Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/P5HicK2n94jf-mAwnBlZ70RFNVA.roa
File:                     P5HicK2n94jf-mAwnBlZ70RFNVA.roa (raw, json)
Hash identifier:          q8cZPr76TdXtNBCS9/Ss1TSHVDBA6252bZmqPVngSSc=
Subject key identifier:   3F:91:E2:70:AD:A7:F7:88:DF:FA:60:30:9C:19:59:EF:44:45:35:50
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0B37
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/P5HicK2n94jf-mAwnBlZ70RFNVA.roa
Signing time:             Sun 07 Feb 2021 13:07:40 +0000
ROA not before:           Sun 07 Feb 2021 13:07:40 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     137280
IP address blocks:        203.69.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2871 (0xb37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 13:07:40 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=3F91E270ADA7F788DFFA60309C1959EF44453550
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:41:1a:fd:4a:79:ef:21:92:74:fb:07:3b:ad:
                    c7:1a:03:3d:db:74:d1:28:a4:b7:4f:09:cf:46:79:
                    1f:44:c4:d6:1a:77:ea:95:9c:da:12:a1:ba:6b:47:
                    7d:86:27:38:06:34:3b:da:8f:1a:83:2d:22:83:29:
                    95:e3:ab:a2:a4:05:c6:0d:c3:b8:c6:07:5f:ff:21:
                    d2:27:35:36:78:d4:c6:3a:43:4f:ea:67:1b:e9:c0:
                    5b:e1:76:d5:6b:c1:29:1c:0a:26:9f:aa:45:94:06:
                    bc:c2:58:a9:06:7e:07:1f:2c:1b:03:8d:69:e6:c3:
                    68:36:67:3c:b1:11:e0:87:0c:08:c4:ea:15:c1:df:
                    ef:aa:74:b7:c9:d6:12:3c:4b:ce:5a:68:d7:48:43:
                    f7:9b:29:83:2a:20:91:a2:16:25:1f:99:6e:3e:88:
                    e6:fb:dc:e9:a6:7a:fd:8d:d9:ec:ce:18:1a:c9:41:
                    a9:71:5c:c3:1a:01:cf:34:99:ea:33:b5:0d:3b:55:
                    26:a4:0c:59:8f:3e:6b:2b:79:53:5e:b1:cb:b8:24:
                    d9:fa:98:e4:9d:32:19:1f:dc:8c:4a:5d:15:60:70:
                    13:bf:38:07:bb:2d:20:4e:5c:a1:02:35:bb:c6:74:
                    b3:b6:07:b1:de:36:62:15:98:c0:56:a1:f6:2f:39:
                    e3:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:91:E2:70:AD:A7:F7:88:DF:FA:60:30:9C:19:59:EF:44:45:35:50
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/P5HicK2n94jf-mAwnBlZ70RFNVA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.69.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:74:16:eb:02:7f:66:d0:a1:c4:af:c3:b2:f3:2d:98:2b:e5:
         37:7a:24:14:b1:05:53:59:e8:04:de:d7:06:bf:d2:0b:8c:ee:
         0a:5b:33:c4:c0:91:d2:fa:03:1f:41:39:71:61:29:8a:ad:60:
         43:6e:22:7b:f9:f2:e2:e7:37:82:b5:1b:71:97:08:07:34:03:
         27:d9:fb:1a:81:c5:20:f0:1e:41:5f:e1:6a:de:9f:8f:93:08:
         54:09:51:09:bf:57:82:a0:75:6c:21:e7:9a:31:a8:2b:8d:fe:
         0f:68:18:72:aa:fb:bf:95:3a:01:3a:ca:6e:c1:0b:6e:d8:99:
         c6:e1:9f:b3:d6:6c:b6:15:ba:cd:0b:9c:ac:ef:66:ff:64:a0:
         f8:96:eb:60:62:8a:98:87:b8:d9:00:34:39:de:be:c2:19:de:
         70:0f:a2:19:25:de:a4:d8:eb:b6:e6:07:8e:3a:7a:b4:aa:8f:
         ae:7f:06:59:bf:c0:b6:99:11:f9:4b:e2:53:06:48:e8:14:15:
         84:f0:5f:a3:2e:df:55:42:2d:34:64:c2:0e:4f:ad:d4:61:aa:
         c1:bb:be:09:46:86:de:c9:6c:fc:5a:f8:00:12:26:06:19:00:
         33:e0:53:ed:89:0f:66:45:2a:df:69:28:b8:87:d6:38:53:fb:
         11:65:e5:35
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCzcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MzA3NDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNGOTFFMjcwQURBN0Y3
ODhERkZBNjAzMDlDMTk1OUVGNDQ0NTM1NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChQRr9SnnvIZJ0+wc7rccaAz3bdNEopLdPCc9GeR9ExNYad+qV
nNoSobprR32GJzgGNDvajxqDLSKDKZXjq6KkBcYNw7jGB1//IdInNTZ41MY6Q0/q
ZxvpwFvhdtVrwSkcCiafqkWUBrzCWKkGfgcfLBsDjWnmw2g2ZzyxEeCHDAjE6hXB
3++qdLfJ1hI8S85aaNdIQ/ebKYMqIJGiFiUfmW4+iOb73Ommev2N2ezOGBrJQalx
XMMaAc80meoztQ07VSakDFmPPmsreVNescu4JNn6mOSdMhkf3IxKXRVgcBO/OAe7
LSBOXKECNbvGdLO2B7HeNmIVmMBWofYvOeOfAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUP5HicK2n94jf+mAwnBlZ70RFNVAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9QNUhpY0sybjk0amYtbUF3bkJs
WjcwUkZOVkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0Uh
MA0GCSqGSIb3DQEBCwUAA4IBAQAhdBbrAn9m0KHEr8Oy8y2YK+U3eiQUsQVTWegE
3tcGv9ILjO4KWzPEwJHS+gMfQTlxYSmKrWBDbiJ7+fLi5zeCtRtxlwgHNAMn2fsa
gcUg8B5BX+Fq3p+PkwhUCVEJv1eCoHVsIeeaMagrjf4PaBhyqvu/lToBOspuwQtu
2JnG4Z+z1my2FbrNC5ys72b/ZKD4lutgYoqYh7jZADQ53r7CGd5wD6IZJd6k2Ou2
5geOOnq0qo+ufwZZv8C2mRH5S+JTBkjoFBWE8F+jLt9VQi00ZMIOT63UYarBu74J
RobeyWz8WvgAEiYGGQAz4FPtiQ9mRSrfaSi4h9Y4U/sRZeU1
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org