Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/7_mv5PU7spX-hdYzqCYJO-XkMO0.roa
File:                     7_mv5PU7spX-hdYzqCYJO-XkMO0.roa (raw, json)
Hash identifier:          sFDcIXdOmTcb+NOfxALnA85pSEjJQPflMp1Kb6O053U=
Subject key identifier:   EF:F9:AF:E4:F5:3B:B2:95:FE:85:D6:33:A8:26:09:3B:E5:E4:30:ED
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       0AEB
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/7_mv5PU7spX-hdYzqCYJO-XkMO0.roa
Signing time:             Thu 15 Sep 2022 02:49:30 +0000
ROA not before:           Thu 15 Sep 2022 02:49:30 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18429
IP address blocks:        27.147.48.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2795 (0xaeb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Sep 15 02:49:30 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=EFF9AFE4F53BB295FE85D633A826093BE5E430ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:87:a2:35:5d:10:37:ee:22:b4:96:26:4f:7f:
                    b4:8a:3a:2c:9b:ea:35:64:8a:91:ec:8c:20:5f:e2:
                    d2:e7:d3:78:da:a4:b7:c5:d9:7f:fb:bd:69:21:21:
                    6b:8f:2f:fc:cb:39:5d:ca:d8:c9:46:19:87:bc:0b:
                    fc:7c:5e:d9:1a:e1:c6:40:e2:58:c4:b2:99:93:86:
                    10:b2:dd:c1:30:06:ce:77:de:e5:b9:41:f0:92:0b:
                    35:bc:be:71:14:27:d2:23:30:c9:f8:2f:c1:02:0a:
                    83:f3:42:36:86:4c:84:cf:e6:ba:3e:03:1c:56:0e:
                    f8:80:41:07:dd:a2:ca:64:38:ea:fa:af:0c:ea:e5:
                    47:ac:72:4b:48:ad:15:25:f3:47:b3:8b:cc:38:76:
                    89:07:6b:d3:ad:b0:91:10:60:e5:98:1a:a8:1f:d2:
                    7f:8d:51:75:c9:a0:db:3c:61:8d:61:7e:05:cb:f3:
                    04:1d:74:80:01:83:4f:82:4c:35:09:ed:44:a1:b3:
                    b8:9c:e5:35:c5:98:eb:1a:fd:ab:98:11:ab:4d:f1:
                    11:2b:ff:9d:8f:71:c4:f8:98:16:a0:54:79:1d:41:
                    83:1d:e0:2d:20:06:02:b7:c2:0d:b7:29:1d:0b:bc:
                    ad:bd:34:73:b6:44:8e:7b:5c:bc:24:d8:c1:12:b7:
                    a0:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:F9:AF:E4:F5:3B:B2:95:FE:85:D6:33:A8:26:09:3B:E5:E4:30:ED
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/7_mv5PU7spX-hdYzqCYJO-XkMO0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.147.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         57:49:ec:e1:a6:9e:25:8d:00:18:c4:92:72:5c:de:b8:a9:58:
         de:f2:62:df:3e:09:0d:d2:68:c1:e5:f5:52:b5:af:59:d5:3f:
         e2:89:4b:2f:f2:14:85:dc:f3:67:2c:c0:8f:10:f6:58:bc:ff:
         5c:89:4a:56:4e:a6:66:6e:cd:fe:6c:4d:48:4a:b2:e6:70:60:
         e2:48:fe:0c:8d:33:fc:2b:20:9a:15:7f:ed:b0:1d:2c:06:a4:
         20:72:e5:ef:2f:70:19:e0:87:30:fc:d3:8e:85:97:10:c8:09:
         12:65:5c:c2:f0:53:58:f5:4d:da:aa:61:b6:12:01:f1:1a:87:
         e0:de:29:fb:64:8d:28:bf:f8:a0:68:aa:34:3b:59:1a:92:0b:
         04:9e:a6:22:db:01:35:aa:15:15:53:ca:cf:f6:dc:fb:1f:a4:
         99:82:62:4e:3d:de:5e:b8:ea:8d:a4:5e:b4:e7:af:c1:9e:7b:
         33:44:3e:58:6e:18:a4:34:5a:1b:0e:55:ed:69:6e:f7:cd:c5:
         a0:13:a1:69:11:89:56:46:07:bf:38:e1:7a:37:a5:c5:ed:0b:
         2e:7b:47:64:4d:e0:57:8e:85:ce:a8:00:ee:31:7d:05:4d:e2:
         23:98:00:a9:79:4c:e8:e5:10:a1:ae:c3:e0:27:be:9b:9e:e0:
         71:39:c3:a5
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA5MTUw
MjQ5MzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEVGRjlBRkU0RjUzQkIy
OTVGRTg1RDYzM0E4MjYwOTNCRTVFNDMwRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9h6I1XRA37iK0liZPf7SKOiyb6jVkipHsjCBf4tLn03japLfF
2X/7vWkhIWuPL/zLOV3K2MlGGYe8C/x8Xtka4cZA4ljEspmThhCy3cEwBs533uW5
QfCSCzW8vnEUJ9IjMMn4L8ECCoPzQjaGTITP5ro+AxxWDviAQQfdospkOOr6rwzq
5UescktIrRUl80ezi8w4dokHa9OtsJEQYOWYGqgf0n+NUXXJoNs8YY1hfgXL8wQd
dIABg0+CTDUJ7UShs7ic5TXFmOsa/auYEatN8REr/52PccT4mBagVHkdQYMd4C0g
BgK3wg23KR0LvK29NHO2RI57XLwk2MESt6BBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU7/mv5PU7spX+hdYzqCYJO+XkMO0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC83X212NVBVN3NwWC1oZFl6cUNZ
Sk8tWGtNTzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mw
MA0GCSqGSIb3DQEBCwUAA4IBAQBXSezhpp4ljQAYxJJyXN64qVje8mLfPgkN0mjB
5fVSta9Z1T/iiUsv8hSF3PNnLMCPEPZYvP9ciUpWTqZmbs3+bE1ISrLmcGDiSP4M
jTP8KyCaFX/tsB0sBqQgcuXvL3AZ4Icw/NOOhZcQyAkSZVzC8FNY9U3aqmG2EgHx
Gofg3in7ZI0ov/igaKo0O1kakgsEnqYi2wE1qhUVU8rP9tz7H6SZgmJOPd5euOqN
pF6056/BnnszRD5YbhikNFobDlXtaW73zcWgE6FpEYlWRge/OOF6N6XF7Qsue0dk
TeBXjoXOqADuMX0FTeIjmACpeUzo5RChrsPgJ76bnuBxOcOl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org