Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/IB12i9R8dQoOxyIovRRtU_KPhPg.roa
File:                     IB12i9R8dQoOxyIovRRtU_KPhPg.roa (raw, json)
Hash identifier:          xHdMVqb4bQYU34uur6Bxnh5Xhen+wjfkZ+Qf3RBdZOo=
Subject key identifier:   20:1D:76:8B:D4:7C:75:0A:0E:C7:22:28:BD:14:6D:53:F2:8F:84:F8
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IB12i9R8dQoOxyIovRRtU_KPhPg.roa
Signing time:             Thu 15 Sep 2022 02:47:59 +0000
ROA not before:           Thu 15 Sep 2022 02:47:59 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     3462
IP address blocks:        118.168.0.0/14 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3446 (0xd76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 15 02:47:59 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=201D768BD47C750A0EC72228BD146D53F28F84F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:70:03:a3:ee:1c:b7:a8:e8:ba:b8:ab:ff:25:
                    05:95:9b:5d:6a:be:f7:8f:be:25:bc:9f:5d:59:d8:
                    29:bc:37:3e:86:f2:3a:8e:ae:a1:4b:c8:29:42:5c:
                    2c:32:ae:78:a9:c9:b9:0f:09:cd:01:74:e7:a8:48:
                    d8:f1:88:51:08:6e:2c:d1:77:2b:12:07:c5:86:42:
                    3a:fe:ac:3d:01:12:b1:af:b5:d5:37:c3:47:f2:cf:
                    3a:0b:db:f6:f3:b2:0d:d1:d5:d9:d6:86:f9:97:7e:
                    4a:86:b9:9d:41:c4:be:3a:8f:d7:b2:c8:1d:3d:18:
                    15:32:ef:99:ee:5d:b1:bd:94:0e:59:ac:00:27:e9:
                    2b:76:58:09:57:1a:ba:ef:f2:9e:94:22:73:40:87:
                    79:5a:26:f1:56:8e:51:3b:22:31:cd:ae:de:e9:5a:
                    19:e1:54:f3:a8:62:48:62:a8:aa:43:1c:b0:3b:0c:
                    5c:a6:f7:21:c3:f3:f5:6f:9c:95:ee:12:b0:47:8f:
                    d5:a1:b0:68:eb:c8:17:54:d9:52:1d:8b:81:06:ae:
                    63:fb:ac:7d:85:0b:e4:de:73:4a:d0:00:5c:5e:32:
                    04:81:43:f0:1a:de:09:44:5e:03:2d:5a:b6:07:6d:
                    d6:c2:b3:f0:76:60:91:04:9e:33:c2:2f:ea:6c:bd:
                    c9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:1D:76:8B:D4:7C:75:0A:0E:C7:22:28:BD:14:6D:53:F2:8F:84:F8
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IB12i9R8dQoOxyIovRRtU_KPhPg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.168.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         8b:c4:2e:10:9d:93:19:01:7f:00:78:ff:fb:e8:c0:2a:d4:1a:
         1a:26:ff:c9:92:4a:79:6a:18:ea:30:86:f6:58:5b:66:e7:1e:
         97:0a:2c:a5:cb:9f:6e:3d:e3:78:38:7a:06:56:1a:70:9a:e7:
         24:a1:a8:45:ff:d7:b8:12:32:b2:cc:b8:d3:bb:5c:f1:e1:e4:
         1c:14:a5:54:85:cd:87:b3:af:ce:81:c3:e6:13:3e:1e:07:f3:
         6e:da:75:72:35:15:5d:74:ca:cc:5d:56:7f:4d:85:cf:75:69:
         bc:d8:d8:79:f1:b5:17:51:f3:26:44:6a:30:8f:a3:2c:d4:55:
         e3:47:6b:00:3a:5c:49:27:21:5f:40:f9:07:a1:b9:47:d1:14:
         0b:41:55:98:b5:ad:31:b2:41:4c:d2:d6:c5:ec:9a:a3:55:37:
         f3:c0:b9:ae:e8:74:05:9d:77:15:64:c9:83:3e:fa:d2:da:c9:
         db:cf:23:1a:63:95:30:da:5f:27:e8:52:85:a4:9a:3d:7a:bc:
         e6:b7:2b:1b:8b:e4:92:da:e7:2d:d9:80:4b:f6:07:0e:fe:67:
         f7:b5:56:32:ec:d4:9f:d7:c5:f3:2a:b6:08:a7:31:6b:09:e3:
         8c:7f:91:28:1d:07:18:81:84:79:e7:17:8f:ed:b5:72:63:56:
         3d:f3:a6:0a
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ3NTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIwMUQ3NjhCRDQ3Qzc1
MEEwRUM3MjIyOEJEMTQ2RDUzRjI4Rjg0RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDcAOj7hy3qOi6uKv/JQWVm11qvvePviW8n11Z2Cm8Nz6G8jqO
rqFLyClCXCwyrnipybkPCc0BdOeoSNjxiFEIbizRdysSB8WGQjr+rD0BErGvtdU3
w0fyzzoL2/bzsg3R1dnWhvmXfkqGuZ1BxL46j9eyyB09GBUy75nuXbG9lA5ZrAAn
6St2WAlXGrrv8p6UInNAh3laJvFWjlE7IjHNrt7pWhnhVPOoYkhiqKpDHLA7DFym
9yHD8/VvnJXuErBHj9WhsGjryBdU2VIdi4EGrmP7rH2FC+Tec0rQAFxeMgSBQ/Aa
3glEXgMtWrYHbdbCs/B2YJEEnjPCL+psvckNAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUIB12i9R8dQoOxyIovRRtU/KPhPgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9JQjEyaTlSOGRRb094eUlvdlJS
dFVfS1BoUGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCdqgw
DQYJKoZIhvcNAQELBQADggEBAIvELhCdkxkBfwB4//vowCrUGhom/8mSSnlqGOow
hvZYW2bnHpcKLKXLn24943g4egZWGnCa5yShqEX/17gSMrLMuNO7XPHh5BwUpVSF
zYezr86Bw+YTPh4H827adXI1FV10ysxdVn9Nhc91abzY2HnxtRdR8yZEajCPoyzU
VeNHawA6XEknIV9A+QehuUfRFAtBVZi1rTGyQUzS1sXsmqNVN/PAua7odAWddxVk
yYM++tLaydvPIxpjlTDaXyfoUoWkmj16vOa3KxuL5JLa5y3ZgEv2Bw7+Z/e1VjLs
1J/XxfMqtginMWsJ44x/kSgdBxiBhHnnF4/ttXJjVj3zpgo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org