Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/b0ShcppLr4B_F2LMT4py0ny-bUE.roa
File:                     b0ShcppLr4B_F2LMT4py0ny-bUE.roa (raw, json)
Hash identifier:          Or2JlqHklcsvhx97s4krNwL9YngQeZs27A6l5KeRE7Q=
Subject key identifier:   6F:44:A1:72:9A:4B:AF:80:7F:17:62:CC:4F:8A:72:D2:7C:BE:6D:41
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       0A88
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/b0ShcppLr4B_F2LMT4py0ny-bUE.roa
Signing time:             Wed 04 May 2022 03:18:27 +0000
ROA not before:           Wed 04 May 2022 03:18:27 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     18429
IP address blocks:        27.147.24.0/21 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2696 (0xa88)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: May  4 03:18:27 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=6F44A1729A4BAF807F1762CC4F8A72D27CBE6D41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:cb:1f:a2:e3:84:2f:81:58:af:b7:25:58:40:
                    9e:e7:e7:c3:7f:f7:0d:b6:43:59:76:1b:33:47:50:
                    02:8f:f4:c6:23:00:10:82:4c:83:f5:8b:0d:c1:e1:
                    da:5e:5a:e4:7b:a2:f6:ee:06:60:76:60:dd:74:3d:
                    db:80:b7:14:b8:1a:2d:e0:06:f9:a0:86:b5:4a:99:
                    77:d2:bc:64:cc:ef:d9:60:93:f4:98:1c:50:34:5a:
                    a6:e1:2c:ec:14:9b:cc:d1:40:27:85:27:b9:d5:24:
                    5f:52:62:50:69:d9:bc:80:a4:93:70:ac:b0:62:b9:
                    4b:23:11:a2:0c:d1:7b:8b:8e:c8:25:b2:51:fa:76:
                    32:a5:3a:dd:f4:c2:86:a4:58:6a:f2:58:24:c1:bc:
                    18:9c:b5:77:b0:63:db:e0:b3:cb:91:e2:31:a8:58:
                    9e:3c:d5:8d:ba:ff:db:41:59:ac:b0:e7:fb:24:9d:
                    cd:cb:42:72:17:51:55:64:ce:49:a3:a2:95:58:27:
                    53:a7:75:6f:fd:39:d6:58:a4:38:58:84:89:56:52:
                    30:59:e6:35:23:eb:9a:47:05:0d:4b:2d:47:15:be:
                    35:03:bb:b7:6c:9b:5e:43:e4:b1:cd:97:ed:6c:4b:
                    dc:c2:e0:e2:98:14:0f:e9:be:81:6e:97:3a:f8:ac:
                    32:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:44:A1:72:9A:4B:AF:80:7F:17:62:CC:4F:8A:72:D2:7C:BE:6D:41
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/b0ShcppLr4B_F2LMT4py0ny-bUE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.147.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7d:32:35:ef:dd:66:11:6e:8e:20:4d:f5:13:1e:d4:57:49:05:
         aa:79:4e:9e:86:31:ef:89:07:c2:8a:ec:ca:42:98:fc:96:ba:
         bc:b5:12:87:a9:9b:6d:05:be:3e:83:9d:5c:b6:d8:fc:c7:06:
         e3:d4:4c:1f:51:24:d0:89:ae:d6:e3:76:47:7b:9c:4c:9b:0a:
         3d:af:74:bf:9b:69:61:13:d4:e1:1e:fb:e0:e1:ac:81:be:00:
         8a:20:37:39:d4:29:82:ee:9a:b1:4a:99:e6:fe:6b:00:b3:3d:
         4b:99:ef:b0:2a:1d:11:25:e1:86:21:18:a5:2a:bc:c1:65:49:
         29:98:7f:c5:00:02:dd:f5:b7:20:e2:b2:8e:a0:f8:7a:a7:39:
         ae:2e:31:ed:2b:b3:c3:f6:d5:d9:de:15:ee:fb:ae:0c:ef:9c:
         41:93:c7:20:12:a5:8e:58:5c:8d:8f:e8:62:61:85:c9:ac:27:
         0c:c9:3e:6f:22:da:47:27:48:2f:96:d1:cd:19:a5:ec:af:3e:
         b3:bd:41:51:ec:6e:f2:11:83:52:d5:ca:a5:61:90:80:f3:6e:
         eb:88:13:6c:e1:d9:39:c7:bf:ed:20:f5:88:c1:c8:41:80:86:
         da:95:8b:b8:c0:df:d3:e4:92:c9:f9:ca:d7:30:85:36:c0:43:
         16:20:96:79
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjA1MDQw
MzE4MjdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDZGNDRBMTcyOUE0QkFG
ODA3RjE3NjJDQzRGOEE3MkQyN0NCRTZENDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHyx+i44QvgVivtyVYQJ7n58N/9w22Q1l2GzNHUAKP9MYjABCC
TIP1iw3B4dpeWuR7ovbuBmB2YN10PduAtxS4Gi3gBvmghrVKmXfSvGTM79lgk/SY
HFA0WqbhLOwUm8zRQCeFJ7nVJF9SYlBp2byApJNwrLBiuUsjEaIM0XuLjsglslH6
djKlOt30woakWGryWCTBvBictXewY9vgs8uR4jGoWJ481Y26/9tBWayw5/sknc3L
QnIXUVVkzkmjopVYJ1OndW/9OdZYpDhYhIlWUjBZ5jUj65pHBQ1LLUcVvjUDu7ds
m15D5LHNl+1sS9zC4OKYFA/pvoFulzr4rDIvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUb0ShcppLr4B/F2LMT4py0ny+bUEwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9iMFNoY3BwTHI0Ql9GMkxNVDRw
eTBueS1iVUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MY
MA0GCSqGSIb3DQEBCwUAA4IBAQB9MjXv3WYRbo4gTfUTHtRXSQWqeU6ehjHviQfC
iuzKQpj8lrq8tRKHqZttBb4+g51cttj8xwbj1EwfUSTQia7W43ZHe5xMmwo9r3S/
m2lhE9ThHvvg4ayBvgCKIDc51CmC7pqxSpnm/msAsz1Lme+wKh0RJeGGIRilKrzB
ZUkpmH/FAALd9bcg4rKOoPh6pzmuLjHtK7PD9tXZ3hXu+64M75xBk8cgEqWOWFyN
j+hiYYXJrCcMyT5vItpHJ0gvltHNGaXsrz6zvUFR7G7yEYNS1cqlYZCA827riBNs
4dk5x7/tIPWIwchBgIbalYu4wN/T5JLJ+crXMIU2wEMWIJZ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org