Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/YzwS-v4k78Nz62a_CJ8TZjqdGdU.roa
File:                     YzwS-v4k78Nz62a_CJ8TZjqdGdU.roa (raw, json)
Hash identifier:          rp+uYttAqMhiGEnciz73NxqdRleBcV0Pr3UQ66v5NM0=
Subject key identifier:   63:3C:12:FA:FE:24:EF:C3:73:EB:66:BF:08:9F:13:66:3A:9D:19:D5
Certificate issuer:       /CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
Certificate serial:       085E
Authority key identifier: FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/YzwS-v4k78Nz62a_CJ8TZjqdGdU.roa
Signing time:             Wed 04 Nov 2020 08:38:28 +0000
ROA not before:           Wed 04 Nov 2020 08:38:28 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18424
IP address blocks:        121.50.148.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2142 (0x85e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
        Validity
            Not Before: Nov  4 08:38:28 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=633C12FAFE24EFC373EB66BF089F13663A9D19D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:58:e6:e4:1b:cf:d8:2e:b7:48:85:50:57:1f:
                    15:d1:8b:9d:90:cb:20:e0:53:b8:83:92:e2:4c:9c:
                    a1:9b:67:b7:68:8d:75:29:43:9c:4e:31:08:f2:90:
                    4b:88:d3:65:64:4b:e4:e3:c0:22:6e:71:c7:f2:9f:
                    00:6b:7b:8e:6e:01:b1:2b:85:e6:c3:e2:7c:8c:26:
                    cb:5e:a5:a3:88:12:6e:eb:89:7d:69:27:26:00:6c:
                    6d:04:53:f4:e4:60:a1:6d:44:d8:10:23:6b:0c:bd:
                    0e:15:a1:f2:54:0a:6f:2c:35:b2:bd:50:c1:93:98:
                    8b:a4:6f:79:32:59:b8:ff:45:53:57:72:be:9a:47:
                    09:cd:32:f0:f6:37:1c:e9:23:e1:87:b4:7b:29:21:
                    bb:20:6b:bc:af:1c:5b:a7:87:2b:40:c9:50:63:96:
                    24:34:c7:9d:af:60:c6:c6:58:ff:83:ba:af:18:68:
                    df:72:48:9f:2b:09:2d:13:64:b3:35:fc:a5:22:ba:
                    8b:af:36:ce:cc:89:19:53:e7:f6:fe:2b:aa:1e:c3:
                    ce:e9:c6:c2:fe:72:1a:cd:1a:dd:a7:8f:8e:0a:af:
                    61:36:41:38:1c:c6:1d:bf:01:36:45:cd:67:da:78:
                    ab:24:9a:fe:66:58:bd:30:a5:3d:d9:02:6a:1a:df:
                    db:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:3C:12:FA:FE:24:EF:C3:73:EB:66:BF:08:9F:13:66:3A:9D:19:D5
            X509v3 Authority Key Identifier:
                keyid:FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/_37NtiAv_Cw033vNcaHAiIU4L7c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/YzwS-v4k78Nz62a_CJ8TZjqdGdU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.50.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:ad:28:7b:cb:a9:79:9b:29:4f:c4:55:04:18:54:0e:6a:97:
         2b:f6:53:01:66:28:de:09:ce:c7:1e:01:32:72:a3:76:cc:c1:
         a1:49:a9:d1:fd:cd:8e:37:ee:47:30:92:fa:e2:94:87:c0:f5:
         cc:23:90:af:26:aa:85:a8:cd:dd:46:4d:45:05:9b:3f:33:1a:
         83:da:0e:aa:f4:03:25:b8:22:55:bd:ae:a6:cd:1d:84:f9:47:
         d7:b3:a9:a2:24:40:45:3b:ae:1a:b5:03:42:71:2b:98:4e:b8:
         47:f5:e6:b8:5e:21:73:2e:82:ba:89:fb:bc:63:fe:f7:6a:5e:
         a5:37:ff:a9:df:b9:ab:1e:82:81:7d:6d:b3:58:71:fc:03:45:
         4b:9d:e6:c4:8f:f8:76:f4:e2:11:de:92:94:53:84:ed:1b:9b:
         33:0f:a4:fc:64:f5:40:20:31:23:e3:11:23:74:a7:3a:13:e4:
         8f:63:c9:13:b2:da:bf:64:e2:98:37:e5:f2:aa:a1:d3:27:9d:
         59:51:c6:85:e6:ce:3b:5d:d0:77:8d:3c:7b:5f:80:2f:fa:45:
         ec:33:ba:ae:dc:9c:49:93:72:52:7d:21:d1:e3:44:61:c7:cc:
         8c:93:f7:d1:84:d2:f7:fe:91:54:66:d4:9f:eb:ba:db:fc:af:
         e1:ba:bb:e1
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICCF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkY3
RUNEQjYyMDJGRkMyQzM0REY3QkNENzFBMUMwODg4NTM4MkZCNzAeFw0yMDExMDQw
ODM4MjhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDYzM0MxMkZBRkUyNEVG
QzM3M0VCNjZCRjA4OUYxMzY2M0E5RDE5RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3WObkG8/YLrdIhVBXHxXRi52QyyDgU7iDkuJMnKGbZ7dojXUp
Q5xOMQjykEuI02VkS+TjwCJuccfynwBre45uAbErhebD4nyMJstepaOIEm7riX1p
JyYAbG0EU/TkYKFtRNgQI2sMvQ4VofJUCm8sNbK9UMGTmIukb3kyWbj/RVNXcr6a
RwnNMvD2NxzpI+GHtHspIbsga7yvHFunhytAyVBjliQ0x52vYMbGWP+Duq8YaN9y
SJ8rCS0TZLM1/KUiuouvNs7MiRlT5/b+K6oew87pxsL+chrNGt2nj44Kr2E2QTgc
xh2/ATZFzWfaeKskmv5mWL0wpT3ZAmoa39tDAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUYzwS+v4k78Nz62a/CJ8TZjqdGdUwHwYDVR0jBBgwFoAU/37NtiAv/Cw033vN
caHAiIU4L7cwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJ
V0FOL18zN050aUF2X0N3MDMzdk5jYUhBaUlVNEw3Yy5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvXzM3TnRpQXZfQ3cwMzN2TmNhSEFpSVU0TDdjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJV0FOL1l6d1MtdjRrNzhO
ejYyYV9DSjhUWmpxZEdkVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJ5MpQwDQYJKoZIhvcNAQELBQADggEBAEKtKHvLqXmbKU/EVQQYVA5qlyv2
UwFmKN4JzsceATJyo3bMwaFJqdH9zY437kcwkvrilIfA9cwjkK8mqoWozd1GTUUF
mz8zGoPaDqr0AyW4IlW9rqbNHYT5R9ezqaIkQEU7rhq1A0JxK5hOuEf15rheIXMu
grqJ+7xj/vdqXqU3/6nfuasegoF9bbNYcfwDRUud5sSP+Hb04hHekpRThO0bmzMP
pPxk9UAgMSPjESN0pzoT5I9jyROy2r9k4pg35fKqodMnnVlRxoXmzjtd0HeNPHtf
gC/6Rewzuq7cnEmTclJ9IdHjRGHHzIyT99GE0vf+kVRm1J/rutv8r+G6u+E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org