Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CATVISP/2-IwpFhTfcYCI6sUAWG2Oz1-BfA.roa
File:                     2-IwpFhTfcYCI6sUAWG2Oz1-BfA.roa (raw, json)
Hash identifier:          lLk3SoO28orGfwEopg8X/woBqTlFEG/CVM9eCk7abDk=
Subject key identifier:   DB:E2:30:A4:58:53:7D:C6:02:23:AB:14:01:61:B6:3B:3D:7E:05:F0
Certificate issuer:       /CN=BD822D992B0F68B61E6E0A2E6143F2BF8915BB61
Certificate serial:       085D
Authority key identifier: BD:82:2D:99:2B:0F:68:B6:1E:6E:0A:2E:61:43:F2:BF:89:15:BB:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/vYItmSsPaLYebgouYUPyv4kVu2E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CATVISP/2-IwpFhTfcYCI6sUAWG2Oz1-BfA.roa
Signing time:             Sun 07 Feb 2021 13:15:44 +0000
ROA not before:           Sun 07 Feb 2021 13:15:44 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18046
IP address blocks:        43.248.16.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2141 (0x85d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BD822D992B0F68B61E6E0A2E6143F2BF8915BB61
        Validity
            Not Before: Feb  7 13:15:44 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=DBE230A458537DC60223AB140161B63B3D7E05F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a5:bb:80:dc:65:b3:fd:4a:28:91:15:9c:5a:
                    93:e9:b2:e1:7e:da:88:41:89:81:e1:4c:c5:7e:25:
                    77:52:b3:ae:c6:cc:1b:f6:be:56:a1:31:44:b8:ec:
                    55:00:90:e5:1d:69:a3:59:2c:9b:42:82:93:25:3d:
                    43:2e:5a:98:8a:cc:cf:80:b6:d7:94:82:47:d8:20:
                    1d:c3:8a:34:ab:16:b6:a4:b2:10:95:b4:09:0d:bc:
                    e2:29:b5:ea:40:84:61:64:ab:7a:8d:38:ea:46:8f:
                    c4:1e:18:92:1e:98:56:c4:0c:c2:b6:94:53:f2:df:
                    6a:61:df:07:3d:2e:dd:fb:6c:f3:ef:32:35:a2:d3:
                    1d:bd:6e:13:e1:b7:ed:d5:5b:cd:1a:51:aa:f6:00:
                    2e:48:8a:3d:1e:13:37:06:f4:1e:3c:11:92:6b:41:
                    f6:4e:ef:9c:6a:4b:42:bc:82:1e:36:84:e8:d4:1d:
                    ae:cf:40:29:23:62:c6:34:3b:84:6b:14:8d:4b:12:
                    4b:52:45:d0:c7:6f:26:c3:56:1d:98:7e:4e:2b:42:
                    2a:9f:57:15:ec:39:16:bc:e8:48:b3:88:db:c8:b8:
                    c7:da:9f:3e:dc:d4:2f:a9:c9:58:2a:49:ba:75:d4:
                    57:88:40:fb:8e:fc:b8:b2:5d:ca:9d:c6:c6:09:b8:
                    16:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:E2:30:A4:58:53:7D:C6:02:23:AB:14:01:61:B6:3B:3D:7E:05:F0
            X509v3 Authority Key Identifier:
