Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/R6F9Jb0Fs5HTWcSXSnvJSLPMPvk.roa
File:                     R6F9Jb0Fs5HTWcSXSnvJSLPMPvk.roa (raw, json)
Hash identifier:          24AExvKDUK0Tl2a8PlXZiyXB89rtr5x/pI+QI3SKwSw=
Subject key identifier:   47:A1:7D:25:BD:05:B3:91:D3:59:C4:97:4A:7B:C9:48:B3:CC:3E:F9
Certificate issuer:       /CN=87A4AFD9E7FC1FED4F9545DE41CE4413DACB0E05
Certificate serial:       08BD
Authority key identifier: 87:A4:AF:D9:E7:FC:1F:ED:4F:95:45:DE:41:CE:44:13:DA:CB:0E:05
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/R6F9Jb0Fs5HTWcSXSnvJSLPMPvk.roa
Signing time:             Sun 07 Feb 2021 14:10:15 +0000
ROA not before:           Sun 07 Feb 2021 14:10:15 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131149
IP address blocks:        103.17.8.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2237 (0x8bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87A4AFD9E7FC1FED4F9545DE41CE4413DACB0E05
        Validity
            Not Before: Feb  7 14:10:15 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=47A17D25BD05B391D359C4974A7BC948B3CC3EF9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:39:77:56:bd:b6:eb:6e:ba:a8:7f:44:36:6b:
                    ea:f7:17:7d:3a:25:8f:d3:69:1c:43:f4:6f:6a:5c:
                    59:ca:81:98:4a:7f:8a:7c:8f:f9:a6:a7:71:74:f9:
                    1f:0b:1b:1b:44:4b:e9:c7:46:17:93:04:86:cd:15:
                    57:6e:12:45:b9:de:92:03:af:10:7d:40:56:c9:47:
                    03:77:1b:f9:2d:3e:37:eb:40:82:4c:67:86:ef:fc:
                    79:fc:07:39:cc:d2:28:ff:d8:cc:da:65:16:1d:6c:
                    d7:30:f7:a0:bf:00:bf:08:47:52:73:91:19:e2:4d:
                    a4:c2:74:63:7d:52:83:7f:3a:f9:7b:ee:f2:b3:6a:
                    0d:40:cd:92:48:bf:45:52:1c:46:4b:b1:99:c3:de:
                    8f:a7:73:af:f6:54:d2:1e:ba:b3:7e:32:a6:1c:ad:
                    d5:44:cc:ae:27:92:f1:69:2a:c7:81:05:79:db:47:
                    38:c2:f7:08:3d:6a:ac:6d:55:c1:14:38:7b:de:f5:
                    df:8d:32:41:d4:e1:54:27:df:f2:d7:36:ae:46:06:
                    30:af:fd:71:cf:61:24:e8:24:cc:ab:0a:53:7a:62:
                    df:d6:01:fd:59:08:83:b5:1c:49:ca:19:13:11:ab:
                    d1:41:1e:bb:36:3c:1d:b1:2e:26:00:5e:f3:2c:b5:
                    82:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:A1:7D:25:BD:05:B3:91:D3:59:C4:97:4A:7B:C9:48:B3:CC:3E:F9
            X509v3 Authority Key Identifier:
                keyid:87:A4:AF:D9:E7:FC:1F:ED:4F:95:45:DE:41:CE:44:13:DA:CB:0E:05

