Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/EPUlge9oTyxHhHi9gEOG55-2vVk.roa
File:                     EPUlge9oTyxHhHi9gEOG55-2vVk.roa (raw, json)
Hash identifier:          jX/QWw6gtXGA4GsLab8x7lMSUY9U3QFNnI1HW+Fe55M=
Subject key identifier:   10:F5:25:81:EF:68:4F:2C:47:84:78:BD:80:43:86:E7:9F:B6:BD:59
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       08F5
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/EPUlge9oTyxHhHi9gEOG55-2vVk.roa
Signing time:             Sun 07 Feb 2021 12:44:55 +0000
ROA not before:           Sun 07 Feb 2021 12:44:55 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18429
IP address blocks:        27.147.12.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2293 (0x8f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Feb  7 12:44:55 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=10F52581EF684F2C478478BD804386E79FB6BD59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:d3:fe:96:66:08:d4:c2:2a:49:68:da:ed:b6:
                    1a:c0:01:6d:61:39:9c:c8:59:5c:ac:61:e7:0c:11:
                    00:9e:45:ed:86:de:56:8c:8f:a7:8c:94:c9:13:b5:
                    cc:73:64:17:d8:c6:0f:54:00:4f:1c:24:70:5e:e8:
                    f7:87:84:2f:61:ce:bf:db:40:ae:04:e7:4c:e0:f2:
                    47:b0:a8:14:1a:d3:8d:68:31:28:39:dd:ae:04:30:
                    99:63:8e:1b:2c:9b:40:c7:01:19:25:2b:8e:2a:13:
                    1f:ad:26:3c:16:80:51:27:cb:5b:66:c2:c3:26:b7:
                    69:97:f2:87:f8:44:e6:6e:97:3b:21:27:77:09:f8:
                    54:df:7c:75:14:94:8a:a9:dc:a0:0a:ad:24:29:0e:
                    37:21:33:1a:f7:53:83:25:6c:1f:29:ad:74:34:ce:
                    33:cc:d3:f6:2e:3d:96:05:9a:e9:03:ea:b8:5e:22:
                    8e:24:82:12:48:45:b3:b8:4f:dd:d5:65:51:9a:e2:
                    81:7e:c4:8a:92:86:eb:be:8c:d1:7f:90:9c:75:0f:
                    42:69:e2:68:5c:5e:ee:66:db:98:1f:78:64:8f:9f:
                    a1:06:dd:b0:10:df:a9:0f:88:66:21:98:1b:57:ad:
                    01:d1:a9:98:7c:54:96:9d:2a:dd:17:2c:70:4d:b5:
                    98:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:F5:25:81:EF:68:4F:2C:47:84:78:BD:80:43:86:E7:9F:B6:BD:59
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/EPUlge9oTyxHhHi9gEOG55-2vVk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.147.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:02:8e:4c:a4:78:63:05:c8:6d:17:17:cf:60:b3:5c:53:b4:
         1f:16:c2:57:48:57:44:b9:b4:8c:b4:e6:58:59:46:9c:e0:23:
         cc:6a:5d:e7:ba:e8:d1:e9:1f:db:83:92:d4:51:80:21:a6:58:
         2b:7d:46:6c:ac:bd:46:be:d1:41:a3:1e:e3:d7:d6:ad:b3:1e:
         48:78:1c:4f:1e:1e:b0:b9:6b:a7:c8:c1:a1:dd:c0:55:b4:38:
         4f:a8:08:fb:b9:73:20:2f:16:3a:36:0e:8f:64:cb:e1:27:5b:
         86:65:2a:24:b5:a8:cf:33:8b:0b:f6:d1:e7:41:d1:dd:44:32:
         3b:e1:75:fd:dd:72:54:3f:dd:99:c0:a1:6b:15:be:8d:e3:fa:
         58:bc:e7:34:3e:e5:07:b6:9f:80:3a:13:c7:87:08:e8:64:67:
         2c:69:a3:f3:3e:36:98:e9:f8:c2:26:99:02:25:17:f6:a1:74:
         ae:0e:aa:2a:86:aa:f1:ce:3d:5f:87:e6:2f:dd:c5:2d:e7:89:
         57:c2:9f:65:4a:45:6f:64:81:b6:0c:99:d5:e9:2d:8f:6b:66:
         9c:b6:90:66:1f:84:e4:76:ca:c7:12:e6:40:b6:b0:dc:0f:e4:
         7d:79:b9:96:7c:f9:8a:1e:71:4d:51:36:35:69:a2:97:0f:3b:
         d6:3c:37:49
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ0NTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDEwRjUyNTgxRUY2ODRG
MkM0Nzg0NzhCRDgwNDM4NkU3OUZCNkJENTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF0/6WZgjUwipJaNrtthrAAW1hOZzIWVysYecMEQCeRe2G3laM
j6eMlMkTtcxzZBfYxg9UAE8cJHBe6PeHhC9hzr/bQK4E50zg8kewqBQa041oMSg5
3a4EMJljjhssm0DHARklK44qEx+tJjwWgFEny1tmwsMmt2mX8of4ROZulzshJ3cJ
+FTffHUUlIqp3KAKrSQpDjchMxr3U4MlbB8prXQ0zjPM0/YuPZYFmukD6rheIo4k
ghJIRbO4T93VZVGa4oF+xIqShuu+jNF/kJx1D0Jp4mhcXu5m25gfeGSPn6EG3bAQ
36kPiGYhmBtXrQHRqZh8VJadKt0XLHBNtZjHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUEPUlge9oTyxHhHi9gEOG55+2vVkwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9FUFVsZ2U5b1R5eEhoSGk5Z0VP
RzU1LTJ2Vmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCG5MM
MA0GCSqGSIb3DQEBCwUAA4IBAQAyAo5MpHhjBchtFxfPYLNcU7QfFsJXSFdEubSM
tOZYWUac4CPMal3nuujR6R/bg5LUUYAhplgrfUZsrL1GvtFBox7j19atsx5IeBxP
Hh6wuWunyMGh3cBVtDhPqAj7uXMgLxY6Ng6PZMvhJ1uGZSoktajPM4sL9tHnQdHd
RDI74XX93XJUP92ZwKFrFb6N4/pYvOc0PuUHtp+AOhPHhwjoZGcsaaPzPjaY6fjC
JpkCJRf2oXSuDqoqhqrxzj1fh+Yv3cUt54lXwp9lSkVvZIG2DJnV6S2Pa2actpBm
H4TkdsrHEuZAtrDcD+R9ebmWfPmKHnFNUTY1aaKXDzvWPDdJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org