Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/OUHvzpe32iTxywUuWe8R5Hv01T0.roa
File:                     OUHvzpe32iTxywUuWe8R5Hv01T0.roa (raw, json)
Hash identifier:          upHIXo0y70WZF15G9T0zORqPxb0lmgoVKgktTaSXZ7s=
Subject key identifier:   39:41:EF:CE:97:B7:DA:24:F1:CB:05:2E:59:EF:11:E4:7B:F4:D5:3D
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0806
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/OUHvzpe32iTxywUuWe8R5Hv01T0.roa
Signing time:             Tue 29 Sep 2020 09:58:14 +0000
ROA not before:           Tue 29 Sep 2020 09:58:14 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131660
IP address blocks:        114.25.251.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2054 (0x806)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 09:58:14 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=3941EFCE97B7DA24F1CB052E59EF11E47BF4D53D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f8:53:e5:06:b1:4d:d9:f3:c7:11:37:8d:d6:
                    ee:71:61:54:57:ee:40:69:f1:8b:ce:4f:3d:20:b2:
                    1f:db:f8:03:0b:8d:16:63:e3:3d:f0:9e:8e:91:04:
                    1d:a7:cd:e9:69:07:f9:29:e7:28:d6:ee:3d:e3:5a:
                    70:23:1a:b6:55:08:5b:2c:4d:a9:13:23:0e:40:ba:
                    1b:c6:33:d0:ee:86:4e:82:00:0a:3b:40:ba:00:27:
                    55:b4:73:93:b1:02:f7:c4:1d:78:71:15:1d:86:61:
                    89:18:ad:82:fe:1c:1e:76:f7:a0:be:ad:7d:90:62:
                    d0:7d:40:4c:3d:9f:3a:f0:01:04:b5:3e:5b:e4:7f:
                    eb:48:f6:5f:d2:7f:a6:d7:19:a6:08:56:11:89:72:
                    23:5d:be:e1:d4:08:a0:5c:c1:9f:d1:df:c1:09:f8:
                    19:1f:5f:7e:e6:e0:3a:da:af:e6:a6:71:8f:63:af:
                    ec:59:23:c5:f3:10:7c:7e:c4:12:59:f2:c6:a8:34:
                    98:f7:da:6e:a3:55:d8:18:f9:c8:75:f9:ce:bf:69:
                    b2:65:47:6d:9d:61:ee:a8:ec:5a:80:b2:ab:65:d2:
                    03:49:14:03:e9:a4:9d:6c:c1:ac:3c:2b:40:ab:32:
                    26:19:ec:1c:5b:a6:7a:57:19:3c:5a:ad:78:02:da:
                    77:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:41:EF:CE:97:B7:DA:24:F1:CB:05:2E:59:EF:11:E4:7B:F4:D5:3D
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/OUHvzpe32iTxywUuWe8R5Hv01T0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.25.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:c7:ea:03:b0:1f:6e:09:2c:19:9e:98:6b:13:36:67:e5:bb:
         68:50:43:fe:85:2a:68:7a:e7:12:17:cd:4d:01:b6:bc:c4:e6:
         b7:e9:32:45:42:bd:6f:1c:c4:cd:df:bc:11:f8:a0:50:15:2c:
         e5:43:55:94:04:03:f3:62:2f:61:42:04:d9:95:53:4f:ac:60:
         c3:ac:d4:fc:a9:bd:23:1c:70:3e:07:31:0c:59:cc:c3:13:06:
         2c:81:bc:86:8b:5c:c4:db:05:f3:d8:36:20:1d:25:2d:ed:a9:
         f1:aa:e8:84:3b:ae:d4:70:d3:0b:97:91:cc:64:0b:9c:b7:3c:
         a2:22:57:93:20:2f:bf:38:48:68:cc:1d:5f:2c:94:48:96:14:
         26:70:81:56:90:bf:a1:0d:78:d3:ef:73:5b:45:17:5f:b5:2b:
         33:a3:36:20:fe:98:1e:58:f3:7f:bc:e4:a6:17:22:7b:51:e9:
         dc:70:7b:10:c2:cc:46:4d:cf:b7:58:31:28:f1:6b:1a:2a:6c:
         00:65:8e:5d:66:c9:96:ce:26:e7:fc:35:f8:d3:9d:c9:8c:73:
         8e:f0:8b:04:b6:5d:40:ed:d3:9e:53:21:18:d7:83:42:76:0c:
         63:fe:ac:74:ff:0d:6b:cd:5e:45:8d:4d:67:0d:db:a4:12:60:
         d5:3d:7f:c2
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCAYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4MTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM5NDFFRkNFOTdCN0RB
MjRGMUNCMDUyRTU5RUYxMUU0N0JGNEQ1M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2+FPlBrFN2fPHETeN1u5xYVRX7kBp8YvOTz0gsh/b+AMLjRZj
4z3wno6RBB2nzelpB/kp5yjW7j3jWnAjGrZVCFssTakTIw5AuhvGM9Duhk6CAAo7
QLoAJ1W0c5OxAvfEHXhxFR2GYYkYrYL+HB5296C+rX2QYtB9QEw9nzrwAQS1Plvk
f+tI9l/Sf6bXGaYIVhGJciNdvuHUCKBcwZ/R38EJ+BkfX37m4Drar+amcY9jr+xZ
I8XzEHx+xBJZ8saoNJj32m6jVdgY+ch1+c6/abJlR22dYe6o7FqAsqtl0gNJFAPp
pJ1swaw8K0CrMiYZ7BxbpnpXGTxarXgC2nd3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUOUHvzpe32iTxywUuWe8R5Hv01T0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9PVUh2enBlMzJpVHh5d1V1V2U4
UjVIdjAxVDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAchn7
MA0GCSqGSIb3DQEBCwUAA4IBAQAhx+oDsB9uCSwZnphrEzZn5btoUEP+hSpoeucS
F81NAba8xOa36TJFQr1vHMTN37wR+KBQFSzlQ1WUBAPzYi9hQgTZlVNPrGDDrNT8
qb0jHHA+BzEMWczDEwYsgbyGi1zE2wXz2DYgHSUt7anxquiEO67UcNMLl5HMZAuc
tzyiIleTIC+/OEhozB1fLJRIlhQmcIFWkL+hDXjT73NbRRdftSszozYg/pgeWPN/
vOSmFyJ7UenccHsQwsxGTc+3WDEo8WsaKmwAZY5dZsmWzibn/DX4053JjHOO8IsE
tl1A7dOeUyEY14NCdgxj/qx0/w1rzV5FjU1nDdukEmDVPX/C
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org