Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/OBvT3_hZAZIWC3w_brnXT25u3tI.roa
File:                     OBvT3_hZAZIWC3w_brnXT25u3tI.roa (raw, json)
Hash identifier:          x43f69buAN5SetHVlfC/4EeQBI1ZMuZZohHllqFIV2A=
Subject key identifier:   38:1B:D3:DF:F8:59:01:92:16:0B:7C:3F:6E:B9:D7:4F:6E:6E:DE:D2
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0A58
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/OBvT3_hZAZIWC3w_brnXT25u3tI.roa
Signing time:             Sun 07 Feb 2021 11:37:30 +0000
ROA not before:           Sun 07 Feb 2021 11:37:30 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     15133
IP address blocks:        203.74.4.64/26 maxlen: 26

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2648 (0xa58)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 11:37:30 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=381BD3DFF8590192160B7C3F6EB9D74F6E6EDED2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:6a:cf:96:17:b5:ad:1c:ab:de:52:07:ce:22:
                    26:67:f1:e9:3d:1a:f9:e4:aa:f2:17:6c:8a:c3:dd:
                    de:80:0b:5a:14:52:35:0d:3d:69:ce:ad:1c:48:7b:
                    11:e7:04:85:49:e8:49:18:91:20:b9:61:ae:64:c9:
                    fb:6a:8a:17:ce:92:69:f7:cb:f3:c3:b5:70:37:d7:
                    a9:e7:bd:3f:eb:8e:d0:15:dc:b9:b7:96:12:c0:c5:
                    79:61:ea:4c:7b:60:25:f2:cd:1c:b4:50:d6:3f:9c:
                    9a:81:61:3a:b5:b4:c4:b9:3c:d5:98:1e:6a:a0:2c:
                    dc:6b:1a:17:3f:83:11:cc:0b:8f:38:5c:8e:c9:7a:
                    2a:8f:9b:e1:f7:e1:b4:84:5f:88:73:80:08:83:f7:
                    6e:ce:17:bb:57:13:ff:c1:b4:b9:a3:42:65:4e:f2:
                    cb:2d:86:10:95:a0:9a:f2:65:e5:ff:61:9f:09:c2:
                    3a:b4:86:c0:e3:6a:0e:76:36:58:aa:82:66:72:01:
                    c7:19:a3:21:17:2a:c8:13:2b:87:ab:bd:96:a4:47:
                    6f:8e:00:b5:38:8f:57:6e:88:c2:15:5b:f0:78:4d:
                    9f:9e:cd:00:b2:c5:7b:b4:1e:1c:bd:0f:b2:2c:82:
                    22:d6:27:18:7b:9c:a8:10:f7:42:35:fa:cc:d0:51:
                    9c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:1B:D3:DF:F8:59:01:92:16:0B:7C:3F:6E:B9:D7:4F:6E:6E:DE:D2
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/OBvT3_hZAZIWC3w_brnXT25u3tI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.74.4.64/26

    Signature Algorithm: sha256WithRSAEncryption
         22:f1:eb:a5:3a:a8:bc:79:1f:f0:16:99:52:19:b8:e8:90:ce:
         bc:cc:bb:0f:e9:9d:f5:59:a2:b7:9c:3c:a5:61:f0:3b:e9:e8:
         ee:25:df:a8:06:bc:48:15:53:d2:70:97:12:72:fe:6c:1d:5b:
         74:b7:22:c1:fc:19:f3:61:c6:49:7e:e7:cc:a7:bb:76:eb:37:
         7e:be:d7:37:b6:a6:98:8c:19:2c:af:4a:dc:5b:7e:6c:ab:3f:
         76:ed:a4:ee:0d:ff:26:9b:29:3a:cb:15:d1:97:be:ff:63:a4:
         94:0a:9d:04:3a:14:c4:7c:79:f6:05:88:06:0e:5c:ec:a7:a5:
         de:a6:d2:9a:15:76:94:22:5d:f9:b8:6d:37:1a:05:d6:51:ae:
         5e:7c:e7:9d:85:38:5c:19:f1:fc:1a:db:c0:f7:b7:04:2f:3d:
         01:0f:94:18:1e:86:bd:9d:39:40:51:43:d7:16:a7:68:56:dc:
         61:54:72:93:51:38:98:45:60:5a:6b:81:c2:4a:b3:69:5a:d8:
         0b:77:26:00:83:d9:51:0a:0f:89:09:c9:5c:9b:0c:53:02:84:
         44:34:db:7c:2d:f7:e6:6c:b8:90:df:c9:fa:80:fb:74:2f:b9:
         31:90:ec:53:62:39:bc:ab:f9:12:34:37:ef:bf:f5:95:f2:e6:
         cf:40:f5:8e
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICClgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM3MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM4MUJEM0RGRjg1OTAx
OTIxNjBCN0MzRjZFQjlENzRGNkU2RURFRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8as+WF7WtHKveUgfOIiZn8ek9GvnkqvIXbIrD3d6AC1oUUjUN
PWnOrRxIexHnBIVJ6EkYkSC5Ya5kyftqihfOkmn3y/PDtXA316nnvT/rjtAV3Lm3
lhLAxXlh6kx7YCXyzRy0UNY/nJqBYTq1tMS5PNWYHmqgLNxrGhc/gxHMC484XI7J
eiqPm+H34bSEX4hzgAiD927OF7tXE//BtLmjQmVO8ssthhCVoJryZeX/YZ8Jwjq0
hsDjag52NliqgmZyAccZoyEXKsgTK4ervZakR2+OALU4j1duiMIVW/B4TZ+ezQCy
xXu0Hhy9D7IsgiLWJxh7nKgQ90I1+szQUZwBAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUOBvT3/hZAZIWC3w/brnXT25u3tIwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9PQnZUM19oWkFaSVdDM3dfYnJu
WFQyNXUzdEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUGy0oE
QDANBgkqhkiG9w0BAQsFAAOCAQEAIvHrpTqovHkf8BaZUhm46JDOvMy7D+md9Vmi
t5w8pWHwO+no7iXfqAa8SBVT0nCXEnL+bB1bdLciwfwZ82HGSX7nzKe7dus3fr7X
N7ammIwZLK9K3Ft+bKs/du2k7g3/JpspOssV0Ze+/2OklAqdBDoUxHx59gWIBg5c
7Kel3qbSmhV2lCJd+bhtNxoF1lGuXnznnYU4XBnx/BrbwPe3BC89AQ+UGB6GvZ05
QFFD1xanaFbcYVRyk1E4mEVgWmuBwkqzaVrYC3cmAIPZUQoPiQnJXJsMUwKERDTb
fC335my4kN/J+oD7dC+5MZDsU2I5vKv5EjQ377/1lfLmz0D1jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org