Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/p0io_GZP5xKcuD3fg52ahXQyztY.roa
File:                     p0io_GZP5xKcuD3fg52ahXQyztY.roa (raw, json)
Hash identifier:          SpWfQ70BcN4LEB9uv4H9dHruKCnI4i0pJMyRxwHFtWc=
Subject key identifier:   A7:48:A8:FC:66:4F:E7:12:9C:B8:3D:DF:83:9D:9A:85:74:32:CE:D6
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       0B70
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/p0io_GZP5xKcuD3fg52ahXQyztY.roa
Signing time:             Fri 16 Dec 2022 04:19:18 +0000
ROA not before:           Fri 16 Dec 2022 04:19:18 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18429
IP address blocks:        45.64.232.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2928 (0xb70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Dec 16 04:19:18 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A748A8FC664FE7129CB83DDF839D9A857432CED6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e8:cd:ae:ec:2e:93:d1:25:5f:43:a0:e2:0e:
                    c2:65:06:16:3e:af:70:15:e0:8f:2a:f5:3a:7e:c1:
                    4f:36:52:cf:cf:e7:e5:a9:c4:d8:d6:f5:9d:01:51:
                    25:5a:2d:82:17:2d:03:7b:48:0a:98:7e:79:96:ef:
                    80:8e:28:4d:ca:3d:b1:e1:a8:a2:49:7e:99:22:22:
                    40:fe:bf:96:32:6a:f8:d4:17:c7:80:7c:eb:80:60:
                    fd:9f:9d:e8:9f:a7:8b:c6:5b:61:e3:70:37:f1:7d:
                    15:28:4b:db:af:b1:b4:ed:97:52:6f:1e:10:e3:ab:
                    ce:0d:b1:c5:9d:75:97:b0:09:0f:54:e5:14:be:3c:
                    b1:28:ad:a0:da:0b:1d:55:25:a5:da:59:be:7d:bb:
                    62:ee:e8:1b:b0:0d:a8:d1:d6:22:a3:b2:b6:70:71:
                    da:e5:25:15:4e:d6:74:93:3c:9d:1e:42:23:72:8a:
                    26:02:f7:0f:fd:a6:56:0c:b9:61:44:ff:82:6e:9f:
                    11:04:96:2c:f2:d8:9f:05:3f:16:f3:d9:70:5f:7a:
                    ea:9a:89:69:5d:98:06:af:73:4b:6a:93:0d:9f:0b:
                    c1:3c:ba:7f:55:52:c0:bc:19:2a:ef:32:27:3a:e4:
                    2f:05:27:a5:6f:d6:ab:e6:82:15:a3:f2:fe:2e:21:
                    df:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:48:A8:FC:66:4F:E7:12:9C:B8:3D:DF:83:9D:9A:85:74:32:CE:D6
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/p0io_GZP5xKcuD3fg52ahXQyztY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.64.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:a8:27:b3:f5:3c:0a:5a:ac:e0:9e:ea:53:b7:a6:64:4b:50:
         72:8e:e9:76:53:33:49:57:10:f9:f5:13:20:cd:6d:b4:85:56:
         52:01:fc:2d:48:d7:a7:8b:1e:19:87:c3:bb:3e:39:14:10:b4:
         86:65:fd:e7:a8:aa:ac:45:a5:01:35:ac:2e:e4:2c:0e:86:d3:
         b5:64:36:99:d8:94:6b:02:63:9c:fc:45:f5:15:93:33:29:4e:
         c8:e3:28:5b:ab:22:f8:6a:c2:c2:7e:65:94:9b:a4:c5:92:bc:
         59:4f:32:20:b9:63:6c:58:a5:c2:d5:2e:dd:3e:c9:5e:59:db:
         ed:17:cc:64:a5:4b:45:73:4b:1d:82:79:e1:f4:ca:d8:e5:60:
         e1:29:24:1b:a2:90:7a:0c:70:19:4d:e2:74:81:e6:ed:97:53:
         d6:23:d6:35:71:a4:ad:8a:72:82:b8:e6:21:25:e8:a7:54:28:
         0c:fd:1e:93:85:7a:1f:97:fa:50:52:62:52:7f:9f:bd:b3:5d:
         8b:fd:a1:3b:ab:f0:0e:9f:0d:c0:e9:55:74:1c:79:5b:78:18:
         1c:08:2b:4a:91:3f:4c:e9:11:18:2e:d2:5d:3f:1b:76:dc:bb:
         20:18:5e:87:2e:fb:1d:06:1a:3b:bd:44:95:20:ab:f4:9c:b2:
         4d:91:7e:9a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTYw
NDE5MThaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEE3NDhBOEZDNjY0RkU3
MTI5Q0I4M0RERjgzOUQ5QTg1NzQzMkNFRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe6M2u7C6T0SVfQ6DiDsJlBhY+r3AV4I8q9Tp+wU82Us/P5+Wp
xNjW9Z0BUSVaLYIXLQN7SAqYfnmW74COKE3KPbHhqKJJfpkiIkD+v5YyavjUF8eA
fOuAYP2fneifp4vGW2HjcDfxfRUoS9uvsbTtl1JvHhDjq84NscWddZewCQ9U5RS+
PLEoraDaCx1VJaXaWb59u2Lu6BuwDajR1iKjsrZwcdrlJRVO1nSTPJ0eQiNyiiYC
9w/9plYMuWFE/4JunxEElizy2J8FPxbz2XBfeuqaiWldmAavc0tqkw2fC8E8un9V
UsC8GSrvMic65C8FJ6Vv1qvmghWj8v4uId8/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUp0io/GZP5xKcuD3fg52ahXQyztYwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9wMGlvX0daUDV4S2N1RDNmZzUy
YWhYUXl6dFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUDo
MA0GCSqGSIb3DQEBCwUAA4IBAQBjqCez9TwKWqzgnupTt6ZkS1Byjul2UzNJVxD5
9RMgzW20hVZSAfwtSNenix4Zh8O7PjkUELSGZf3nqKqsRaUBNawu5CwOhtO1ZDaZ
2JRrAmOc/EX1FZMzKU7I4yhbqyL4asLCfmWUm6TFkrxZTzIguWNsWKXC1S7dPsle
WdvtF8xkpUtFc0sdgnnh9MrY5WDhKSQbopB6DHAZTeJ0gebtl1PWI9Y1caStinKC
uOYhJeinVCgM/R6ThXofl/pQUmJSf5+9s12L/aE7q/AOnw3A6VV0HHlbeBgcCCtK
kT9M6REYLtJdPxt23LsgGF6HLvsdBho7vUSVIKv0nLJNkX6a
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org