Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/EeLfELAPkYcPWzF-YE2rDw0m2xI.roa
File:                     EeLfELAPkYcPWzF-YE2rDw0m2xI.roa (raw, json)
Hash identifier:          6zS3hc4XiVLSWDGmdAbSgkViT7LFGlKEwsGirZr3Xao=
Subject key identifier:   11:E2:DF:10:B0:0F:91:87:0F:5B:31:7E:60:4D:AB:0F:0D:26:DB:12
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0AC5
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/EeLfELAPkYcPWzF-YE2rDw0m2xI.roa
Signing time:             Sun 07 Feb 2021 11:39:03 +0000
ROA not before:           Sun 07 Feb 2021 11:39:03 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     3462
IP address blocks:        43.255.92.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2757 (0xac5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 11:39:03 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=11E2DF10B00F91870F5B317E604DAB0F0D26DB12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:3e:5e:df:6b:6c:a9:36:df:ab:64:40:7d:d9:
                    b6:8e:4b:68:8f:fb:3e:98:01:c2:2e:87:88:ff:db:
                    13:de:f1:cb:ac:e7:00:dd:ee:86:40:16:29:a2:56:
                    cb:9d:27:b8:22:8f:d8:90:02:36:7d:49:d8:da:1d:
                    85:c4:23:fc:d8:1a:e3:77:71:2f:52:35:0f:bd:cb:
                    3b:06:30:0d:3d:3f:3d:6c:00:73:14:cd:51:aa:22:
                    df:aa:2a:8f:b1:3e:c6:39:5b:2c:34:ea:4d:1b:ff:
                    b6:69:2c:03:d0:48:16:7f:6a:61:28:1b:eb:72:79:
                    f8:15:f3:34:ba:b9:17:96:c8:24:27:f9:fe:ac:05:
                    b5:33:a1:d2:14:b0:55:31:59:77:ff:c2:1b:64:94:
                    5e:24:8f:b5:8e:d2:45:03:64:c9:d7:bb:1c:90:12:
                    bd:8c:a5:26:42:b9:f3:0f:05:cb:3e:ba:72:44:d9:
                    f7:93:18:da:a0:00:e6:42:c7:20:9e:31:ca:fb:cf:
                    e7:af:e4:2d:50:45:7b:8f:7c:c7:ab:54:19:bc:91:
                    be:50:f6:8e:98:cd:3a:54:ed:dd:39:0d:07:6e:09:
                    73:9e:14:35:1d:3b:00:8c:c4:05:f4:47:8c:f0:a8:
                    91:13:9a:d7:43:16:ec:79:49:d1:77:eb:ba:22:32:
                    5b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:E2:DF:10:B0:0F:91:87:0F:5B:31:7E:60:4D:AB:0F:0D:26:DB:12
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/EeLfELAPkYcPWzF-YE2rDw0m2xI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6b:79:d7:0d:d2:b2:d8:82:5d:66:f7:fe:2e:41:21:df:dd:3d:
         be:9e:27:76:51:46:21:98:1f:ae:2a:47:5f:89:a5:27:f6:37:
         16:31:c2:b4:8b:dd:f9:fa:a5:7e:6d:9f:ac:27:8c:f7:58:3e:
         b7:16:86:71:26:11:0a:f0:7e:8d:59:4b:68:e8:43:02:d2:be:
         dc:e3:2d:9e:4c:8a:b5:e1:01:f3:84:c7:5c:31:da:a0:c1:90:
         64:bb:94:47:68:12:77:88:1a:28:fc:64:84:84:b2:06:ca:c2:
         ec:6b:58:aa:42:f9:2f:9d:ec:c2:8d:a2:6a:c6:45:fb:31:28:
         52:84:5d:7d:cb:bd:6d:5c:47:19:04:cc:c9:65:85:7c:d1:39:
         90:5e:37:84:60:26:9d:69:37:07:9e:4e:fe:c6:c6:16:8c:4f:
         27:ea:65:cd:0d:9a:7c:01:9c:8d:82:c5:1e:79:a1:d4:3d:5b:
         c4:dd:bf:f4:81:84:96:ac:d1:91:28:aa:d5:bf:94:f2:5d:fb:
         4e:d0:5f:db:bd:ed:c0:0a:8b:f3:87:8a:a6:57:d6:30:1e:c4:
         21:90:e1:6b:4d:0e:a7:2c:55:2b:b0:a1:a8:ee:25:3f:cb:2f:
         5b:0b:80:63:72:ac:9d:ed:ee:ff:47:35:d6:7c:b7:87:67:49:
         ac:90:70:69
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM5MDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDExRTJERjEwQjAwRjkx
ODcwRjVCMzE3RTYwNERBQjBGMEQyNkRCMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWPl7fa2ypNt+rZEB92baOS2iP+z6YAcIuh4j/2xPe8cus5wDd
7oZAFimiVsudJ7gij9iQAjZ9SdjaHYXEI/zYGuN3cS9SNQ+9yzsGMA09Pz1sAHMU
zVGqIt+qKo+xPsY5Wyw06k0b/7ZpLAPQSBZ/amEoG+tyefgV8zS6uReWyCQn+f6s
BbUzodIUsFUxWXf/whtklF4kj7WO0kUDZMnXuxyQEr2MpSZCufMPBcs+unJE2feT
GNqgAOZCxyCeMcr7z+ev5C1QRXuPfMerVBm8kb5Q9o6YzTpU7d05DQduCXOeFDUd
OwCMxAX0R4zwqJETmtdDFux5SdF367oiMlvXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUEeLfELAPkYcPWzF+YE2rDw0m2xIwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9FZUxmRUxBUGtZY1BXekYtWUUy
ckR3MG0yeEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCK/9c
MA0GCSqGSIb3DQEBCwUAA4IBAQBredcN0rLYgl1m9/4uQSHf3T2+nid2UUYhmB+u
KkdfiaUn9jcWMcK0i935+qV+bZ+sJ4z3WD63FoZxJhEK8H6NWUto6EMC0r7c4y2e
TIq14QHzhMdcMdqgwZBku5RHaBJ3iBoo/GSEhLIGysLsa1iqQvkvnezCjaJqxkX7
MShShF19y71tXEcZBMzJZYV80TmQXjeEYCadaTcHnk7+xsYWjE8n6mXNDZp8AZyN
gsUeeaHUPVvE3b/0gYSWrNGRKKrVv5TyXftO0F/bve3ACovzh4qmV9YwHsQhkOFr
TQ6nLFUrsKGo7iU/yy9bC4Bjcqyd7e7/RzXWfLeHZ0mskHBp
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org