                keyid:BD:82:2D:99:2B:0F:68:B6:1E:6E:0A:2E:61:43:F2:BF:89:15:BB:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CATVISP/vYItmSsPaLYebgouYUPyv4kVu2E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/vYItmSsPaLYebgouYUPyv4kVu2E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CATVISP/2-IwpFhTfcYCI6sUAWG2Oz1-BfA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.248.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:ef:bc:1f:6b:0b:1f:b0:c4:f7:a4:45:5e:57:5d:90:b1:5d:
         76:5d:fb:62:79:22:a8:70:4b:f0:e6:f6:a4:d1:27:c8:6b:ae:
         22:02:94:73:a2:a8:ad:7e:62:5a:8b:aa:3c:80:97:04:c2:61:
         46:63:03:2d:6d:d2:71:6f:2f:98:dc:85:72:db:03:56:5f:e3:
         89:b2:98:f1:1a:6c:47:aa:ed:31:a5:ce:9a:23:27:52:29:da:
         94:ed:14:7c:28:e9:bf:90:e2:95:5b:b9:8f:51:77:db:56:fb:
         78:6d:9a:36:8e:18:6c:d8:e2:07:7f:30:09:7b:93:d8:ed:32:
         cb:48:53:66:8e:83:84:a4:18:f1:33:91:04:75:2d:d6:df:cb:
         e2:1d:e4:2c:9e:cf:74:9f:95:6f:df:4f:ed:83:28:75:ac:dc:
         10:c4:a2:6d:cc:cf:e3:31:06:eb:3f:08:da:63:71:5c:23:6a:
         3c:6d:b6:c1:f7:b0:c3:11:62:4b:77:e5:b2:13:78:d0:ae:c9:
         83:18:c0:3c:bc:83:4a:7e:95:52:9a:a1:bd:6a:62:35:d3:49:
         0b:0b:66:08:58:52:16:5c:df:c9:ab:07:9b:c7:6f:30:05:63:
         cc:f8:eb:3e:7e:ae:a2:3f:b4:2f:d7:86:9b:43:cf:10:5b:c1:
         0c:cd:cb:44
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCF0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkQ4
MjJEOTkyQjBGNjhCNjFFNkUwQTJFNjE0M0YyQkY4OTE1QkI2MTAeFw0yMTAyMDcx
MzE1NDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERCRTIzMEE0NTg1MzdE
QzYwMjIzQUIxNDAxNjFCNjNCM0Q3RTA1RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIpbuA3GWz/UookRWcWpPpsuF+2ohBiYHhTMV+JXdSs67GzBv2
vlahMUS47FUAkOUdaaNZLJtCgpMlPUMuWpiKzM+AtteUgkfYIB3DijSrFrakshCV
tAkNvOIptepAhGFkq3qNOOpGj8QeGJIemFbEDMK2lFPy32ph3wc9Lt37bPPvMjWi
0x29bhPht+3VW80aUar2AC5Iij0eEzcG9B48EZJrQfZO75xqS0K8gh42hOjUHa7P
QCkjYsY0O4RrFI1LEktSRdDHbybDVh2Yfk4rQiqfVxXsORa86EiziNvIuMfanz7c
1C+pyVgqSbp11FeIQPuO/LiyXcqdxsYJuBZXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2+IwpFhTfcYCI6sUAWG2Oz1+BfAwHwYDVR0jBBgwFoAUvYItmSsPaLYebgou
YUPyv4kVu2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FUVklT
UC92WUl0bVNzUGFMWWViZ291WVVQeXY0a1Z1MkUuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3ZZSXRtU3NQYUxZZWJnb3VZVVB5djRrVnUyRS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NBVFZJU1AvMi1Jd3BGaFRmY1lDSTZz
VUFXRzJPejEtQmZBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Aiv4EDANBgkqhkiG9w0BAQsFAAOCAQEAke+8H2sLH7DE96RFXlddkLFddl37Ynki
qHBL8Ob2pNEnyGuuIgKUc6KorX5iWouqPICXBMJhRmMDLW3ScW8vmNyFctsDVl/j
ibKY8RpsR6rtMaXOmiMnUinalO0UfCjpv5DilVu5j1F321b7eG2aNo4YbNjiB38w
CXuT2O0yy0hTZo6DhKQY8TORBHUt1t/L4h3kLJ7PdJ+Vb99P7YModazcEMSibczP
4zEG6z8I2mNxXCNqPG22wfewwxFiS3flshN40K7JgxjAPLyDSn6VUpqhvWpiNdNJ
CwtmCFhSFlzfyasHm8dvMAVjzPjrPn6uoj+0L9eGm0PPEFvBDM3LRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org