Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/DcOid0VW399upa5M-k7OQQFfRYs.roa
File:                     DcOid0VW399upa5M-k7OQQFfRYs.roa (raw, json)
Hash identifier:          SFdnzDDpeIJ0mhPOUBAjUsLj9DZJAdfZClFYxWHXn+0=
Subject key identifier:   0D:C3:A2:77:45:56:DF:DF:6E:A5:AE:4C:FA:4E:CE:41:01:5F:45:8B
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/DcOid0VW399upa5M-k7OQQFfRYs.roa
Signing time:             Thu 15 Sep 2022 02:48:26 +0000
ROA not before:           Thu 15 Sep 2022 02:48:26 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9505
IP address blocks:        203.78.176.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3446 (0xd76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 15 02:48:26 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=0DC3A2774556DFDF6EA5AE4CFA4ECE41015F458B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:69:8d:ab:58:41:ea:cf:b7:e5:bb:df:b2:79:
                    fb:29:84:43:ac:4d:a2:b4:d6:6e:1c:4c:e0:d3:0f:
                    9a:81:c8:24:b4:e2:d5:b9:bb:14:c3:23:85:35:89:
                    15:b9:7e:04:2b:35:e5:e5:51:a8:f3:40:31:10:8e:
                    04:bc:4a:08:b9:0a:90:30:f3:5f:d3:15:2e:4f:a3:
                    9d:14:81:9d:af:cc:11:88:0c:84:c5:50:51:b6:2e:
                    d7:9a:18:17:9c:09:85:7c:5e:75:ce:eb:e6:48:d1:
                    3a:6b:45:93:ac:fc:c1:4f:c2:e8:a9:fc:f5:d7:b9:
                    29:38:fa:dc:48:b8:98:72:e6:a8:81:b2:06:c2:4e:
                    7f:44:15:84:f2:11:60:31:29:50:35:13:c4:d9:48:
                    2b:5d:f9:38:32:5e:80:72:e7:8c:74:b3:46:03:2e:
                    d3:20:46:ab:b3:f6:34:3f:ab:d3:b6:a4:db:cb:44:
                    d0:4d:82:4e:8e:49:20:31:bb:f3:76:f3:1a:d0:b5:
                    b3:20:38:a3:2f:4a:24:08:1a:57:24:64:8b:69:0f:
                    12:6c:10:4a:93:9e:2e:b5:4a:10:19:76:08:62:3e:
                    b9:81:c8:51:f5:07:49:99:20:c1:bf:ee:64:24:32:
                    93:47:fe:48:c9:f0:9e:e9:48:91:44:5a:e2:a9:35:
                    e3:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:C3:A2:77:45:56:DF:DF:6E:A5:AE:4C:FA:4E:CE:41:01:5F:45:8B
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/DcOid0VW399upa5M-k7OQQFfRYs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.78.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         c9:47:7c:d4:69:48:d6:34:90:3e:ba:ef:81:3d:bf:9a:58:c3:
         23:28:48:7c:44:de:2f:cb:6b:d6:d2:82:6f:3f:89:bf:21:86:
         57:63:81:53:a7:d9:e9:63:83:e9:a4:c2:32:e7:4f:1f:4a:1e:
         d7:c5:41:b5:b9:2e:bf:9a:c3:a5:2b:52:64:ea:92:0d:92:78:
         43:6d:bf:3b:20:f0:0c:b1:7a:75:bb:ca:ab:1e:48:db:39:aa:
         d3:0a:a8:6f:5c:86:7b:cd:6e:b3:4d:31:3e:56:6a:60:b5:70:
         b7:0f:ef:37:00:91:bc:e7:0c:68:55:20:ce:94:c1:e7:c0:a2:
         30:77:c3:89:11:dd:6a:a0:15:8b:84:e5:ac:42:b1:98:27:50:
         ed:18:69:8b:67:f9:2b:b6:a1:00:64:fd:4d:4a:5d:c8:1c:4d:
         d7:d0:88:01:2c:27:ad:b9:5c:0a:56:81:74:30:c0:5c:df:9b:
         20:a2:46:c6:74:45:72:71:00:fb:a8:4c:9a:cb:ba:c2:02:b9:
         a6:58:a8:50:b2:5f:f3:59:d4:de:b5:08:f6:76:c7:24:3f:b7:
         7d:06:19:a4:78:c3:28:ee:65:7b:6c:30:68:ad:bd:27:2d:21:
         36:0a:04:4d:8c:cd:fb:9b:b7:7e:e7:23:83:0e:d6:ca:34:e5:
         60:c5:8b:e8
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MjZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBEQzNBMjc3NDU1NkRG
REY2RUE1QUU0Q0ZBNEVDRTQxMDE1RjQ1OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvaY2rWEHqz7flu9+yefsphEOsTaK01m4cTODTD5qByCS04tW5
uxTDI4U1iRW5fgQrNeXlUajzQDEQjgS8Sgi5CpAw81/TFS5Po50UgZ2vzBGIDITF
UFG2LteaGBecCYV8XnXO6+ZI0TprRZOs/MFPwuip/PXXuSk4+txIuJhy5qiBsgbC
Tn9EFYTyEWAxKVA1E8TZSCtd+TgyXoBy54x0s0YDLtMgRquz9jQ/q9O2pNvLRNBN
gk6OSSAxu/N28xrQtbMgOKMvSiQIGlckZItpDxJsEEqTni61ShAZdghiPrmByFH1
B0mZIMG/7mQkMpNH/kjJ8J7pSJFEWuKpNeM5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUDcOid0VW399upa5M+k7OQQFfRYswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9EY09pZDBWVzM5OXVwYTVNLWs3
T1FRRmZSWXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy06w
MA0GCSqGSIb3DQEBCwUAA4IBAQDJR3zUaUjWNJA+uu+BPb+aWMMjKEh8RN4vy2vW
0oJvP4m/IYZXY4FTp9npY4PppMIy508fSh7XxUG1uS6/msOlK1Jk6pINknhDbb87
IPAMsXp1u8qrHkjbOarTCqhvXIZ7zW6zTTE+VmpgtXC3D+83AJG85wxoVSDOlMHn
wKIwd8OJEd1qoBWLhOWsQrGYJ1DtGGmLZ/krtqEAZP1NSl3IHE3X0IgBLCetuVwK
VoF0MMBc35sgokbGdEVycQD7qEyay7rCArmmWKhQsl/zWdTetQj2dsckP7d9Bhmk
eMMo7mV7bDBorb0nLSE2CgRNjM37m7d+5yODDtbKNOVgxYvo
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org