Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/mRFtwnZ6rQUWeOGzqd73qAN0IU4.roa
File:                     mRFtwnZ6rQUWeOGzqd73qAN0IU4.roa (raw, json)
Hash identifier:          5cvswGY4jFVtUYiM2r7s6YB/s8BWX4D6pMPtIUS5kr8=
Subject key identifier:   99:11:6D:C2:76:7A:AD:05:16:78:E1:B3:A9:DE:F7:A8:03:74:21:4E
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       108C
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/mRFtwnZ6rQUWeOGzqd73qAN0IU4.roa
Signing time:             Thu 13 Oct 2022 08:52:33 +0000
ROA not before:           Thu 13 Oct 2022 08:52:33 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17408
IP address blocks:        203.119.3.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4236 (0x108c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Oct 13 08:52:33 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=99116DC2767AAD051678E1B3A9DEF7A80374214E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0d:32:fb:14:47:41:4a:1f:8d:a6:c8:5b:e8:
                    32:ad:ac:d3:c7:28:ed:c0:42:b0:e8:c9:ee:f4:ea:
                    05:18:5c:cb:52:2f:ce:07:08:65:7b:ca:36:44:3c:
                    8e:a3:cb:15:1e:81:93:61:2e:cb:87:03:00:9c:21:
                    5e:b2:18:c3:44:f4:9c:c4:de:78:86:d9:59:ef:42:
                    58:60:13:4c:62:38:98:d9:85:ae:04:66:eb:0b:f1:
                    b4:c9:c0:ad:16:b4:79:1e:90:74:33:b9:4f:22:be:
                    f2:6d:35:bb:21:23:2a:7f:bb:06:8a:5a:27:89:b8:
                    18:8a:37:9c:86:94:1a:78:8a:5c:c3:1f:e0:2e:83:
                    e5:5e:66:39:aa:0f:0e:a0:40:46:30:96:3a:d8:fe:
                    c0:2d:0f:eb:74:01:27:79:19:9a:99:44:11:fb:29:
                    4e:be:b4:58:f7:65:42:65:b6:e3:9a:f9:ff:f3:fe:
                    d9:e1:51:02:d5:57:6c:6d:96:f1:a8:e7:88:21:b1:
                    96:f0:f6:d8:0d:10:30:fd:0a:77:07:df:a6:60:d1:
                    4b:48:4c:49:ce:7c:3e:7c:0f:2b:fe:95:40:63:83:
                    2a:3e:fd:43:c7:97:a3:df:6e:3f:a4:ca:bf:e6:9a:
                    a2:72:7d:11:fb:7f:98:84:45:a5:fe:dc:ec:19:1c:
                    ca:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:11:6D:C2:76:7A:AD:05:16:78:E1:B3:A9:DE:F7:A8:03:74:21:4E
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/mRFtwnZ6rQUWeOGzqd73qAN0IU4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.119.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:01:69:95:5b:cc:ee:22:2c:50:eb:d7:61:eb:b0:ec:cb:4b:
         c6:bb:b8:41:8f:78:07:ab:59:7e:d3:06:a9:e3:5d:55:65:f6:
         a4:3d:ae:f7:15:62:45:15:fa:5b:bb:86:06:93:c1:f2:5a:c1:
         45:84:c0:76:a1:d6:a0:2d:6f:23:81:4c:94:42:3b:e8:39:77:
         10:5c:2b:cc:d7:40:fa:83:7f:10:45:c3:e3:ca:19:0c:cf:d7:
         6b:6d:42:7f:16:72:bb:77:18:6b:34:e6:19:ae:a0:04:ec:6d:
         6d:db:3f:9f:2f:b8:5a:c3:18:93:a3:3c:e0:cc:a6:34:e5:81:
         f1:6b:d7:ae:01:8a:86:ae:25:47:20:ad:9f:98:3d:ef:0d:e3:
         cc:1f:4f:93:f5:19:67:cc:e1:34:44:b7:ec:2d:fb:e5:a0:de:
         e0:f2:3c:6f:cc:b2:bd:be:18:81:44:2e:24:16:f1:b9:06:50:
         a6:7d:63:d0:fe:d5:2a:69:a3:67:b5:31:e0:00:dd:0a:43:3c:
         2d:34:2b:93:78:de:e5:cd:fc:35:7d:9c:6e:2c:e3:3a:b7:6d:
         0c:b5:e4:bf:9e:30:88:b6:ee:f7:37:e7:7e:c8:36:52:0a:21:
         ff:00:65:5f:db:3a:93:04:c7:74:03:aa:48:11:5d:be:88:14:
         7a:5c:e0:b7
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMjEwMTMw
ODUyMzNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk5MTE2REMyNzY3QUFE
MDUxNjc4RTFCM0E5REVGN0E4MDM3NDIxNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqDTL7FEdBSh+Npshb6DKtrNPHKO3AQrDoye706gUYXMtSL84H
CGV7yjZEPI6jyxUegZNhLsuHAwCcIV6yGMNE9JzE3niG2VnvQlhgE0xiOJjZha4E
ZusL8bTJwK0WtHkekHQzuU8ivvJtNbshIyp/uwaKWieJuBiKN5yGlBp4ilzDH+Au
g+VeZjmqDw6gQEYwljrY/sAtD+t0ASd5GZqZRBH7KU6+tFj3ZUJltuOa+f/z/tnh
UQLVV2xtlvGo54ghsZbw9tgNEDD9CncH36Zg0UtITEnOfD58Dyv+lUBjgyo+/UPH
l6Pfbj+kyr/mmqJyfRH7f5iERaX+3OwZHMptAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUmRFtwnZ6rQUWeOGzqd73qAN0IU4wHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9tUkZ0d25aNnJRVVdlT0d6cWQ3
M3FBTjBJVTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy3cD
MA0GCSqGSIb3DQEBCwUAA4IBAQAzAWmVW8zuIixQ69dh67Dsy0vGu7hBj3gHq1l+
0wap411VZfakPa73FWJFFfpbu4YGk8HyWsFFhMB2odagLW8jgUyUQjvoOXcQXCvM
10D6g38QRcPjyhkMz9drbUJ/FnK7dxhrNOYZrqAE7G1t2z+fL7hawxiTozzgzKY0
5YHxa9euAYqGriVHIK2fmD3vDePMH0+T9RlnzOE0RLfsLfvloN7g8jxvzLK9vhiB
RC4kFvG5BlCmfWPQ/tUqaaNntTHgAN0KQzwtNCuTeN7lzfw1fZxuLOM6t20MteS/
njCItu73N+d+yDZSCiH/AGVf2zqTBMd0A6pIEV2+iBR6XOC3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org