Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/A10o5TC1hxNWhk6DTqxBHQYVkWc.roa
File:                     A10o5TC1hxNWhk6DTqxBHQYVkWc.roa (raw, json)
Hash identifier:          8iM68f9JbJ/zUkoyd2LyqYMk7ZZXove8N3ihF6kyfus=
Subject key identifier:   03:5D:28:E5:30:B5:87:13:56:86:4E:83:4E:AC:41:1D:06:15:91:67
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0B20
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/A10o5TC1hxNWhk6DTqxBHQYVkWc.roa
Signing time:             Sun 07 Feb 2021 11:52:05 +0000
ROA not before:           Sun 07 Feb 2021 11:52:05 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     20940
IP address blocks:        203.66.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2848 (0xb20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 11:52:05 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=035D28E530B5871356864E834EAC411D06159167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:21:00:6b:0d:e4:98:06:6c:16:62:1b:0b:ca:
                    09:f1:92:76:b3:4a:1c:66:d2:de:08:23:7f:aa:f3:
                    f7:f5:0e:41:5f:c2:14:53:6d:85:95:9f:22:1b:38:
                    87:40:c4:6f:a7:59:fb:89:2a:4d:72:ba:9c:bb:8f:
                    b6:ac:5a:d1:76:c3:d6:31:0e:d0:db:08:9d:f4:69:
                    64:b8:6f:1c:ce:79:72:1f:5a:f1:f3:b6:58:92:62:
                    26:f0:9b:8e:2a:30:60:69:81:96:35:db:4b:80:db:
                    e9:3f:64:9e:4c:70:2c:2b:eb:ae:39:8e:6a:a1:65:
                    93:d3:3f:6d:90:48:7d:47:77:7d:6a:39:47:5b:15:
                    64:25:f1:65:2a:80:43:09:19:78:04:9f:0e:46:04:
                    3b:29:70:dd:84:5f:f5:2c:f0:00:00:40:7e:6b:d1:
                    75:b7:14:a2:5d:6c:a0:5c:63:7d:27:8c:6b:27:ff:
                    6d:9c:c5:bc:02:23:69:d0:9f:f7:5c:d1:b8:a8:a8:
                    8f:db:cb:a6:38:ca:83:30:c2:68:15:b6:b0:04:68:
                    ca:5a:4b:72:08:ed:47:0c:fd:cb:6a:61:05:ab:a6:
                    9e:4a:ec:66:31:4f:ce:3e:2d:0e:09:b1:c3:d9:03:
                    f0:38:4f:e6:4b:5c:52:31:52:a4:28:b1:48:13:b6:
                    2c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:5D:28:E5:30:B5:87:13:56:86:4E:83:4E:AC:41:1D:06:15:91:67
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/A10o5TC1hxNWhk6DTqxBHQYVkWc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.66.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:57:cf:99:29:df:b7:6c:3e:89:87:42:20:32:5f:2a:b1:07:
         4a:b9:79:98:df:a2:47:bd:df:76:78:66:15:3b:da:1f:0b:46:
         18:4c:59:2b:f0:c1:81:2b:73:eb:fe:21:46:fc:7b:1c:aa:98:
         00:26:af:14:0b:fc:25:f1:02:71:f7:10:44:a3:2f:ec:59:df:
         d9:64:f8:a1:46:2f:65:a0:a3:52:8e:ff:86:e1:e1:df:0c:c9:
         72:b4:6e:56:80:df:da:4b:40:6b:27:a9:85:0e:74:4d:f2:0a:
         d1:a9:af:49:25:d3:f5:76:0a:7c:d2:d1:07:b0:23:b5:da:b5:
         ee:d4:49:ee:b8:df:18:f7:b6:70:97:62:44:d4:6f:60:c7:f4:
         40:d6:c7:cf:02:2b:b1:ef:1b:5d:95:c3:22:6d:a6:f8:8e:6c:
         19:4f:b2:39:4d:3e:b6:67:78:30:36:4e:62:57:ec:d2:6a:0e:
         b0:44:8d:99:a2:de:5c:93:b4:28:31:a7:e8:90:f2:6d:e4:71:
         ac:d1:4d:93:67:4e:3d:62:85:23:85:82:ce:09:3c:e0:be:07:
         5d:cf:ba:d7:e3:b8:64:86:37:bd:33:d1:4c:d1:5c:e9:59:68:
         18:77:3d:67:9d:e9:cc:ab:86:e7:3a:ad:74:92:9a:74:2b:47:
         16:05:e6:2e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCyAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTUyMDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDAzNUQyOEU1MzBCNTg3
MTM1Njg2NEU4MzRFQUM0MTFEMDYxNTkxNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKIQBrDeSYBmwWYhsLygnxknazShxm0t4II3+q8/f1DkFfwhRT
bYWVnyIbOIdAxG+nWfuJKk1yupy7j7asWtF2w9YxDtDbCJ30aWS4bxzOeXIfWvHz
tliSYibwm44qMGBpgZY120uA2+k/ZJ5McCwr6645jmqhZZPTP22QSH1Hd31qOUdb
FWQl8WUqgEMJGXgEnw5GBDspcN2EX/Us8AAAQH5r0XW3FKJdbKBcY30njGsn/22c
xbwCI2nQn/dc0bioqI/by6Y4yoMwwmgVtrAEaMpaS3II7UcM/ctqYQWrpp5K7GYx
T84+LQ4JscPZA/A4T+ZLXFIxUqQosUgTtizrAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUA10o5TC1hxNWhk6DTqxBHQYVkWcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9BMTBvNVRDMWh4TldoazZEVHF4
QkhRWVZrV2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0Li
MA0GCSqGSIb3DQEBCwUAA4IBAQCnV8+ZKd+3bD6Jh0IgMl8qsQdKuXmY36JHvd92
eGYVO9ofC0YYTFkr8MGBK3Pr/iFG/HscqpgAJq8UC/wl8QJx9xBEoy/sWd/ZZPih
Ri9loKNSjv+G4eHfDMlytG5WgN/aS0BrJ6mFDnRN8grRqa9JJdP1dgp80tEHsCO1
2rXu1EnuuN8Y97Zwl2JE1G9gx/RA1sfPAiux7xtdlcMibab4jmwZT7I5TT62Z3gw
Nk5iV+zSag6wRI2Zot5ck7QoMafokPJt5HGs0U2TZ049YoUjhYLOCTzgvgddz7rX
47hkhje9M9FM0VzpWWgYdz1nnenMq4bnOq10kpp0K0cWBeYu
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org