+jCf9u8ADB7Yuffpt4yBxfteR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org