Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/bbB-_kpg6ahbIgQhdaAgh9Vqf6g.roa
File:                     bbB-_kpg6ahbIgQhdaAgh9Vqf6g.roa (raw, json)
Hash identifier:          qzuRjXlDXcpzEQs0AYXlrHclAos/Oq5RB8+GRZzLI3Y=
Subject key identifier:   6D:B0:7E:FE:4A:60:E9:A8:5B:22:04:21:75:A0:20:87:D5:6A:7F:A8
Certificate issuer:       /CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
Certificate serial:       0939
Authority key identifier: FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/bbB-_kpg6ahbIgQhdaAgh9Vqf6g.roa
Signing time:             Sun 07 Feb 2021 11:53:01 +0000
ROA not before:           Sun 07 Feb 2021 11:53:01 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24168
IP address blocks:        121.50.144.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2361 (0x939)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
        Validity
            Not Before: Feb  7 11:53:01 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=6DB07EFE4A60E9A85B22042175A02087D56A7FA8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ad:49:a8:71:e9:5a:1b:dc:21:c0:95:9d:20:
                    a3:93:f9:7b:16:e4:8f:9f:21:29:53:22:b3:ea:39:
                    59:30:c5:02:c6:d4:db:89:b9:d2:fa:31:09:f5:bf:
                    7b:fc:c9:01:0e:b2:5d:65:7d:69:d4:f8:cf:a8:5c:
                    36:e6:59:a4:f5:b5:86:5e:17:a2:da:27:e5:18:62:
                    7e:4d:39:f2:c4:c5:e7:84:f3:62:20:c8:f0:df:b3:
                    5d:10:60:d6:4c:01:64:e9:e4:01:06:89:e9:b1:58:
                    09:33:52:68:8d:f1:1d:24:23:8d:44:89:7f:7d:c6:
                    1e:e1:26:22:2b:c8:79:6a:85:77:52:c0:a9:3f:e7:
                    e7:85:d7:0a:78:8d:ff:70:c4:bf:b9:ad:c6:f6:fb:
                    83:10:da:60:9f:ca:5d:9c:74:d2:34:f0:93:0b:8f:
                    f1:71:78:d7:6d:ab:56:b3:f7:d8:59:3b:06:84:11:
                    1a:3d:77:ca:96:ae:88:e4:eb:af:11:67:8c:71:c9:
                    6f:5b:81:67:b9:57:ca:e1:13:80:dd:42:dd:90:9e:
                    d0:74:e9:a1:ab:33:76:71:2c:7c:99:b2:41:b7:e6:
                    2f:5b:f0:64:23:71:16:20:64:fc:21:b5:82:4c:ad:
                    1e:b3:92:f0:67:f0:17:68:49:e3:ed:e3:66:ef:f4:
                    ba:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:B0:7E:FE:4A:60:E9:A8:5B:22:04:21:75:A0:20:87:D5:6A:7F:A8
            X509v3 Authority Key Identifier:
                keyid:FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/_37NtiAv_Cw033vNcaHAiIU4L7c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/bbB-_kpg6ahbIgQhdaAgh9Vqf6g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.50.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a5:68:1b:8c:ce:c5:ba:2a:0c:14:c2:93:ed:c6:4c:33:4d:cb:
         ff:5b:d1:e3:d7:d8:d3:5d:24:21:79:85:28:3f:41:76:04:cb:
         dc:63:8e:2f:64:53:cb:a2:77:02:48:f5:9e:6e:00:7f:60:e1:
         db:1c:7a:ba:fa:85:86:99:4a:d1:49:4c:c1:53:10:b3:78:b0:
         d7:99:43:44:54:2c:73:00:b5:79:76:4f:dd:0c:76:4e:4b:08:
         3c:04:c1:af:eb:35:cd:3b:d0:57:1e:c5:10:a5:64:38:b4:1c:
         b7:2f:30:03:c1:f7:28:f0:96:53:ef:ba:e4:a2:05:e0:8f:96:
         d7:4b:65:d3:d1:b8:2f:fa:f0:c7:40:a6:f5:d6:f7:81:de:28:
         4c:6b:04:e6:41:7f:2d:92:87:7f:88:fb:2e:17:47:ec:c6:50:
         8b:71:90:8f:4d:44:89:c3:a4:a3:7d:f1:02:8d:ff:e8:42:23:
         4d:9f:a4:51:18:3e:fb:59:3e:29:b8:2f:55:9a:77:20:18:bd:
         89:c9:3d:f2:83:f6:ca:d2:56:76:59:db:a7:c9:ed:c0:77:e5:
         d0:ca:2c:bf:d8:d6:77:19:4b:98:23:d8:67:f2:d2:31:16:07:
         20:b1:2e:f4:33:39:b9:d1:83:2f:b0:69:7b:da:d3:f1:a9:4b:
         d3:9e:ed:67
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICCTkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkY3
RUNEQjYyMDJGRkMyQzM0REY3QkNENzFBMUMwODg4NTM4MkZCNzAeFw0yMTAyMDcx
MTUzMDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZEQjA3RUZFNEE2MEU5
QTg1QjIyMDQyMTc1QTAyMDg3RDU2QTdGQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8rUmocelaG9whwJWdIKOT+XsW5I+fISlTIrPqOVkwxQLG1NuJ
udL6MQn1v3v8yQEOsl1lfWnU+M+oXDbmWaT1tYZeF6LaJ+UYYn5NOfLExeeE82Ig
yPDfs10QYNZMAWTp5AEGiemxWAkzUmiN8R0kI41EiX99xh7hJiIryHlqhXdSwKk/
5+eF1wp4jf9wxL+5rcb2+4MQ2mCfyl2cdNI08JMLj/FxeNdtq1az99hZOwaEERo9
d8qWrojk668RZ4xxyW9bgWe5V8rhE4DdQt2QntB06aGrM3ZxLHyZskG35i9b8GQj
cRYgZPwhtYJMrR6zkvBn8BdoSePt42bv9LopAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUbbB+/kpg6ahbIgQhdaAgh9Vqf6gwHwYDVR0jBBgwFoAU/37NtiAv/Cw033vN
caHAiIU4L7cwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJ
V0FOL18zN050aUF2X0N3MDMzdk5jYUhBaUlVNEw3Yy5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvXzM3TnRpQXZfQ3cwMzN2TmNhSEFpSVU0TDdjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJV0FOL2JiQi1fa3BnNmFo
YklnUWhkYUFnaDlWcWY2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJ5MpAwDQYJKoZIhvcNAQELBQADggEBAKVoG4zOxboqDBTCk+3GTDNNy/9b
0ePX2NNdJCF5hSg/QXYEy9xjji9kU8uidwJI9Z5uAH9g4dscerr6hYaZStFJTMFT
ELN4sNeZQ0RULHMAtXl2T90Mdk5LCDwEwa/rNc070FcexRClZDi0HLcvMAPB9yjw
llPvuuSiBeCPltdLZdPRuC/68MdApvXW94HeKExrBOZBfy2Sh3+I+y4XR+zGUItx
kI9NRInDpKN98QKN/+hCI02fpFEYPvtZPim4L1WadyAYvYnJPfKD9srSVnZZ26fJ
7cB35dDKLL/Y1ncZS5gj2Gfy0jEWByCxLvQzObnRgy+waXva0/GpS9Oe7Wc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:51 2024 by rpki-client on console-ams.rpki-client.org