Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/GYJwo8elwL7QgtAPoqEDRtDwD-0.roa
File:                     GYJwo8elwL7QgtAPoqEDRtDwD-0.roa (raw, json)
Hash identifier:          JUllMzeiTYZqSehA8hRVoQzdtF91szqvNC6FyceGgsA=
Subject key identifier:   19:82:70:A3:C7:A5:C0:BE:D0:82:D0:0F:A2:A1:03:46:D0:F0:0F:ED
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0AC9
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/GYJwo8elwL7QgtAPoqEDRtDwD-0.roa
Signing time:             Sun 07 Feb 2021 11:39:06 +0000
ROA not before:           Sun 07 Feb 2021 11:39:06 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     3462
IP address blocks:        59.120.0.0/14 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2761 (0xac9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 11:39:06 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=198270A3C7A5C0BED082D00FA2A10346D0F00FED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:89:51:6b:ce:e5:dd:69:75:8f:64:7d:82:aa:
                    18:d8:00:e9:fa:6c:c5:3e:76:b5:5f:71:91:31:36:
                    7f:42:35:fe:bf:c8:67:57:25:20:d4:09:9a:84:e9:
                    ea:cd:3e:64:eb:79:af:17:56:0a:dc:68:e9:24:e6:
                    08:8a:cb:24:55:0a:43:1d:9e:c0:34:66:5f:96:de:
                    6a:05:08:cb:27:bc:a9:6c:7b:a4:bb:ab:67:8a:2a:
                    0a:be:56:d0:3c:dc:4f:4c:61:ce:03:85:a0:e6:f4:
                    be:fb:26:c4:8a:d9:1e:72:43:81:15:82:09:9e:c2:
                    8d:5a:4c:5e:7c:98:e4:42:98:d2:9e:3e:32:4c:cf:
                    98:5d:20:de:05:93:01:27:6d:3c:07:b3:58:1a:5b:
                    bf:8a:8c:0f:24:9e:ce:ba:af:a9:13:e2:d8:52:36:
                    0f:ed:46:3b:87:9b:10:02:8d:50:3f:74:47:28:35:
                    e2:30:c8:6a:16:90:12:d6:88:2d:9a:74:84:dd:d5:
                    f9:c6:f9:fb:94:c6:25:b8:d2:dc:e6:77:5c:5d:75:
                    b7:8b:56:41:c2:f3:5c:73:33:3b:fc:cf:78:4d:1e:
                    cb:b5:67:ae:0e:5e:eb:5c:59:3d:e9:1c:ae:c6:67:
                    7e:2a:a0:29:1d:d5:aa:db:94:20:33:c0:e0:a1:74:
                    85:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:82:70:A3:C7:A5:C0:BE:D0:82:D0:0F:A2:A1:03:46:D0:F0:0F:ED
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/GYJwo8elwL7QgtAPoqEDRtDwD-0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  59.120.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         8a:de:76:32:61:df:1f:e7:3a:53:52:d2:49:36:ff:7a:59:7a:
         32:dc:50:58:db:d2:2f:61:2a:e4:17:ad:ab:0d:44:02:0d:c3:
         d6:4e:f8:10:9c:3b:ba:00:75:7b:db:6d:d3:a3:a8:49:99:19:
         f8:2a:e0:71:5d:ab:c5:b4:60:d4:ba:dd:2a:b0:0e:8c:dd:7f:
         b3:f1:93:cc:21:78:fc:5e:e9:f5:d2:89:56:7b:6e:99:37:18:
         ca:ae:65:df:ab:e1:7e:93:a1:11:a0:22:52:56:23:67:4f:27:
         91:d0:1c:17:18:de:ba:cf:cd:4f:f9:6d:83:5d:ab:b0:be:1d:
         d7:2a:30:4a:82:75:fa:64:89:ce:82:45:62:a0:6e:b8:d1:e4:
         49:b6:48:3e:55:71:74:2b:61:fe:cd:3e:6c:1f:0a:b3:47:a2:
         45:8b:e4:b6:fb:f2:98:db:6b:47:78:71:6c:8f:4b:16:1b:af:
         66:ff:ee:dd:b4:35:61:c0:2c:1f:88:fa:79:bd:b2:db:12:59:
         b4:65:bc:04:76:36:18:96:1a:d0:5f:02:53:4a:08:27:2d:f4:
         8e:12:a7:36:24:95:e3:23:ff:c5:c6:e4:9b:05:ab:fa:16:99:
         48:fd:91:8d:7c:3a:77:91:ac:be:22:c5:1f:14:d7:5b:24:1e:
         fd:e5:f8:a8
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCskwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM5MDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDE5ODI3MEEzQzdBNUMw
QkVEMDgyRDAwRkEyQTEwMzQ2RDBGMDBGRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgiVFrzuXdaXWPZH2CqhjYAOn6bMU+drVfcZExNn9CNf6/yGdX
JSDUCZqE6erNPmTrea8XVgrcaOkk5giKyyRVCkMdnsA0Zl+W3moFCMsnvKlse6S7
q2eKKgq+VtA83E9MYc4DhaDm9L77JsSK2R5yQ4EVggmewo1aTF58mORCmNKePjJM
z5hdIN4FkwEnbTwHs1gaW7+KjA8kns66r6kT4thSNg/tRjuHmxACjVA/dEcoNeIw
yGoWkBLWiC2adITd1fnG+fuUxiW40tzmd1xddbeLVkHC81xzMzv8z3hNHsu1Z64O
XutcWT3pHK7GZ34qoCkd1arblCAzwOChdIVPAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUGYJwo8elwL7QgtAPoqEDRtDwD+0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9HWUp3bzhlbHdMN1FndEFQb3FF
RFJ0RHdELTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCO3gw
DQYJKoZIhvcNAQELBQADggEBAIredjJh3x/nOlNS0kk2/3pZejLcUFjb0i9hKuQX
rasNRAINw9ZO+BCcO7oAdXvbbdOjqEmZGfgq4HFdq8W0YNS63SqwDozdf7Pxk8wh
ePxe6fXSiVZ7bpk3GMquZd+r4X6ToRGgIlJWI2dPJ5HQHBcY3rrPzU/5bYNdq7C+
HdcqMEqCdfpkic6CRWKgbrjR5Em2SD5VcXQrYf7NPmwfCrNHokWL5Lb78pjba0d4
cWyPSxYbr2b/7t20NWHALB+I+nm9stsSWbRlvAR2NhiWGtBfAlNKCCct9I4SpzYk
leMj/8XG5JsFq/oWmUj9kY18OneRrL4ixR8U11skHv3l+Kg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org