Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/HpoOJHDhJxAGbUdrPoDYQgVDyLQ.roa
File:                     HpoOJHDhJxAGbUdrPoDYQgVDyLQ.roa (raw, json)
Hash identifier:          zwJwpr8+t7dBc7T5GbBWMjrI0aU/0qZZd7Is1GPD0YA=
Subject key identifier:   1E:9A:0E:24:70:E1:27:10:06:6D:47:6B:3E:80:D8:42:05:43:C8:B4
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       0917
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/HpoOJHDhJxAGbUdrPoDYQgVDyLQ.roa
Signing time:             Sun 07 Feb 2021 12:45:21 +0000
ROA not before:           Sun 07 Feb 2021 12:45:21 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18429
IP address blocks:        123.50.40.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2327 (0x917)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Feb  7 12:45:21 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=1E9A0E2470E12710066D476B3E80D8420543C8B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:1a:ef:6b:cb:19:09:2b:1a:35:19:1e:19:24:
                    56:7a:30:54:ac:fc:1c:66:29:2d:0d:2f:66:28:6a:
                    4f:cb:ac:19:bb:fb:ac:7b:7f:de:85:78:d0:e4:ba:
                    2b:b2:40:ba:5e:0a:4d:9a:e7:27:aa:dc:8f:ce:00:
                    92:8d:93:9d:e6:65:6e:eb:57:ab:27:5a:4b:a3:d9:
                    60:ac:a7:5c:57:b3:3d:eb:d3:79:d2:9a:d5:7c:66:
                    f7:63:a3:6b:4b:1a:22:5a:fc:7a:3f:c8:9a:f2:6b:
                    33:e9:ac:ff:e4:64:72:a5:95:ce:d3:59:1e:d1:99:
                    24:99:f2:c5:d6:08:b7:df:81:09:80:e0:f2:a1:dc:
                    87:e5:d5:3d:52:3b:83:ac:7d:40:74:2a:73:de:80:
                    64:0e:4d:62:5f:43:8f:fa:e8:0e:4a:da:c0:04:f0:
                    aa:b2:4e:36:f3:df:f3:cc:2a:29:cb:9b:97:f3:ff:
                    9e:14:d2:c6:75:6a:15:ec:39:19:9b:94:4c:8b:39:
                    54:ab:a7:c1:e9:bb:4a:62:e5:59:85:48:6d:6d:55:
                    c9:1a:46:11:51:77:cc:b0:cb:30:1b:a7:13:10:50:
                    ae:e0:73:1e:4e:77:0a:70:c5:41:8e:1b:b7:4c:bc:
                    9d:c5:dd:63:d7:01:c7:8f:e9:ad:22:34:33:ec:12:
                    1c:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:9A:0E:24:70:E1:27:10:06:6D:47:6B:3E:80:D8:42:05:43:C8:B4
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/HpoOJHDhJxAGbUdrPoDYQgVDyLQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.50.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         63:00:60:71:66:e3:b5:73:7b:79:31:39:3f:fb:7d:d5:9c:0c:
         ac:da:bf:be:b3:a6:4a:64:9c:01:a1:3f:85:5f:7a:95:fa:8e:
         b4:87:61:4e:e2:7e:73:bd:ba:e0:46:6b:3e:9b:59:61:56:37:
         b3:1c:0b:db:61:19:ea:f8:25:0f:e5:30:8a:82:af:92:0b:15:
         dc:4e:9d:33:76:dd:0d:aa:9e:e1:85:fe:97:71:84:1a:1c:49:
         1f:cc:5b:92:86:1d:43:89:9e:62:a9:45:4a:a1:41:2c:66:03:
         bf:31:54:dc:7b:91:dd:1c:7d:96:61:17:d3:02:24:3a:9d:b5:
         c1:d6:ad:c6:95:20:2c:cc:a4:60:a0:34:76:c4:2e:e0:99:c4:
         40:c3:1a:65:c2:15:47:66:e0:6c:cc:eb:95:99:ed:9f:1e:e6:
         12:9b:83:17:4e:00:d1:f5:43:54:16:79:e2:65:03:23:d9:89:
         df:4b:5f:a5:1e:26:89:e8:ee:6a:83:b4:e0:be:7d:b4:3d:f9:
         18:a5:2c:f4:40:78:ed:db:50:21:89:59:1d:da:74:c3:1e:dd:
         82:22:13:42:3a:92:30:2f:0f:98:b2:4e:a5:53:8d:61:00:1f:
         6c:68:3d:9f:45:86:4a:52:c4:60:51:ca:14:17:d8:fa:95:0a:
         b5:ce:33:d2
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCRcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ1MjFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFFOUEwRTI0NzBFMTI3
MTAwNjZENDc2QjNFODBEODQyMDU0M0M4QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhGu9ryxkJKxo1GR4ZJFZ6MFSs/BxmKS0NL2Yoak/LrBm7+6x7
f96FeNDkuiuyQLpeCk2a5yeq3I/OAJKNk53mZW7rV6snWkuj2WCsp1xXsz3r03nS
mtV8Zvdjo2tLGiJa/Ho/yJryazPprP/kZHKllc7TWR7RmSSZ8sXWCLffgQmA4PKh
3Ifl1T1SO4OsfUB0KnPegGQOTWJfQ4/66A5K2sAE8KqyTjbz3/PMKinLm5fz/54U
0sZ1ahXsORmblEyLOVSrp8Hpu0pi5VmFSG1tVckaRhFRd8ywyzAbpxMQUK7gcx5O
dwpwxUGOG7dMvJ3F3WPXAceP6a0iNDPsEhxTAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHpoOJHDhJxAGbUdrPoDYQgVDyLQwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9IcG9PSkhEaEp4QUdiVWRyUG9E
WVFnVkR5TFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDezIo
MA0GCSqGSIb3DQEBCwUAA4IBAQBjAGBxZuO1c3t5MTk/+33VnAys2r++s6ZKZJwB
oT+FX3qV+o60h2FO4n5zvbrgRms+m1lhVjezHAvbYRnq+CUP5TCKgq+SCxXcTp0z
dt0Nqp7hhf6XcYQaHEkfzFuShh1DiZ5iqUVKoUEsZgO/MVTce5HdHH2WYRfTAiQ6
nbXB1q3GlSAszKRgoDR2xC7gmcRAwxplwhVHZuBszOuVme2fHuYSm4MXTgDR9UNU
FnniZQMj2YnfS1+lHiaJ6O5qg7Tgvn20PfkYpSz0QHjt21AhiVkd2nTDHt2CIhNC
OpIwLw+Ysk6lU41hAB9saD2fRYZKUsRgUcoUF9j6lQq1zjPS
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org