Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/1LIsJO2nroTXFq5iX7lCgRwBJU4.roa
File:                     1LIsJO2nroTXFq5iX7lCgRwBJU4.roa (raw, json)
Hash identifier:          Qg0PINm7EDYiGcloQAYuDNgv4qnIuTJUdEPI4CHDUho=
Subject key identifier:   D4:B2:2C:24:ED:A7:AE:84:D7:16:AE:62:5F:B9:42:81:1C:01:25:4E
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/1LIsJO2nroTXFq5iX7lCgRwBJU4.roa
Signing time:             Thu 15 Sep 2022 02:48:24 +0000
ROA not before:           Thu 15 Sep 2022 02:48:24 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     3462
IP address blocks:        220.136.0.0/13 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3446 (0xd76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 15 02:48:24 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=D4B22C24EDA7AE84D716AE625FB942811C01254E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c9:de:1f:3f:26:6b:1a:47:79:8f:72:e0:fb:
                    71:66:75:80:f6:19:10:1a:26:5d:81:a8:00:5d:d9:
                    6d:f4:f7:7d:6a:ef:43:f1:44:65:fa:7e:75:56:91:
                    c5:c3:b5:2c:66:4f:fc:61:4e:dd:a4:f3:ce:c7:9f:
                    b8:46:8e:78:17:a3:68:8a:bb:8a:cc:c9:f9:6f:28:
                    fd:a1:02:73:21:63:14:56:fc:a7:ef:ac:d2:55:54:
                    c6:5b:99:75:79:a9:7b:98:89:ff:73:b9:54:f0:0e:
                    87:02:a9:fb:17:8c:c9:e3:5b:26:18:da:ca:39:59:
                    ba:98:28:7c:d4:be:3c:2c:81:0a:8a:74:c5:74:e0:
                    21:02:1b:5e:df:97:f2:2e:5a:d4:65:28:4c:13:a4:
                    3f:34:df:cc:b6:36:8e:a6:5a:fd:30:e6:30:9f:fc:
                    0e:ce:f0:11:fb:66:d9:26:03:2a:77:9a:13:d1:a3:
                    67:19:62:f3:14:d7:64:14:91:84:e5:f0:b7:83:11:
                    2d:5d:7d:79:0d:5b:45:fc:e2:c5:22:f9:c1:1e:17:
                    70:96:9f:0e:72:c1:52:96:cf:6f:67:0c:46:2b:df:
                    4f:74:3e:de:12:d4:37:e5:a2:21:e4:08:33:5c:ad:
                    09:7f:8e:4f:1f:ec:d6:5d:10:50:ef:7e:0e:0d:ab:
                    aa:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:B2:2C:24:ED:A7:AE:84:D7:16:AE:62:5F:B9:42:81:1C:01:25:4E
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/1LIsJO2nroTXFq5iX7lCgRwBJU4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.136.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         bb:85:6d:5c:3d:92:4b:20:bd:a4:24:9e:ed:ef:a0:e2:25:57:
         55:db:9e:7c:63:c4:8a:7c:ab:d5:5d:79:a1:df:a9:2c:2b:05:
         3c:99:4e:9d:73:28:b7:3d:d2:bc:6c:66:d4:6b:23:11:d5:7d:
         06:dd:22:e6:2a:5e:a8:21:0c:19:36:83:0f:e0:0a:77:1d:0a:
         7d:5d:ca:6f:3d:72:45:f2:0a:ab:d4:a4:38:6e:c0:a9:ec:53:
         51:6a:47:4b:62:16:1e:8e:1b:2d:ce:cf:a4:64:50:54:e0:dc:
         83:26:0d:e4:df:a8:6e:04:2f:c6:ef:2a:88:f9:50:f2:f1:1b:
         9d:0d:f0:8e:76:fd:81:12:ef:ad:95:89:37:66:29:9e:4c:2e:
         a8:75:45:dd:eb:ea:bc:f9:3d:c0:9b:bc:6f:0a:68:77:48:c2:
         ff:e5:c8:57:5e:ca:07:7e:ff:0c:50:b6:61:df:f2:90:c9:a4:
         3d:35:7b:23:c0:27:9c:67:46:01:c1:e7:79:11:c1:c9:29:8e:
         24:af:92:09:df:ad:f2:f7:3f:d8:fe:8b:40:78:1d:0b:c2:5d:
         e2:87:97:e4:fa:e9:16:d8:0b:1a:94:70:fe:2c:a0:99:ad:c7:
         d0:05:7d:54:55:97:f9:9e:0c:3d:8c:3e:a2:1b:54:9e:a2:7f:
         41:70:cc:95
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MjRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ0QjIyQzI0RURBN0FF
ODRENzE2QUU2MjVGQjk0MjgxMUMwMTI1NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8yd4fPyZrGkd5j3Lg+3FmdYD2GRAaJl2BqABd2W30931q70Px
RGX6fnVWkcXDtSxmT/xhTt2k887Hn7hGjngXo2iKu4rMyflvKP2hAnMhYxRW/Kfv
rNJVVMZbmXV5qXuYif9zuVTwDocCqfsXjMnjWyYY2so5WbqYKHzUvjwsgQqKdMV0
4CECG17fl/IuWtRlKEwTpD8038y2No6mWv0w5jCf/A7O8BH7ZtkmAyp3mhPRo2cZ
YvMU12QUkYTl8LeDES1dfXkNW0X84sUi+cEeF3CWnw5ywVKWz29nDEYr3090Pt4S
1DfloiHkCDNcrQl/jk8f7NZdEFDvfg4Nq6oJAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU1LIsJO2nroTXFq5iX7lCgRwBJU4wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8xTElzSk8ybnJvVFhGcTVpWDds
Q2dSd0JKVTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD3Igw
DQYJKoZIhvcNAQELBQADggEBALuFbVw9kksgvaQknu3voOIlV1XbnnxjxIp8q9Vd
eaHfqSwrBTyZTp1zKLc90rxsZtRrIxHVfQbdIuYqXqghDBk2gw/gCncdCn1dym89
ckXyCqvUpDhuwKnsU1FqR0tiFh6OGy3Oz6RkUFTg3IMmDeTfqG4EL8bvKoj5UPLx
G50N8I52/YES762ViTdmKZ5MLqh1Rd3r6rz5PcCbvG8KaHdIwv/lyFdeygd+/wxQ
tmHf8pDJpD01eyPAJ5xnRgHB53kRwckpjiSvkgnfrfL3P9j+i0B4HQvCXeKHl+T6
6RbYCxqUcP4soJmtx9AFfVRVl/meDD2MPqIbVJ6if0FwzJU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org