Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/Ja-by5Egs8GjnxvJ7ovXw7AhGok.roa
File:                     Ja-by5Egs8GjnxvJ7ovXw7AhGok.roa (raw, json)
Hash identifier:          y9TEiMBe92epeGieKZtKwE3II9pKXN66cZEjg2TyYl4=
Subject key identifier:   25:AF:9B:CB:91:20:B3:C1:A3:9F:1B:C9:EE:8B:D7:C3:B0:21:1A:89
Certificate issuer:       /CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
Certificate serial:       0786
Authority key identifier: FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/Ja-by5Egs8GjnxvJ7ovXw7AhGok.roa
Signing time:             Tue 29 Sep 2020 10:00:31 +0000
ROA not before:           Tue 29 Sep 2020 10:00:31 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24168
IP address blocks:        121.50.148.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1926 (0x786)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
        Validity
            Not Before: Sep 29 10:00:31 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=25AF9BCB9120B3C1A39F1BC9EE8BD7C3B0211A89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fb:9a:bc:ef:6c:9b:69:88:32:de:75:22:e3:
                    90:a5:3e:c3:f1:f2:7b:24:82:86:29:83:2c:5b:66:
                    08:6f:0d:05:ee:47:a7:3d:9f:7e:24:44:cb:cd:c0:
                    c2:0a:76:5c:55:29:26:0f:c1:0d:d7:02:5c:16:c0:
                    ae:9b:3f:18:e8:e9:44:5e:69:80:0d:f3:a2:4c:1d:
                    7b:03:53:56:93:dc:a6:23:ca:62:99:57:8d:a6:6d:
                    72:38:b2:96:03:cb:e2:99:74:24:d6:20:5b:38:61:
                    0b:da:0f:d7:05:4a:19:af:b7:07:85:22:cf:22:04:
                    18:0e:61:40:16:8f:34:8d:97:69:bc:dc:97:58:a8:
                    d2:ef:d9:cd:b0:0d:4e:7f:cc:c8:64:d0:bf:ae:6b:
                    6d:25:76:c8:29:08:2d:f2:c8:26:44:fb:6a:19:c3:
                    ae:2a:b6:0e:e9:29:aa:e3:79:8d:15:25:a2:b4:c7:
                    c9:5f:04:70:a3:61:5b:5e:ea:a3:cd:04:7b:b6:8b:
                    5d:8d:f4:6e:82:3f:0e:d8:4f:f7:11:4f:e1:f0:ed:
                    cd:d6:0a:ab:47:21:c1:00:1a:bf:80:4e:53:ce:28:
                    b4:0b:80:cb:97:07:3c:25:ee:88:59:9a:20:08:d4:
                    e9:d6:a9:ba:a0:69:73:c3:f7:db:ac:e6:f7:2d:96:
                    7f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:AF:9B:CB:91:20:B3:C1:A3:9F:1B:C9:EE:8B:D7:C3:B0:21:1A:89
            X509v3 Authority Key Identifier:
                keyid:FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/_37NtiAv_Cw033vNcaHAiIU4L7c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/Ja-by5Egs8GjnxvJ7ovXw7AhGok.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.50.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:d6:91:10:fb:b3:8c:76:ab:bc:e5:7e:83:c3:5f:00:ee:b6:
         fb:f2:b7:4b:4d:08:c3:7e:55:90:44:b9:83:fc:e8:2e:92:cb:
         02:73:e8:a6:fc:92:0c:3a:93:b3:26:8c:31:33:07:1e:87:7b:
         05:cc:a5:22:2f:85:a8:17:71:f6:76:74:f5:15:9c:51:e0:1d:
         26:0d:b7:0a:88:e4:a8:ce:15:cf:9e:78:74:91:e5:7c:37:7a:
         88:43:da:59:ce:a8:81:2b:80:5a:bf:27:bc:bf:02:e1:f6:2a:
         9a:63:4b:33:e2:4e:4e:55:4d:ea:40:e5:ab:b0:25:fa:7a:22:
         db:b8:d3:f0:fc:bd:28:d9:e3:30:16:c1:d4:f1:c6:03:85:86:
         3b:e9:d8:1b:fc:4d:b4:28:80:d1:57:33:85:83:cf:7b:08:08:
         fc:b6:43:c9:41:4f:c2:22:65:4d:f7:5e:a2:d3:d4:2e:81:d8:
         2e:27:dd:7c:f3:f3:81:d8:f0:35:12:cb:bd:48:7b:66:d7:e4:
         1a:e6:46:9d:35:a4:d5:d5:b1:32:0e:96:b3:cc:5f:39:29:66:
         0a:6a:0f:ef:7f:07:cf:70:2c:53:f5:38:57:10:15:fc:3a:fb:
         41:21:a8:b3:3a:13:4b:31:ac:e8:d0:78:dd:f3:a3:22:33:71:
         cb:61:df:cd
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICB4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkY3
RUNEQjYyMDJGRkMyQzM0REY3QkNENzFBMUMwODg4NTM4MkZCNzAeFw0yMDA5Mjkx
MDAwMzFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI1QUY5QkNCOTEyMEIz
QzFBMzlGMUJDOUVFOEJEN0MzQjAyMTFBODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp+5q872ybaYgy3nUi45ClPsPx8nskgoYpgyxbZghvDQXuR6c9
n34kRMvNwMIKdlxVKSYPwQ3XAlwWwK6bPxjo6UReaYAN86JMHXsDU1aT3KYjymKZ
V42mbXI4spYDy+KZdCTWIFs4YQvaD9cFShmvtweFIs8iBBgOYUAWjzSNl2m83JdY
qNLv2c2wDU5/zMhk0L+ua20ldsgpCC3yyCZE+2oZw64qtg7pKarjeY0VJaK0x8lf
BHCjYVte6qPNBHu2i12N9G6CPw7YT/cRT+Hw7c3WCqtHIcEAGr+ATlPOKLQLgMuX
Bzwl7ohZmiAI1OnWqbqgaXPD99us5vctln99AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUJa+by5Egs8GjnxvJ7ovXw7AhGokwHwYDVR0jBBgwFoAU/37NtiAv/Cw033vN
caHAiIU4L7cwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJ
V0FOL18zN050aUF2X0N3MDMzdk5jYUhBaUlVNEw3Yy5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvXzM3TnRpQXZfQ3cwMzN2TmNhSEFpSVU0TDdjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJV0FOL0phLWJ5NUVnczhH
am54dko3b3ZYdzdBaEdvay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAB5MpQwDQYJKoZIhvcNAQELBQADggEBAMfWkRD7s4x2q7zlfoPDXwDutvvy
t0tNCMN+VZBEuYP86C6SywJz6Kb8kgw6k7MmjDEzBx6HewXMpSIvhagXcfZ2dPUV
nFHgHSYNtwqI5KjOFc+eeHSR5Xw3eohD2lnOqIErgFq/J7y/AuH2KppjSzPiTk5V
TepA5auwJfp6Itu40/D8vSjZ4zAWwdTxxgOFhjvp2Bv8TbQogNFXM4WDz3sICPy2
Q8lBT8IiZU33XqLT1C6B2C4n3Xzz84HY8DUSy71Ie2bX5BrmRp01pNXVsTIOlrPM
XzkpZgpqD+9/B89wLFP1OFcQFfw6+0EhqLM6E0sxrOjQeN3zoyIzccth380=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org