Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/biHyl__2OP-lBW_RD1IppCspjK4.roa
File:                     biHyl__2OP-lBW_RD1IppCspjK4.roa (raw, json)
Hash identifier:          370kHLlGBz4Vk+TcvTPQ5VUzGw6YAVgzOsovXzija10=
Subject key identifier:   6E:21:F2:97:FF:F6:38:FF:A5:05:6F:D1:0F:52:29:A4:2B:29:8C:AE
Certificate issuer:       /CN=63400AA6E6C68B13DDDC9C00B82586124273FA9B
Certificate serial:       08B7
Authority key identifier: 63:40:0A:A6:E6:C6:8B:13:DD:DC:9C:00:B8:25:86:12:42:73:FA:9B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/biHyl__2OP-lBW_RD1IppCspjK4.roa
Signing time:             Sun 07 Feb 2021 12:59:22 +0000
ROA not before:           Sun 07 Feb 2021 12:59:22 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131618
IP address blocks:        103.122.227.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2231 (0x8b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63400AA6E6C68B13DDDC9C00B82586124273FA9B
        Validity
            Not Before: Feb  7 12:59:22 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=6E21F297FFF638FFA5056FD10F5229A42B298CAE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:2d:b6:98:58:d1:a1:ab:7e:57:ff:a4:28:70:
                    d9:4d:68:e7:a6:67:89:85:ba:6f:68:f5:a1:ff:19:
                    d1:36:e9:f3:ff:87:32:8a:bf:5a:7f:bd:df:72:00:
                    77:b0:7b:7a:38:d7:44:6e:1e:53:a0:2e:eb:d7:14:
                    68:63:fd:87:7c:fb:4d:04:eb:62:a3:ab:23:9c:2c:
                    19:fd:f7:ef:29:90:f9:30:e5:9f:a6:30:d9:0c:64:
                    2d:9e:b7:50:25:7e:cd:a2:c3:64:c7:b4:f4:eb:a3:
                    54:c5:b6:6d:4b:9f:7b:da:74:a0:d2:43:44:3a:87:
                    6d:aa:81:aa:5d:d3:ee:b0:2f:98:a8:03:37:14:f1:
                    8c:af:c4:ea:50:b9:5c:66:50:9e:6d:7b:3d:6f:a2:
                    d8:a1:36:e5:46:9e:21:a7:26:5b:61:fe:99:57:e8:
                    90:35:1b:7d:c8:a0:c3:7b:a3:38:5e:0a:76:9e:03:
                    2f:21:de:7b:66:e2:06:83:66:be:31:b2:1c:95:6d:
                    0f:5f:91:a9:e7:04:84:99:1b:ac:91:87:1c:f2:6c:
                    a3:0c:99:83:98:49:93:d8:87:c4:6a:e3:2a:4e:c9:
                    71:4f:03:f6:0b:62:ce:0a:a3:ec:00:23:11:1f:c1:
                    b9:c0:60:db:d3:79:00:06:65:9b:d2:05:a7:87:4f:
                    99:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:21:F2:97:FF:F6:38:FF:A5:05:6F:D1:0F:52:29:A4:2B:29:8C:AE
            X509v3 Authority Key Identifier:
                keyid:63:40:0A:A6:E6:C6:8B:13:DD:DC:9C:00:B8:25:86:12:42:73:FA:9B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/Y0AKpubGixPd3JwAuCWGEkJz-ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/biHyl__2OP-lBW_RD1IppCspjK4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:c9:4d:86:15:bc:65:03:84:1d:75:32:fe:07:a6:99:5d:a5:
