Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WANTEASY/i9QabkckrlmC60B0VcL0_HE7IjE.roa
File:                     i9QabkckrlmC60B0VcL0_HE7IjE.roa (raw, json)
Hash identifier:          Qx48ku/HKptPSMXp5T1mbMtu41rlM28/9Q1BptyzOXg=
Subject key identifier:   8B:D4:1A:6E:47:24:AE:59:82:EB:40:74:55:C2:F4:FC:71:3B:22:31
Certificate issuer:       /CN=CA1B71EFAC6F6AA43027609C18A734982764554B
Certificate serial:       093E
Authority key identifier: CA:1B:71:EF:AC:6F:6A:A4:30:27:60:9C:18:A7:34:98:27:64:55:4B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/yhtx76xvaqQwJ2CcGKc0mCdkVUs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/WANTEASY/i9QabkckrlmC60B0VcL0_HE7IjE.roa
Signing time:             Tue 29 Sep 2020 10:09:14 +0000
ROA not before:           Tue 29 Sep 2020 10:09:14 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17408
IP address blocks:        103.138.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2366 (0x93e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CA1B71EFAC6F6AA43027609C18A734982764554B
        Validity
            Not Before: Sep 29 10:09:14 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=8BD41A6E4724AE5982EB407455C2F4FC713B2231
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e8:e9:7b:2e:8e:cf:ad:66:87:83:4a:62:6f:
                    46:24:a7:1d:0e:89:61:10:07:4d:ff:f9:19:00:eb:
                    9c:03:c7:f7:ba:e9:dc:1c:0a:76:d1:2f:62:48:a3:
                    12:45:8c:c2:cd:4c:96:a7:6f:37:54:4d:ac:20:5c:
                    e8:e7:28:f1:f5:77:0b:d5:e9:54:67:df:78:c5:f4:
                    5c:52:98:dd:51:f3:80:fc:f3:44:2b:57:85:b3:40:
                    c2:17:c8:8a:38:ed:08:7d:8f:bb:e5:d7:ba:db:d8:
                    2c:6b:c6:8b:3b:7c:60:da:74:68:f8:dd:6a:5a:94:
                    d4:91:0d:f8:02:8e:5c:97:5b:7e:7d:20:8a:bc:94:
                    9f:95:af:00:ad:a0:0b:e2:f4:02:df:7e:8b:f8:09:
                    da:12:ac:7a:ca:47:72:bd:c3:64:36:0a:2f:e2:42:
                    e2:25:00:28:35:33:a1:03:35:7e:68:a7:65:41:12:
                    19:68:cf:8e:84:ae:35:41:8a:e2:6c:93:eb:ac:be:
                    3a:5d:7d:a2:5b:c6:af:bb:ed:f4:7f:2c:52:42:f7:
                    eb:02:28:21:08:9d:0d:08:9d:b6:03:e7:85:28:da:
                    c7:4f:37:2b:a5:4d:84:b1:02:17:a1:38:b9:75:5a:
                    a9:9d:c5:ba:d5:9d:16:49:28:d5:64:0d:a5:1f:5b:
                    fb:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:D4:1A:6E:47:24:AE:59:82:EB:40:74:55:C2:F4:FC:71:3B:22:31
            X509v3 Authority Key Identifier:
