Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/5cUa8MBgnL7TTxNwuwNJBjduKP4.roa
File:                     5cUa8MBgnL7TTxNwuwNJBjduKP4.roa (raw, json)
Hash identifier:          PO5DgSpemtzABNE2YwEqevikigJiLyAX9wJGWMBqxt8=
Subject key identifier:   E5:C5:1A:F0:C0:60:9C:BE:D3:4F:13:70:BB:03:49:06:37:6E:28:FE
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       081C
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/5cUa8MBgnL7TTxNwuwNJBjduKP4.roa
Signing time:             Tue 29 Sep 2020 09:58:21 +0000
ROA not before:           Tue 29 Sep 2020 09:58:21 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     3462
IP address blocks:        211.22.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2076 (0x81c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 09:58:21 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E5C51AF0C0609CBED34F1370BB034906376E28FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:41:96:24:ba:64:01:f1:46:97:56:48:0e:43:
                    b3:8e:9b:20:86:ef:dd:03:51:2d:ea:9f:e8:2c:16:
                    69:46:33:25:c3:4c:5f:ee:22:e9:cc:2c:d3:ef:b2:
                    ec:df:14:df:95:7c:25:e8:f3:65:e4:df:e5:85:61:
                    9f:36:2c:cb:de:10:42:5e:3c:6f:86:21:2c:e6:0f:
                    1a:d6:2e:89:9f:cd:1c:5d:af:96:5f:7a:65:cc:76:
                    fb:95:94:06:1a:75:e3:3b:a8:37:bf:9b:e4:83:5e:
                    c9:0f:07:8a:af:2e:45:4e:30:08:7b:98:21:e1:f6:
                    90:31:9a:e1:2e:f5:6e:f2:4c:98:85:45:7f:44:2f:
                    24:66:96:92:5d:08:d9:e8:ec:95:a9:20:b6:dc:92:
                    ea:b3:5f:9c:6c:55:51:47:be:b4:ab:54:51:c5:5b:
                    b2:d6:0f:01:38:e8:51:e3:ea:c6:6e:7d:14:96:92:
                    e5:cc:80:4f:56:ba:11:cd:a8:aa:24:b0:a6:ae:74:
                    e7:18:c6:c2:f4:11:f1:3d:39:b4:4c:ed:8b:39:04:
                    ca:49:5d:da:08:0c:16:b1:25:5e:ab:ae:df:b7:00:
                    a3:44:bb:4a:89:4e:fe:49:5c:c6:e6:6e:fe:c0:90:
                    8b:8c:4d:49:3a:0f:88:96:74:59:2a:a9:88:49:54:
                    c3:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:C5:1A:F0:C0:60:9C:BE:D3:4F:13:70:BB:03:49:06:37:6E:28:FE
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/5cUa8MBgnL7TTxNwuwNJBjduKP4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.22.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         08:26:6c:52:6d:00:1a:d4:1a:f9:1c:46:cf:c7:ee:0b:0d:62:
         e8:65:5f:13:3f:0c:30:f8:23:ee:60:d2:3d:78:c6:2a:d4:85:
         e9:d2:f8:bd:c0:fe:98:67:33:63:44:3f:9d:81:b1:94:28:9c:
         8b:b4:5a:c7:68:49:fb:47:e8:43:26:52:05:0b:b2:35:f1:6f:
         e7:77:48:27:a3:57:f5:39:e8:9c:b9:b3:7e:b8:1a:58:d1:97:
         07:af:cb:8f:4c:59:c1:5d:d9:99:8b:a9:da:97:e5:8d:03:e2:
         17:39:78:c5:61:2f:78:65:03:ac:3b:74:ec:ec:9c:9f:05:10:
         d5:3e:7f:38:91:07:c6:1a:42:5a:a8:ec:98:b3:db:ec:5b:d6:
         38:30:fb:0f:45:a8:c1:23:fe:fb:7c:7c:e5:c3:fc:ea:59:4d:
         a1:ef:bc:9c:81:95:7c:9c:55:61:3d:4b:25:bc:2f:b3:74:1b:
         39:d9:24:e3:90:58:75:2f:52:f9:05:b2:c1:1f:cc:da:10:8f:
         40:de:06:e8:db:1d:d5:e4:02:2c:e1:f8:a2:15:c7:12:4b:68:
         68:a4:eb:84:6b:f7:9f:25:6e:72:aa:c0:83:b2:c9:b4:08:d6:
         1c:b2:cb:2d:41:79:18:65:aa:d6:52:f7:a2:4a:6d:03:a0:de:
         ff:f9:b2:3f
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4MjFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEU1QzUxQUYwQzA2MDlD
QkVEMzRGMTM3MEJCMDM0OTA2Mzc2RTI4RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2QZYkumQB8UaXVkgOQ7OOmyCG790DUS3qn+gsFmlGMyXDTF/u
IunMLNPvsuzfFN+VfCXo82Xk3+WFYZ82LMveEEJePG+GISzmDxrWLomfzRxdr5Zf
emXMdvuVlAYadeM7qDe/m+SDXskPB4qvLkVOMAh7mCHh9pAxmuEu9W7yTJiFRX9E
LyRmlpJdCNno7JWpILbckuqzX5xsVVFHvrSrVFHFW7LWDwE46FHj6sZufRSWkuXM
gE9WuhHNqKoksKaudOcYxsL0EfE9ObRM7Ys5BMpJXdoIDBaxJV6rrt+3AKNEu0qJ
Tv5JXMbmbv7AkIuMTUk6D4iWdFkqqYhJVMNRAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU5cUa8MBgnL7TTxNwuwNJBjduKP4wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC81Y1VhOE1CZ25MN1RUeE53dXdO
SkJqZHVLUDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xYw
DQYJKoZIhvcNAQELBQADggEBAAgmbFJtABrUGvkcRs/H7gsNYuhlXxM/DDD4I+5g
0j14xirUhenS+L3A/phnM2NEP52BsZQonIu0WsdoSftH6EMmUgULsjXxb+d3SCej
V/U56Jy5s364GljRlwevy49MWcFd2ZmLqdqX5Y0D4hc5eMVhL3hlA6w7dOzsnJ8F
ENU+fziRB8YaQlqo7Jiz2+xb1jgw+w9FqMEj/vt8fOXD/OpZTaHvvJyBlXycVWE9
SyW8L7N0GznZJOOQWHUvUvkFssEfzNoQj0DeBujbHdXkAizh+KIVxxJLaGik64Rr
958lbnKqwIOyybQI1hyyyy1BeRhlqtZS96JKbQOg3v/5sj8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org