Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/9pPKjYQwqpKwPk3vbjfVeYXW6dE.roa
File:                     9pPKjYQwqpKwPk3vbjfVeYXW6dE.roa (raw, json)
Hash identifier:          mosBPvHmkD0V052hs19rEmYYjiM3o9iFc/OmNQP6PQI=
Subject key identifier:   F6:93:CA:8D:84:30:AA:92:B0:3E:4D:EF:6E:37:D5:79:85:D6:E9:D1
Certificate issuer:       /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Certificate serial:       098F
Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/9pPKjYQwqpKwPk3vbjfVeYXW6dE.roa
Signing time:             Sun 07 Feb 2021 13:05:53 +0000
ROA not before:           Sun 07 Feb 2021 13:05:53 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131660
IP address blocks:        168.95.245.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2447 (0x98f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
        Validity
            Not Before: Feb  7 13:05:53 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=F693CA8D8430AA92B03E4DEF6E37D57985D6E9D1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ff:48:37:b7:2f:b8:b1:33:67:04:38:71:04:
                    c5:db:a8:65:4c:7a:27:30:18:1b:a4:1b:85:25:d3:
                    c6:04:2a:89:67:c0:27:2c:56:11:b8:e7:74:29:50:
                    16:57:be:fe:1a:e8:de:dc:e2:a1:de:68:8a:5c:bf:
                    9f:ba:a1:c8:26:58:d6:f8:30:eb:82:fc:c5:ad:ba:
                    e5:ad:a2:e6:48:3d:7a:51:6c:4f:d8:89:48:c5:5d:
                    ac:9e:69:e9:4d:ae:aa:4c:45:28:fc:d5:d1:a9:a2:
                    68:21:52:fa:27:8d:c7:c9:4b:b6:99:49:06:42:39:
                    29:5b:5c:b5:74:d2:b7:6b:a0:ca:bf:d4:b8:d9:e6:
                    9c:63:ee:c3:7a:dd:3a:12:04:5e:8a:07:5c:2f:71:
                    b5:11:66:a9:d3:78:14:87:46:22:e5:fe:55:d2:42:
                    ef:67:7f:63:8c:95:5a:ee:44:b4:f1:fb:fc:9e:45:
                    76:4f:5c:d5:bc:18:62:f8:71:38:d9:18:ec:45:a9:
                    34:23:89:5c:dc:5f:8c:11:12:ef:e2:b7:3d:00:c9:
                    d4:07:59:b9:25:af:d2:ba:46:d4:2d:10:c8:fd:6a:
                    e7:3d:8a:87:df:2a:14:60:a9:cc:ee:03:5a:2a:8e:
                    37:76:c9:49:69:32:ed:1c:52:84:5b:75:c7:2a:a9:
                    11:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:93:CA:8D:84:30:AA:92:B0:3E:4D:EF:6E:37:D5:79:85:D6:E9:D1
            X509v3 Authority Key Identifier:
                keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/9pPKjYQwqpKwPk3vbjfVeYXW6dE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.95.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:43:b7:d9:ba:70:37:1d:0c:b6:c6:f7:c6:ce:d2:94:cb:98:
         cc:68:73:96:8e:98:10:93:e5:77:b9:7c:6e:5b:20:4c:50:69:
         1e:c9:35:61:6f:3d:c0:8f:96:a4:66:f7:6b:28:f9:46:06:3a:
         e5:90:f9:25:20:e2:2b:8e:c5:97:df:70:85:24:cc:84:88:4f:
         19:99:74:77:2c:d9:f8:f8:ea:61:d6:62:89:89:3c:56:29:d8:
         f5:f6:f3:e2:04:39:76:13:f4:b1:2d:35:34:c2:d4:f3:65:93:
         53:23:90:05:e6:45:95:e2:72:3c:90:db:b0:c6:e3:73:7e:73:
         3d:bd:4c:80:c4:a9:ed:01:af:59:20:a6:f6:4c:9b:50:cf:60:
         68:b4:06:53:75:e8:1c:93:22:58:21:d2:39:8c:8f:1e:38:1b:
         4c:e4:6f:f9:15:72:95:a6:b9:32:25:e0:cc:de:5a:aa:20:fb:
         1f:95:9f:01:44:8e:44:6b:4c:7f:1c:dd:f8:fd:63:d4:81:0e:
         09:8e:68:9d:dc:f8:df:96:e0:0c:41:68:2b:8c:ad:2b:c2:62:
         ac:a5:f9:03:80:bd:e1:6d:17:bd:91:da:5a:a8:cd:4b:08:37:
         f0:ab:14:54:1f:7d:eb:34:2c:93:6b:67:c2:db:42:d5:29:6a:
         22:1c:4c:65
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCY8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3
NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yMTAyMDcx
MzA1NTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY2OTNDQThEODQzMEFB
OTJCMDNFNERFRjZFMzdENTc5ODVENkU5RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3/0g3ty+4sTNnBDhxBMXbqGVMeicwGBukG4Ul08YEKolnwCcs
VhG453QpUBZXvv4a6N7c4qHeaIpcv5+6ocgmWNb4MOuC/MWtuuWtouZIPXpRbE/Y
iUjFXayeaelNrqpMRSj81dGpomghUvonjcfJS7aZSQZCOSlbXLV00rdroMq/1LjZ
5pxj7sN63ToSBF6KB1wvcbURZqnTeBSHRiLl/lXSQu9nf2OMlVruRLTx+/yeRXZP
XNW8GGL4cTjZGOxFqTQjiVzcX4wREu/itz0AydQHWbklr9K6RtQtEMj9auc9ioff
KhRgqczuA1oqjjd2yUlpMu0cUoRbdccqqREVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU9pPKjYQwqpKwPk3vbjfVeYXW6dEwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp
Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC85cFBLallRd3FwS3dQazN2Ympm
VmVZWFc2ZEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqF/1
MA0GCSqGSIb3DQEBCwUAA4IBAQBSQ7fZunA3HQy2xvfGztKUy5jMaHOWjpgQk+V3
uXxuWyBMUGkeyTVhbz3Aj5akZvdrKPlGBjrlkPklIOIrjsWX33CFJMyEiE8ZmXR3
LNn4+Oph1mKJiTxWKdj19vPiBDl2E/SxLTU0wtTzZZNTI5AF5kWV4nI8kNuwxuNz
fnM9vUyAxKntAa9ZIKb2TJtQz2BotAZTdegckyJYIdI5jI8eOBtM5G/5FXKVprky
JeDM3lqqIPsflZ8BRI5Ea0x/HN34/WPUgQ4Jjmid3PjfluAMQWgrjK0rwmKspfkD
gL3hbRe9kdpaqM1LCDfwqxRUH33rNCyTa2fC20LVKWoiHExl
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org