Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/GVQXlYwpr5_uojSYeqOYTG8fUUs.roa
File:                     GVQXlYwpr5_uojSYeqOYTG8fUUs.roa (raw, json)
Hash identifier:          OCER9G3gXpaWgXz8ZFf2533A/woD9zOfjfTpLdj18Cw=
Subject key identifier:   19:54:17:95:8C:29:AF:9F:EE:A2:34:98:7A:A3:98:4C:6F:1F:51:4B
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0E14
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/GVQXlYwpr5_uojSYeqOYTG8fUUs.roa
Signing time:             Tue 02 May 2023 09:17:09 +0000
ROA not before:           Tue 02 May 2023 09:17:09 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     198949
IP address blocks:        203.66.126.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3604 (0xe14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: May  2 09:17:09 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=195417958C29AF9FEEA234987AA3984C6F1F514B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b1:bb:f6:eb:06:39:ae:14:14:4a:38:1d:99:
                    9e:94:98:ed:87:68:90:e1:5d:2e:20:de:68:a6:ce:
                    8f:d8:43:26:b8:ac:71:b6:be:69:9f:f2:78:d0:69:
                    0b:cc:3f:b5:34:ec:86:6e:d6:03:3a:29:e5:db:c0:
                    2f:77:05:87:37:2b:2b:a8:1f:1c:58:bd:bc:1b:0f:
                    23:f9:c1:e2:59:6d:ac:8e:38:ff:2a:d5:5b:bf:ed:
                    90:f5:35:01:50:00:09:70:12:55:6a:7e:25:5c:23:
                    1c:9a:c7:0f:e5:0b:ec:6d:d6:fe:29:0d:b8:1a:7a:
                    b1:5f:14:2f:b3:04:e5:0c:ce:27:f4:d9:5c:e4:e8:
                    af:76:63:8a:f6:dd:ae:f4:9d:2a:ca:d4:84:e2:8f:
                    d5:25:a9:dd:ec:01:e8:a8:24:46:2b:ca:d7:e1:c3:
                    df:42:66:00:ca:75:ab:ca:1e:23:f0:05:9a:6d:bd:
                    16:f6:48:a6:7a:3e:f0:d1:8a:72:55:78:56:41:09:
                    d5:52:7b:e5:a3:bf:cf:52:ad:31:03:7d:cc:01:7e:
                    80:b1:80:41:bd:80:9d:c1:fc:73:c0:95:ee:2f:4d:
                    4b:7c:7c:61:3b:c3:7b:b5:89:95:0d:2c:dd:92:63:
                    04:f9:44:0e:e8:22:51:1d:bd:8b:8e:85:cb:55:90:
                    dd:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:54:17:95:8C:29:AF:9F:EE:A2:34:98:7A:A3:98:4C:6F:1F:51:4B
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/GVQXlYwpr5_uojSYeqOYTG8fUUs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.66.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:cd:b6:8a:c7:96:df:a3:a0:ec:30:ea:f5:13:63:cd:8c:d6:
         bb:ac:b2:24:74:e6:ea:a4:2e:c5:01:9a:e7:07:de:0c:05:92:
         a9:2a:98:06:34:9d:a1:d5:e9:c4:39:01:4b:d7:aa:36:26:7c:
         f9:a5:76:eb:a7:a8:bd:cb:78:ea:8c:61:89:d7:f5:68:f2:20:
         ce:7b:66:37:4b:ac:c1:45:09:f9:6a:20:a4:46:92:6d:88:13:
         da:78:98:59:47:00:b1:dd:d3:19:ba:9a:f7:c6:fd:b6:bd:27:
         57:cc:b4:0d:fb:9f:02:dd:ca:cd:a7:76:8b:ab:e0:be:18:b7:
         23:09:6d:72:1b:bf:76:17:fb:a9:0f:d5:03:f2:19:eb:38:4a:
         0c:88:4f:9e:1b:13:b5:1c:92:90:b6:59:4c:57:56:31:bb:f7:
         f1:4f:89:46:4e:fc:4c:ce:21:09:bd:09:59:2e:a9:61:70:d5:
         55:1d:78:af:fe:77:0d:c6:20:ba:f9:36:4c:7a:30:4d:8b:a7:
         f7:bc:18:f3:62:79:93:29:e9:6b:b3:6f:1a:f0:a2:cf:3e:7f:
         ae:a3:71:ad:ea:74:41:ea:36:7f:9d:c7:55:d5:d8:54:86:01:
         43:93:06:1c:3e:61:24:e3:1a:06:1b:95:ea:bf:e3:f1:58:ff:
         96:15:b5:26
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDhQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA1MDIw
OTE3MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDE5NTQxNzk1OEMyOUFG
OUZFRUEyMzQ5ODdBQTM5ODRDNkYxRjUxNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgsbv26wY5rhQUSjgdmZ6UmO2HaJDhXS4g3mimzo/YQya4rHG2
vmmf8njQaQvMP7U07IZu1gM6KeXbwC93BYc3KyuoHxxYvbwbDyP5weJZbayOOP8q
1Vu/7ZD1NQFQAAlwElVqfiVcIxyaxw/lC+xt1v4pDbgaerFfFC+zBOUMzif02Vzk
6K92Y4r23a70nSrK1ITij9Ulqd3sAeioJEYrytfhw99CZgDKdavKHiPwBZptvRb2
SKZ6PvDRinJVeFZBCdVSe+Wjv89SrTEDfcwBfoCxgEG9gJ3B/HPAle4vTUt8fGE7
w3u1iZUNLN2SYwT5RA7oIlEdvYuOhctVkN0xAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUGVQXlYwpr5/uojSYeqOYTG8fUUswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9HVlFYbFl3cHI1X3VvalNZZXFP
WVRHOGZVVXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0J+
MA0GCSqGSIb3DQEBCwUAA4IBAQA8zbaKx5bfo6DsMOr1E2PNjNa7rLIkdObqpC7F
AZrnB94MBZKpKpgGNJ2h1enEOQFL16o2Jnz5pXbrp6i9y3jqjGGJ1/Vo8iDOe2Y3
S6zBRQn5aiCkRpJtiBPaeJhZRwCx3dMZupr3xv22vSdXzLQN+58C3crNp3aLq+C+
GLcjCW1yG792F/upD9UD8hnrOEoMiE+eGxO1HJKQtllMV1Yxu/fxT4lGTvxMziEJ
vQlZLqlhcNVVHXiv/ncNxiC6+TZMejBNi6f3vBjzYnmTKelrs28a8KLPPn+uo3Gt
6nRB6jZ/ncdV1dhUhgFDkwYcPmEk4xoGG5Xqv+PxWP+WFbUm
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org