         28:3f:65:f9:20:73:94:f0:74:d9:ba:e0:f4:38:c8:d7:95:63:
         da:47:21:0d:bb:50:6f:b4:b8:02:16:38:be:1e:02:3d:04:c5:
         9e:b9:9c:43:2b:d2:ca:a6:f5:a5:a5:bd:4c:03:83:db:10:84:
         e4:66:b7:eb:cc:74:a1:e6:d4:bf:e1:c5:2e:f3:e4:a4:90:32:
         b2:6b:6f:fd:8f:65:ca:44:23:c9:81:fd:b4:7a:22:ab:d6:fc:
         18:23:09:8c:c4:14:13:aa:99:ad:97:4e:44:bb:5a:a1:58:8b:
         9e:5f:61:94:db:7d:35:0d:11:4c:f5:12:64:f2:40:25:0e:5e:
         55:6a:00:10:1d:0b:27:01:60:cb:fc:9b:a6:49:dd:45:ad:a2:
         a9:4b:2a:af:31:80:cd:97:24:74:25:51:e3:40:f5:7b:80:04:
         79:1c:00:25:98:33:0e:2f:76:d6:ca:3a:4c:a4:79:e8:73:7d:
         c6:9b:03:e6:27:e0:f8:bb:be:83:43:00:61:5b:fa:0c:6f:d2:
         ff:ab:c8:08:21:40:25:01:72:88:f3:a9:51:e5:46:05:b4:2e:
         88:4f:36:b8:60:2c:60:3f:85:f2:f1:30:90:be:3b:e1:8e:96:
         a7:15:0c:9b
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICCLcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjM0
MDBBQTZFNkM2OEIxM0REREM5QzAwQjgyNTg2MTI0MjczRkE5QjAeFw0yMTAyMDcx
MjU5MjJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZFMjFGMjk3RkZGNjM4
RkZBNTA1NkZEMTBGNTIyOUE0MkIyOThDQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4LbaYWNGhq35X/6QocNlNaOemZ4mFum9o9aH/GdE26fP/hzKK
v1p/vd9yAHewe3o410RuHlOgLuvXFGhj/Yd8+00E62KjqyOcLBn99+8pkPkw5Z+m
MNkMZC2et1Alfs2iw2THtPTro1TFtm1Ln3vadKDSQ0Q6h22qgapd0+6wL5ioAzcU
8YyvxOpQuVxmUJ5tez1votihNuVGniGnJlth/plX6JA1G33IoMN7ozheCnaeAy8h
3ntm4gaDZr4xshyVbQ9fkannBISZG6yRhxzybKMMmYOYSZPYh8Rq4ypOyXFPA/YL
Ys4Ko+wAIxEfwbnAYNvTeQAGZZvSBaeHT5mlAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUbiHyl//2OP+lBW/RD1IppCspjK4wHwYDVR0jBBgwFoAUY0AKpubGixPd3JwA
uCWGEkJz+pswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVklTSU9O
NFlFUy9ZMEFLcHViR2l4UGQzSndBdUNXR0VrSnotcHMuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL1kwQUtwdWJHaXhQZDNKd0F1Q1dHRWtKei1wcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1ZJU0lPTjRZRVMvYmlIeWxfXzJP
UC1sQldfUkQxSXBwQ3Nwaks0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAGd64zANBgkqhkiG9w0BAQsFAAOCAQEAsMlNhhW8ZQOEHXUy/gemmV2l
KD9l+SBzlPB02brg9DjI15Vj2kchDbtQb7S4AhY4vh4CPQTFnrmcQyvSyqb1paW9
TAOD2xCE5Ga368x0oebUv+HFLvPkpJAysmtv/Y9lykQjyYH9tHoiq9b8GCMJjMQU
E6qZrZdORLtaoViLnl9hlNt9NQ0RTPUSZPJAJQ5eVWoAEB0LJwFgy/ybpkndRa2i
qUsqrzGAzZckdCVR40D1e4AEeRwAJZgzDi921so6TKR56HN9xpsD5ifg+Lu+g0MA
YVv6DG/S/6vICCFAJQFyiPOpUeVGBbQuiE82uGAsYD+F8vEwkL474Y6WpxUMmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-fra.rpki-client.org