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/R6F9Jb0Fs5HTWcSXSnvJSLPMPvk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.17.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:6a:2d:1a:07:b4:5c:c8:f9:62:df:2a:48:e7:51:7c:27:d7:
         49:05:4b:f3:51:b2:41:7a:c1:29:6e:1d:76:ad:b1:bc:d5:19:
         71:0d:09:1f:48:89:d2:85:12:2d:64:b3:a4:4d:ee:d3:86:ca:
         e1:e7:a7:19:61:b7:d2:bb:81:20:69:58:c7:d9:f5:31:b7:c2:
         66:49:8b:9f:91:5c:b6:9f:8d:48:94:bb:88:c0:ca:18:12:f8:
         5c:80:82:ef:cb:4a:bb:6a:4a:d3:77:d9:e3:52:e0:3f:be:61:
         5d:81:6d:24:db:9d:9d:04:af:72:9c:04:44:66:92:77:db:08:
         b1:25:7b:b9:03:5b:3d:d0:22:fe:eb:0b:71:56:bd:0a:5f:30:
         48:f2:2e:d7:f4:31:f0:66:9f:9a:35:9f:d0:0d:e0:64:c6:4d:
         fc:b0:3f:8e:fd:cc:b6:5a:92:e8:4a:ed:d4:5a:c1:80:af:dc:
         fa:9a:fa:e2:2e:d5:80:f7:9b:3c:b0:76:c1:73:e9:bc:da:99:
         00:60:3e:84:42:a2:8b:13:b5:4d:c5:85:55:ab:61:01:5f:a0:
         58:fa:b3:cf:e6:d4:0d:6a:3a:2b:d1:a6:b2:65:58:c1:3d:72:
         00:a6:cf:8f:91:1d:af:bb:d6:24:a3:1f:15:fa:04:61:3d:bf:
         77:08:0b:7a
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODdB
NEFGRDlFN0ZDMUZFRDRGOTU0NURFNDFDRTQ0MTNEQUNCMEUwNTAeFw0yMTAyMDcx
NDEwMTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQ3QTE3RDI1QkQwNUIz
OTFEMzU5QzQ5NzRBN0JDOTQ4QjNDQzNFRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7OXdWvbbrbrqof0Q2a+r3F306JY/TaRxD9G9qXFnKgZhKf4p8
j/mmp3F0+R8LGxtES+nHRheTBIbNFVduEkW53pIDrxB9QFbJRwN3G/ktPjfrQIJM
Z4bv/Hn8BznM0ij/2MzaZRYdbNcw96C/AL8IR1JzkRniTaTCdGN9UoN/Ovl77vKz
ag1AzZJIv0VSHEZLsZnD3o+nc6/2VNIeurN+MqYcrdVEzK4nkvFpKseBBXnbRzjC
9wg9aqxtVcEUOHve9d+NMkHU4VQn3/LXNq5GBjCv/XHPYSToJMyrClN6Yt/WAf1Z
CIO1HEnKGRMRq9FBHrs2PB2xLiYAXvMstYLLAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUR6F9Jb0Fs5HTWcSXSnvJSLPMPvkwHwYDVR0jBBgwFoAUh6Sv2ef8H+1PlUXe
Qc5EE9rLDgUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWVVBTkpI
RU4vaDZTdjJlZjhILTFQbFVYZVFjNUVFOXJMRGdVLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9oNlN2MmVmOEgtMVBsVVhlUWM1RUU5ckxEZ1UuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ZVUFOSkhFTi9SNkY5SmIwRnM1SFRX
Y1NYU252SlNMUE1Qdmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZxEIMA0GCSqGSIb3DQEBCwUAA4IBAQBsai0aB7RcyPli3ypI51F8J9dJBUvz
UbJBesEpbh12rbG81RlxDQkfSInShRItZLOkTe7Thsrh56cZYbfSu4EgaVjH2fUx
t8JmSYufkVy2n41IlLuIwMoYEvhcgILvy0q7akrTd9njUuA/vmFdgW0k252dBK9y
nAREZpJ32wixJXu5A1s90CL+6wtxVr0KXzBI8i7X9DHwZp+aNZ/QDeBkxk38sD+O
/cy2WpLoSu3UWsGAr9z6mvriLtWA95s8sHbBc+m82pkAYD6EQqKLE7VNxYVVq2EB
X6BY+rPP5tQNajor0aayZVjBPXIAps+PkR2vu9Ykox8V+gRhPb93CAt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:52 2024 by rpki-client on console-ams.rpki-client.org