Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/jkZs5XrKsGRsXxPC9xW1-YIFrDQ.roa
File:                     jkZs5XrKsGRsXxPC9xW1-YIFrDQ.roa (raw, json)
Hash identifier:          lhy7FtihBedQfWm+PPKBVbde0+tCxWOQHwOwMelmSmM=
Subject key identifier:   8E:46:6C:E5:7A:CA:B0:64:6C:5F:13:C2:F7:15:B5:F9:82:05:AC:34
Certificate issuer:       /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial:       097D
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/jkZs5XrKsGRsXxPC9xW1-YIFrDQ.roa
Signing time:             Wed 29 Sep 2021 02:53:08 +0000
ROA not before:           Wed 29 Sep 2021 02:53:08 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     18018
IP address blocks:        122.255.94.0/28 maxlen: 28

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2429 (0x97d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
        Validity
            Not Before: Sep 29 02:53:08 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=8E466CE57ACAB0646C5F13C2F715B5F98205AC34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:53:d7:7f:23:31:50:8f:df:43:47:4a:3c:1e:
                    37:a6:40:41:39:35:ec:ff:34:d8:d2:58:9c:6f:58:
                    47:bf:7b:48:a1:b1:e1:80:0e:ba:ee:73:3c:f6:53:
                    33:a3:78:71:fb:6b:6a:8c:f1:02:be:15:53:c0:23:
                    bf:48:86:5f:78:72:db:1f:1f:27:71:45:1a:4d:7a:
                    0c:bf:46:7f:7f:53:a4:a1:24:01:47:56:43:ac:4c:
                    b0:65:31:53:02:e2:af:bf:ac:ac:ed:82:c7:eb:fe:
                    5f:91:65:22:ca:ff:62:8a:93:3b:94:24:1c:e8:e3:
                    7a:6d:fa:87:81:b2:68:0b:32:1b:7c:53:e1:d3:ce:
                    72:40:f8:91:8a:81:e3:30:ba:23:eb:ad:40:05:6f:
                    b7:09:25:bd:f9:c7:c5:12:34:44:48:f3:3e:51:d5:
                    c9:78:be:52:09:b0:5f:92:60:11:ee:1e:d6:dd:e2:
                    4c:9c:45:e6:34:d7:93:83:28:77:69:ba:4f:e7:b5:
                    90:e8:11:60:c1:ff:de:39:26:08:d1:7c:c5:f6:f3:
                    71:13:77:1e:c1:17:92:af:29:5e:dd:07:04:2f:be:
                    13:a2:11:0f:72:36:b2:83:54:ec:5e:79:09:67:59:
                    5f:5e:f9:eb:99:1e:fa:5c:d0:06:69:97:9c:98:df:
                    a6:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:46:6C:E5:7A:CA:B0:64:6C:5F:13:C2:F7:15:B5:F9:82:05:AC:34
            X509v3 Authority Key Identifier:
                keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/jkZs5XrKsGRsXxPC9xW1-YIFrDQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.255.94.0/28

    Signature Algorithm: sha256WithRSAEncryption
         60:42:e3:fe:3a:8f:f4:aa:a7:bb:fb:67:a7:45:c6:b1:ad:89:
         33:af:97:9d:a7:a7:b0:8c:52:e8:7d:0a:6a:c3:67:b0:90:b5:
         40:34:3e:ad:30:85:97:30:bc:9f:4f:7d:c3:c6:90:a7:04:2b:
         2d:c0:f5:47:db:47:d7:f9:a2:da:8d:15:b5:3f:5b:6c:61:30:
         8c:23:53:46:ca:90:58:33:2f:f9:09:aa:eb:4a:b0:a5:33:cd:
         a8:80:1f:82:99:96:b2:85:8d:fe:37:94:9a:15:df:bf:89:9b:
         48:4f:91:a4:ae:7a:6d:4f:d3:01:a9:ca:05:d9:e7:99:a9:d3:
         78:73:88:17:01:b4:84:70:16:43:8a:9c:b2:de:14:01:a3:86:
         47:d3:2b:da:55:40:5f:0e:f9:25:1a:43:e4:ed:97:ef:6e:98:
         4e:5c:d2:55:d7:8a:c3:bd:c8:66:31:8f:2c:93:84:f8:25:7e:
         43:ba:e1:30:db:91:ba:61:0f:8e:34:6f:48:d4:ed:b2:b1:30:
         91:e8:88:97:06:de:f1:80:f6:9d:d5:ea:7e:1c:0f:60:dd:85:
         82:39:74:ee:68:ad:52:04:8c:b4:3f:0f:f5:74:2e:9b:89:11:
         f1:92:f8:36:d3:96:bb:4a:3c:07:b0:a4:81:73:b6:b1:c1:b5:
         91:16:84:9b
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMTA5Mjkw
MjUzMDhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDhFNDY2Q0U1N0FDQUIw
NjQ2QzVGMTNDMkY3MTVCNUY5ODIwNUFDMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4U9d/IzFQj99DR0o8HjemQEE5Nez/NNjSWJxvWEe/e0ihseGA
Drruczz2UzOjeHH7a2qM8QK+FVPAI79Ihl94ctsfHydxRRpNegy/Rn9/U6ShJAFH
VkOsTLBlMVMC4q+/rKztgsfr/l+RZSLK/2KKkzuUJBzo43pt+oeBsmgLMht8U+HT
znJA+JGKgeMwuiPrrUAFb7cJJb35x8USNERI8z5R1cl4vlIJsF+SYBHuHtbd4kyc
ReY015ODKHdpuk/ntZDoEWDB/945JgjRfMX283ETdx7BF5KvKV7dBwQvvhOiEQ9y
NrKDVOxeeQlnWV9e+euZHvpc0AZpl5yY36b7AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUjkZs5XrKsGRsXxPC9xW1+YIFrDQwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9qa1pzNVhyS3NHUnNYeFBDOXhX
MS1ZSUZyRFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUEev9e
ADANBgkqhkiG9w0BAQsFAAOCAQEAYELj/jqP9Kqnu/tnp0XGsa2JM6+XnaensIxS
6H0KasNnsJC1QDQ+rTCFlzC8n099w8aQpwQrLcD1R9tH1/mi2o0VtT9bbGEwjCNT
RsqQWDMv+Qmq60qwpTPNqIAfgpmWsoWN/jeUmhXfv4mbSE+RpK56bU/TAanKBdnn
manTeHOIFwG0hHAWQ4qcst4UAaOGR9Mr2lVAXw75JRpD5O2X726YTlzSVdeKw73I
ZjGPLJOE+CV+Q7rhMNuRumEPjjRvSNTtsrEwkeiIlwbe8YD2ndXqfhwPYN2Fgjl0
7mitUgSMtD8P9XQum4kR8ZL4NtOWu0o8B7CkgXO2scG1kRaEmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org