Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/vx0OBBjP9E3tsh5UlZuHJkQhDsY.roa
File:                     vx0OBBjP9E3tsh5UlZuHJkQhDsY.roa (raw, json)
Hash identifier:          Hj52hY08TRUDGeS5D6z4wzier1hPw6o0H9GQnzgobLM=
Subject key identifier:   BF:1D:0E:04:18:CF:F4:4D:ED:B2:1E:54:95:9B:87:26:44:21:0E:C6
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       090B
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/vx0OBBjP9E3tsh5UlZuHJkQhDsY.roa
Signing time:             Sun 07 Feb 2021 12:45:12 +0000
ROA not before:           Sun 07 Feb 2021 12:45:12 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18429
IP address blocks:        61.57.128.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2315 (0x90b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Feb  7 12:45:12 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=BF1D0E0418CFF44DEDB21E54959B872644210EC6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:d1:47:92:c3:43:13:ea:4e:6b:e6:9a:c2:b7:
                    02:99:fc:1a:d8:a4:43:73:2b:4c:b3:4f:f8:7d:08:
                    33:a6:aa:f6:cf:3a:f6:4e:78:34:e9:17:53:be:df:
                    8e:44:04:9b:7b:4f:7b:62:46:84:71:2d:6d:e9:46:
                    98:26:e9:53:9d:36:a3:e7:4e:c0:83:14:90:c1:37:
                    40:13:0c:4d:75:ff:38:6a:58:36:52:a0:0f:40:2a:
                    6f:95:40:b3:27:9c:93:54:ee:c2:7a:07:81:0b:6a:
                    eb:47:f2:d6:33:14:13:7d:05:25:10:b7:15:4c:88:
                    50:37:f0:8b:56:ac:40:ce:9f:5a:11:6f:8c:2a:af:
                    d1:81:3f:c5:7a:b8:cc:74:03:ee:91:41:3f:b0:27:
                    13:f3:24:99:9f:dd:d4:45:18:3f:37:f0:c8:69:18:
                    3c:fb:8f:fb:b7:72:f0:76:1b:b9:55:cd:f8:f1:89:
                    23:e9:ea:d7:5c:2b:17:52:47:7a:b6:a7:26:25:46:
                    ac:b7:f4:e0:0c:af:d9:c7:99:61:c7:d8:4f:90:83:
                    10:75:11:c6:99:81:b7:6e:fe:0d:16:f4:56:6d:cb:
                    5b:14:09:a0:c6:d6:34:92:97:e3:e9:b9:47:01:4c:
                    5f:6a:a8:02:a6:c5:2f:5e:c0:de:43:b8:3e:81:aa:
                    16:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:1D:0E:04:18:CF:F4:4D:ED:B2:1E:54:95:9B:87:26:44:21:0E:C6
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/vx0OBBjP9E3tsh5UlZuHJkQhDsY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.57.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         76:49:62:40:19:c8:a4:a9:6a:f3:f3:22:cb:67:24:b5:72:bb:
         f4:9a:d5:65:10:2e:98:47:ec:da:29:64:24:be:07:5c:77:64:
         1c:50:03:8b:b8:ac:68:f3:17:ee:3a:a0:a6:5e:7a:9a:1c:11:
         fb:a8:79:d3:17:00:34:6f:2f:00:c1:f9:7d:33:d9:08:42:4d:
         a0:7e:d2:dc:a6:b1:f1:0e:e2:89:9d:2a:e0:21:48:4f:ac:dc:
         d0:c9:31:ff:50:c3:d7:9d:fa:33:1e:6d:d5:7e:88:2c:d1:b8:
         ec:2b:ba:49:2c:ff:44:12:e9:02:49:6a:9a:bc:3d:4e:68:90:
         76:fa:33:dd:e6:62:d6:a3:26:36:73:2a:ed:9a:0c:d4:ad:5e:
         94:f2:fa:d1:ec:8d:0b:d9:8e:91:25:cd:8d:62:a2:86:f6:6f:
         58:c4:6e:38:33:e9:1d:4a:b0:f9:76:42:41:e6:34:02:44:39:
         09:6a:91:40:a6:a2:2d:ea:fe:21:2d:4f:d6:bf:a8:1b:3d:26:
         5a:7b:db:fa:e3:b4:8e:cb:33:37:5d:77:2a:ac:6b:00:ef:d3:
         48:78:1e:97:93:cd:7e:57:de:8a:e5:aa:ef:92:d2:da:86:25:
         5c:cc:83:42:14:de:2e:44:2c:4f:ed:0d:90:6c:45:22:e1:ad:
         d5:7a:1c:f0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCQswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTAyMDcx
MjQ1MTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJGMUQwRTA0MThDRkY0
NERFREIyMUU1NDk1OUI4NzI2NDQyMTBFQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDg0UeSw0MT6k5r5prCtwKZ/BrYpENzK0yzT/h9CDOmqvbPOvZO
eDTpF1O+345EBJt7T3tiRoRxLW3pRpgm6VOdNqPnTsCDFJDBN0ATDE11/zhqWDZS
oA9AKm+VQLMnnJNU7sJ6B4ELautH8tYzFBN9BSUQtxVMiFA38ItWrEDOn1oRb4wq
r9GBP8V6uMx0A+6RQT+wJxPzJJmf3dRFGD838MhpGDz7j/u3cvB2G7lVzfjxiSPp
6tdcKxdSR3q2pyYlRqy39OAMr9nHmWHH2E+QgxB1EcaZgbdu/g0W9FZty1sUCaDG
1jSSl+PpuUcBTF9qqAKmxS9ewN5DuD6BqhbnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUvx0OBBjP9E3tsh5UlZuHJkQhDsYwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC92eDBPQkJqUDlFM3RzaDVVbFp1
SEprUWhEc1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmA
MA0GCSqGSIb3DQEBCwUAA4IBAQB2SWJAGcikqWrz8yLLZyS1crv0mtVlEC6YR+za
KWQkvgdcd2QcUAOLuKxo8xfuOqCmXnqaHBH7qHnTFwA0by8Awfl9M9kIQk2gftLc
prHxDuKJnSrgIUhPrNzQyTH/UMPXnfozHm3Vfogs0bjsK7pJLP9EEukCSWqavD1O
aJB2+jPd5mLWoyY2cyrtmgzUrV6U8vrR7I0L2Y6RJc2NYqKG9m9YxG44M+kdSrD5
dkJB5jQCRDkJapFApqIt6v4hLU/Wv6gbPSZae9v647SOyzM3XXcqrGsA79NIeB6X
k81+V96K5arvktLahiVczINCFN4uRCxP7Q2QbEUi4a3Vehzw
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org