Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/RzWR5CC9R0W3S5rW8KjC6JlgXXo.roa
File:                     RzWR5CC9R0W3S5rW8KjC6JlgXXo.roa (raw, json)
Hash identifier:          EBUT1Sf350+i92kLWy/lfB9pRBIlh2eUPKyqopf4t60=
Subject key identifier:   47:35:91:E4:20:BD:47:45:B7:4B:9A:D6:F0:A8:C2:E8:99:60:5D:7A
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0B01
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/RzWR5CC9R0W3S5rW8KjC6JlgXXo.roa
Signing time:             Sun 07 Feb 2021 11:46:33 +0000
ROA not before:           Sun 07 Feb 2021 11:46:33 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17714
IP address blocks:        114.30.35.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2817 (0xb01)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 11:46:33 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=473591E420BD4745B74B9AD6F0A8C2E899605D7A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:1c:c2:69:7d:d4:37:87:dc:bd:af:2e:1e:2f:
                    e7:f4:30:bb:8e:be:d9:dc:8e:5a:79:01:b0:a1:9c:
                    4c:5e:08:77:5d:d8:b0:ec:1a:23:e3:8a:9e:63:16:
                    d6:8f:c3:ae:05:72:c6:9e:55:aa:43:f7:e6:77:2d:
                    63:2b:bf:fe:94:ae:f7:66:3f:a0:30:70:81:cd:e4:
                    16:1b:94:e0:f5:11:96:97:62:61:e5:30:d0:f3:d5:
                    06:f8:c7:87:b6:52:de:42:c3:af:ad:f6:a0:8c:5f:
                    d7:ca:0d:6a:00:5e:55:79:6d:5b:18:8a:28:0f:d7:
                    ea:c5:ea:c1:16:2a:3d:cb:d4:2c:80:9d:87:d1:d9:
                    ae:14:a1:49:81:40:dd:ea:6e:6d:71:4a:69:de:b4:
                    92:25:0b:8a:69:4a:7e:22:cd:e8:27:71:90:33:01:
                    25:43:8a:16:22:cd:02:77:d9:94:a6:80:1f:d1:c4:
                    ce:93:38:d0:f0:55:0b:7c:e6:6f:83:23:39:86:02:
                    ea:b9:9a:ba:d4:29:6f:d4:d1:e8:ad:6c:72:b5:17:
                    b1:f9:f4:82:8b:4d:19:41:2e:0c:be:73:09:1e:f3:
                    da:c5:f3:28:81:97:3f:fc:e2:58:6d:c8:17:ab:05:
                    2b:77:d2:b2:66:e2:ce:4b:f2:60:a1:fb:42:5b:d9:
                    a5:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:35:91:E4:20:BD:47:45:B7:4B:9A:D6:F0:A8:C2:E8:99:60:5D:7A
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/RzWR5CC9R0W3S5rW8KjC6JlgXXo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.30.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:52:c5:9e:0d:6a:b5:58:35:6f:63:4d:97:f2:03:8e:93:2a:
         89:0b:79:fe:33:c6:3a:7d:7c:6f:f6:ae:77:14:55:a5:b2:25:
         b1:ec:3e:06:5e:d9:04:81:dd:dd:77:92:92:72:ed:75:0b:17:
         22:e7:5e:b0:f5:83:2f:13:69:68:bc:1c:ca:45:a3:60:21:bb:
         61:df:cd:e7:b1:6a:da:00:51:4a:b8:41:53:d9:0b:f2:d9:75:
         b7:60:43:b7:3b:47:1d:0d:5b:68:e2:65:b3:db:a2:f8:34:d8:
         1b:8a:b2:40:9e:f7:b4:af:11:72:c6:e5:3a:6d:8d:f2:b1:c9:
         1b:88:97:d7:7a:72:d8:2e:d5:c8:bd:6f:18:d9:88:8d:f0:d7:
         c4:7e:24:90:69:6b:1d:82:7d:2f:4a:1c:39:90:6a:37:6c:fe:
         26:d5:74:2f:fa:dc:5b:52:0a:56:11:79:7e:53:5e:56:7d:51:
         6f:26:35:8c:ff:66:03:94:7c:10:0f:d8:92:29:13:71:62:26:
         7d:0a:5c:5d:d4:a7:7d:a1:9b:8e:ea:10:69:e1:00:a6:bb:48:
         a9:0b:72:bb:e1:28:b1:2b:44:82:b3:26:af:ec:da:9f:46:28:
         b0:04:93:f2:99:37:b5:01:61:c3:f0:f9:6e:c1:69:aa:ce:f1:
         b1:88:66:b0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCwEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTQ2MzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQ3MzU5MUU0MjBCRDQ3
NDVCNzRCOUFENkYwQThDMkU4OTk2MDVEN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKHMJpfdQ3h9y9ry4eL+f0MLuOvtncjlp5AbChnExeCHdd2LDs
GiPjip5jFtaPw64FcsaeVapD9+Z3LWMrv/6UrvdmP6AwcIHN5BYblOD1EZaXYmHl
MNDz1Qb4x4e2Ut5Cw6+t9qCMX9fKDWoAXlV5bVsYiigP1+rF6sEWKj3L1CyAnYfR
2a4UoUmBQN3qbm1xSmnetJIlC4ppSn4izegncZAzASVDihYizQJ32ZSmgB/RxM6T
ONDwVQt85m+DIzmGAuq5mrrUKW/U0eitbHK1F7H59IKLTRlBLgy+cwke89rF8yiB
lz/84lhtyBerBSt30rJm4s5L8mCh+0Jb2aXVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQURzWR5CC9R0W3S5rW8KjC6JlgXXowHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9SeldSNUNDOVIwVzNTNXJXOEtq
QzZKbGdYWG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAch4j
MA0GCSqGSIb3DQEBCwUAA4IBAQBqUsWeDWq1WDVvY02X8gOOkyqJC3n+M8Y6fXxv
9q53FFWlsiWx7D4GXtkEgd3dd5KScu11Cxci516w9YMvE2lovBzKRaNgIbth383n
sWraAFFKuEFT2Qvy2XW3YEO3O0cdDVto4mWz26L4NNgbirJAnve0rxFyxuU6bY3y
sckbiJfXenLYLtXIvW8Y2YiN8NfEfiSQaWsdgn0vShw5kGo3bP4m1XQv+txbUgpW
EXl+U15WfVFvJjWM/2YDlHwQD9iSKRNxYiZ9Clxd1Kd9oZuO6hBp4QCmu0ipC3K7
4SixK0SCsyav7NqfRiiwBJPymTe1AWHD8PluwWmqzvGxiGaw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org