                keyid:CA:1B:71:EF:AC:6F:6A:A4:30:27:60:9C:18:A7:34:98:27:64:55:4B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WANTEASY/yhtx76xvaqQwJ2CcGKc0mCdkVUs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/yhtx76xvaqQwJ2CcGKc0mCdkVUs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WANTEASY/i9QabkckrlmC60B0VcL0_HE7IjE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:e0:f9:4e:da:49:02:87:11:fc:0e:f6:cb:42:29:d4:f1:fa:
         68:3b:81:9f:1b:82:42:ff:b0:3e:ba:07:a8:e8:b1:0c:a3:77:
         6b:47:5e:c1:72:63:70:4c:90:6a:ee:7c:7c:01:ad:97:89:dc:
         5b:09:87:81:dd:73:51:bd:18:2e:0b:a2:f4:9b:40:fb:c7:16:
         7e:9b:0c:2f:25:e1:52:70:49:7e:7a:1e:e4:3e:13:ab:fc:c6:
         74:c3:cb:c2:0a:bc:af:88:10:20:34:0d:88:7d:7b:ec:96:8c:
         81:c6:89:e7:31:b2:6b:4f:4e:f1:22:f4:30:8c:fb:ca:a7:8e:
         2d:3f:a9:36:fe:57:57:a1:17:08:4d:3d:c9:26:9a:a7:fe:a1:
         d0:ec:4d:6b:d6:83:9a:09:c4:bc:0e:95:21:66:66:14:16:b4:
         c2:e5:18:98:75:cd:39:e0:97:f5:8c:51:58:b1:92:c5:0e:0b:
         f6:cd:3d:fb:2a:9b:ae:44:da:2e:c0:16:f0:ac:78:5f:39:05:
         c6:a1:d3:7a:41:d5:61:75:80:e3:77:20:98:5a:d3:78:62:7d:
         ad:1d:9d:1e:3e:a6:a7:1a:00:df:5a:74:ba:d6:95:98:89:53:
         1d:25:11:5f:b6:26:4e:a6:15:6f:59:d2:fe:f3:88:44:1f:df:
         7b:fb:50:53
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCT4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ex
QjcxRUZBQzZGNkFBNDMwMjc2MDlDMThBNzM0OTgyNzY0NTU0QjAeFw0yMDA5Mjkx
MDA5MTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDhCRDQxQTZFNDcyNEFF
NTk4MkVCNDA3NDU1QzJGNEZDNzEzQjIyMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN6Ol7Lo7PrWaHg0pib0Ykpx0OiWEQB03/+RkA65wDx/e66dwc
CnbRL2JIoxJFjMLNTJanbzdUTawgXOjnKPH1dwvV6VRn33jF9FxSmN1R84D880Qr
V4WzQMIXyIo47Qh9j7vl17rb2Cxrxos7fGDadGj43WpalNSRDfgCjlyXW359IIq8
lJ+VrwCtoAvi9ALffov4CdoSrHrKR3K9w2Q2Ci/iQuIlACg1M6EDNX5op2VBEhlo
z46ErjVBiuJsk+usvjpdfaJbxq+77fR/LFJC9+sCKCEInQ0InbYD54Uo2sdPNyul
TYSxAhehOLl1WqmdxbrVnRZJKNVkDaUfW/ulAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUi9QabkckrlmC60B0VcL0/HE7IjEwHwYDVR0jBBgwFoAUyhtx76xvaqQwJ2Cc
GKc0mCdkVUswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0FOVEVB
U1kveWh0eDc2eHZhcVF3SjJDY0dLYzBtQ2RrVlVzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS95aHR4NzZ4dmFxUXdKMkNjR0tjMG1DZGtWVXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9XQU5URUFTWS9pOVFhYmtja3JsbUM2
MEIwVmNMMF9IRTdJakUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ4pqMA0GCSqGSIb3DQEBCwUAA4IBAQBO4PlO2kkChxH8DvbLQinU8fpoO4Gf
G4JC/7A+ugeo6LEMo3drR17BcmNwTJBq7nx8Aa2XidxbCYeB3XNRvRguC6L0m0D7
xxZ+mwwvJeFScEl+eh7kPhOr/MZ0w8vCCryviBAgNA2IfXvsloyBxonnMbJrT07x
IvQwjPvKp44tP6k2/ldXoRcITT3JJpqn/qHQ7E1r1oOaCcS8DpUhZmYUFrTC5RiY
dc054Jf1jFFYsZLFDgv2zT37KpuuRNouwBbwrHhfOQXGodN6QdVhdYDjdyCYWtN4
Yn2tHZ0ePqanGgDfWnS61pWYiVMdJRFftiZOphVvWdL+84hEH997+1BT
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:51 2024 by rpki-client on console-ams.rpki-client.org