Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/ARmx9GetnonEURjgcnuWGuP_jG0.roa
File:                     ARmx9GetnonEURjgcnuWGuP_jG0.roa (raw, json)
Hash identifier:          PxuMWQn+KjfYs2qgHyo04++PNOj3bWoBKY1vA+gc/ls=
Subject key identifier:   01:19:B1:F4:67:AD:9E:89:C4:51:18:E0:72:7B:96:1A:E3:FF:8C:6D
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0C4B
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ARmx9GetnonEURjgcnuWGuP_jG0.roa
Signing time:             Wed 29 Sep 2021 02:51:07 +0000
ROA not before:           Wed 29 Sep 2021 02:51:07 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     3462
IP address blocks:        203.160.242.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3147 (0xc4b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 02:51:07 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=0119B1F467AD9E89C45118E0727B961AE3FF8C6D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:cd:5e:5c:83:ca:e6:a8:2b:f4:fc:44:0a:02:
                    17:25:f6:7c:16:a8:22:df:82:fd:39:ee:b2:5b:3f:
                    3d:4f:4b:8c:73:55:fe:0d:0d:c4:be:a3:b0:98:7d:
                    44:2f:a0:13:90:84:34:ac:0c:5c:12:cf:4b:6e:37:
                    22:3e:2f:f2:69:e3:a5:48:8d:4c:d8:3a:8a:cc:69:
                    45:5b:d3:ff:3f:0a:fa:03:0c:ce:e6:90:c6:40:29:
                    6c:80:b6:2c:1a:8e:92:ea:e5:aa:7e:d2:8d:7e:79:
                    ea:83:8f:5b:fa:04:d5:e5:8f:6d:d6:29:47:11:4a:
                    43:62:a6:ad:dc:e3:7c:df:1f:d8:70:92:70:89:83:
                    47:96:b5:6c:49:5d:69:9e:64:2f:7c:6e:73:12:50:
                    f5:76:76:46:57:d8:8a:d3:68:d0:c3:aa:fd:48:74:
                    4a:7d:7a:80:94:8f:c1:cb:d3:f7:6c:78:90:07:7b:
                    98:83:82:e3:d3:d4:3e:3b:58:34:da:72:fb:b5:7b:
                    bd:e5:73:1c:b2:68:52:77:9f:9c:a0:77:8b:e6:36:
                    66:78:1a:fb:dc:f4:82:6b:10:ae:66:ba:a6:57:8b:
                    66:ba:1e:a8:12:f5:e6:24:a6:9f:f1:bb:54:2c:0e:
                    96:04:2e:77:82:3a:c7:cf:48:26:ef:74:96:41:1c:
                    dc:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:19:B1:F4:67:AD:9E:89:C4:51:18:E0:72:7B:96:1A:E3:FF:8C:6D
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ARmx9GetnonEURjgcnuWGuP_jG0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.160.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:75:29:8e:ca:ee:34:60:3d:37:72:2d:b1:fb:48:36:1d:fd:
         95:b0:3c:7a:a8:88:a1:4e:ea:45:06:60:5f:2a:5c:74:03:31:
         18:ea:a3:15:3b:94:1f:79:4a:ce:c1:d1:e5:54:b9:10:8d:22:
         d7:bc:35:aa:2f:4f:5b:71:5d:0d:f2:a6:d4:aa:4a:81:22:29:
         f3:fe:a7:a5:2b:b3:2a:82:5a:21:43:5b:40:13:99:59:a3:01:
         c2:16:f0:4f:88:23:e1:79:b7:c7:5a:8e:1e:22:3c:f8:bb:3f:
         ba:2c:78:aa:f4:e2:a2:f6:fa:02:69:af:3c:8d:a0:69:fb:a9:
         ee:ca:df:f2:05:01:d0:2d:56:a6:33:86:a5:19:ee:a7:3f:dc:
         48:f4:0b:16:dc:86:34:88:72:d6:4d:1b:4c:03:f6:20:a1:ea:
         1b:97:3a:97:56:39:bb:71:b6:10:20:70:2f:af:63:4e:3f:5e:
         25:1a:42:1c:ea:87:a5:eb:87:c8:b4:b8:18:8b:94:c3:57:ab:
         d1:fd:08:02:c0:a3:4b:df:16:dc:82:f8:ef:35:79:ec:49:3d:
         51:8a:27:dd:ee:12:bf:41:bc:8d:82:77:bb:c4:23:d7:af:8e:
         a9:49:1b:8d:55:af:4b:6e:df:05:3a:4c:b0:a0:12:dc:95:80:
         26:f5:55:5f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDEswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDAxMTlCMUY0NjdBRDlF
ODlDNDUxMThFMDcyN0I5NjFBRTNGRjhDNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxzV5cg8rmqCv0/EQKAhcl9nwWqCLfgv057rJbPz1PS4xzVf4N
DcS+o7CYfUQvoBOQhDSsDFwSz0tuNyI+L/Jp46VIjUzYOorMaUVb0/8/CvoDDM7m
kMZAKWyAtiwajpLq5ap+0o1+eeqDj1v6BNXlj23WKUcRSkNipq3c43zfH9hwknCJ
g0eWtWxJXWmeZC98bnMSUPV2dkZX2IrTaNDDqv1IdEp9eoCUj8HL0/dseJAHe5iD
guPT1D47WDTacvu1e73lcxyyaFJ3n5ygd4vmNmZ4Gvvc9IJrEK5muqZXi2a6HqgS
9eYkpp/xu1QsDpYELneCOsfPSCbvdJZBHNxXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUARmx9GetnonEURjgcnuWGuP/jG0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9BUm14OUdldG5vbkVVUmpnY251
V0d1UF9qRzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy6Dy
MA0GCSqGSIb3DQEBCwUAA4IBAQAbdSmOyu40YD03ci2x+0g2Hf2VsDx6qIihTupF
BmBfKlx0AzEY6qMVO5QfeUrOwdHlVLkQjSLXvDWqL09bcV0N8qbUqkqBIinz/qel
K7MqglohQ1tAE5lZowHCFvBPiCPhebfHWo4eIjz4uz+6LHiq9OKi9voCaa88jaBp
+6nuyt/yBQHQLVamM4alGe6nP9xI9AsW3IY0iHLWTRtMA/YgoeoblzqXVjm7cbYQ
IHAvr2NOP14lGkIc6oel64fItLgYi5TDV6vR/QgCwKNL3xbcgvjvNXnsST1Riifd
7hK/QbyNgne7xCPXr46pSRuNVa9Lbt8FOkywoBLclYAm9VVf
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org