Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/X-m-Tu5ryfjsFVq2WD4WztKjec0.roa
File:                     X-m-Tu5ryfjsFVq2WD4WztKjec0.roa (raw, json)
Hash identifier:          GVPVMRTcxWfPr3LygN5eZ0pubAMFTo27eOtWe/iSNyo=
Subject key identifier:   5F:E9:BE:4E:EE:6B:C9:F8:EC:15:5A:B6:58:3E:16:CE:D2:A3:79:CD
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       0B37
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/X-m-Tu5ryfjsFVq2WD4WztKjec0.roa
Signing time:             Thu 15 Dec 2022 02:16:50 +0000
ROA not before:           Thu 15 Dec 2022 02:16:50 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18429
IP address blocks:        123.50.48.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2871 (0xb37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Dec 15 02:16:50 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=5FE9BE4EEE6BC9F8EC155AB6583E16CED2A379CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ae:20:14:7d:a4:34:60:e5:d2:7e:89:81:dd:
                    a4:98:68:6b:8b:d4:ef:de:85:38:68:86:75:b3:53:
                    1f:fa:34:01:45:d0:33:e2:b7:c6:fa:34:ac:b3:6f:
                    03:48:9c:64:70:6a:70:c0:b4:43:25:4e:d1:65:14:
                    29:6a:e2:9e:04:b2:11:42:0c:42:47:a0:7d:75:74:
                    55:db:16:6e:fe:f6:1a:8b:56:a4:43:b1:1b:f5:f7:
                    2f:54:b0:c5:f2:9a:fa:97:af:f1:a8:a3:04:da:0b:
                    b8:28:68:3f:e8:f4:37:77:6f:d4:81:e3:7a:78:b3:
                    e6:89:ee:20:17:15:0c:a4:db:4c:b7:2b:92:5a:a6:
                    9b:59:29:fe:f2:6c:92:cd:d9:48:e7:0f:f3:31:34:
                    72:3f:35:ad:99:5e:50:03:00:d5:a8:6d:ce:7d:be:
                    86:1c:8c:77:a9:4e:90:c6:7d:ee:cf:88:b3:82:2b:
                    3f:54:e9:fc:cb:86:24:e8:40:64:07:f8:56:82:55:
                    17:a9:3f:bf:aa:76:ca:b7:a3:a2:87:11:ec:30:1a:
                    98:5c:2c:7a:6e:a6:75:9f:0d:9f:3b:0a:1c:1d:3e:
                    c3:a7:33:06:99:f6:39:6c:3c:28:23:9d:4c:ce:d9:
                    ea:40:4a:ee:a4:c5:30:79:dc:9c:dc:61:ec:d1:a8:
                    4a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:E9:BE:4E:EE:6B:C9:F8:EC:15:5A:B6:58:3E:16:CE:D2:A3:79:CD
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/X-m-Tu5ryfjsFVq2WD4WztKjec0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.50.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         55:10:39:96:3a:0e:65:32:7d:9f:54:f2:ed:25:fe:de:d2:46:
         0c:ef:8a:94:a1:03:25:de:44:92:b5:63:7e:0f:e2:3d:7e:ca:
         ee:f5:c1:42:4c:a0:dc:d2:70:c0:94:72:44:a7:d5:75:cc:52:
         ba:a5:c5:b7:4c:ef:82:88:2f:f2:04:92:3c:ca:1c:9c:61:7b:
         06:42:e7:18:52:85:8f:bd:14:f7:2f:ef:fa:98:2d:0e:86:ad:
         60:90:1f:b2:ac:c1:cb:1e:d6:b4:b6:f8:f1:be:39:fb:88:72:
         c8:29:25:97:e2:0a:d1:fe:ca:33:39:5c:f8:45:12:07:e2:0e:
         21:e7:46:c9:dc:a3:2a:c3:45:84:d4:48:51:37:05:65:62:de:
         11:b3:64:8f:bc:24:d8:d2:00:ba:d8:bb:04:68:06:1d:8a:11:
         f6:a1:39:7a:c4:90:f1:f2:c7:05:62:e9:1d:e5:b2:65:09:a4:
         e7:89:aa:6f:a0:54:20:34:d6:ef:6e:d7:e9:10:80:f1:2e:5e:
         68:eb:fb:ab:16:2e:6e:ea:4f:77:60:c7:35:96:91:51:94:92:
         9f:44:6d:00:39:e2:11:be:34:50:15:28:14:af:e5:6c:2c:6f:
         26:d0:13:4c:88:f3:03:b5:19:c3:89:8c:78:de:b0:78:55:95:
         d1:3e:2b:5e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCzcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjE2NTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVGRTlCRTRFRUU2QkM5
RjhFQzE1NUFCNjU4M0UxNkNFRDJBMzc5Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCariAUfaQ0YOXSfomB3aSYaGuL1O/ehThohnWzUx/6NAFF0DPi
t8b6NKyzbwNInGRwanDAtEMlTtFlFClq4p4EshFCDEJHoH11dFXbFm7+9hqLVqRD
sRv19y9UsMXymvqXr/GoowTaC7goaD/o9Dd3b9SB43p4s+aJ7iAXFQyk20y3K5Ja
pptZKf7ybJLN2UjnD/MxNHI/Na2ZXlADANWobc59voYcjHepTpDGfe7PiLOCKz9U
6fzLhiToQGQH+FaCVRepP7+qdsq3o6KHEewwGphcLHpupnWfDZ87ChwdPsOnMwaZ
9jlsPCgjnUzO2epASu6kxTB53JzcYezRqEp5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUX+m+Tu5ryfjsFVq2WD4WztKjec0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9YLW0tVHU1cnlmanNGVnEyV0Q0
V3p0S2plYzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEezIw
MA0GCSqGSIb3DQEBCwUAA4IBAQBVEDmWOg5lMn2fVPLtJf7e0kYM74qUoQMl3kSS
tWN+D+I9fsru9cFCTKDc0nDAlHJEp9V1zFK6pcW3TO+CiC/yBJI8yhycYXsGQucY
UoWPvRT3L+/6mC0Ohq1gkB+yrMHLHta0tvjxvjn7iHLIKSWX4grR/sozOVz4RRIH
4g4h50bJ3KMqw0WE1EhRNwVlYt4Rs2SPvCTY0gC62LsEaAYdihH2oTl6xJDx8scF
Yukd5bJlCaTniapvoFQgNNbvbtfpEIDxLl5o6/urFi5u6k93YMc1lpFRlJKfRG0A
OeIRvjRQFSgUr+VsLG8m0BNMiPMDtRnDiYx43rB4VZXRPite
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org