Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/W7ualvtcx572UjryLzgBXr__uxY.roa
File:                     W7ualvtcx572UjryLzgBXr__uxY.roa (raw, json)
Hash identifier:          JTN2ntRxIQtv6HbxcVOWubqRhsCyA1HcDvDOU0gXRpU=
Subject key identifier:   5B:BB:9A:96:FB:5C:C7:9E:F6:52:3A:F2:2F:38:01:5E:BF:FF:BB:16
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0C44
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/W7ualvtcx572UjryLzgBXr__uxY.roa
Signing time:             Wed 29 Sep 2021 02:51:05 +0000
ROA not before:           Wed 29 Sep 2021 02:51:05 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17714
IP address blocks:        220.128.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3140 (0xc44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 02:51:05 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=5BBB9A96FB5CC79EF6523AF22F38015EBFFFBB16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e5:a6:a3:81:9a:dc:6a:c9:9a:87:9f:6a:74:
                    11:aa:1e:6c:04:a5:b1:a0:d6:17:af:69:7b:b0:5b:
                    14:5d:e5:f2:d8:0f:6d:1b:ae:c4:9c:8a:db:69:93:
                    1d:63:e8:0a:a5:39:07:13:f8:bd:5d:f1:af:c5:67:
                    89:68:8b:1f:ad:ee:44:d0:05:00:17:41:fb:ae:23:
                    7a:77:55:4a:26:26:2b:21:66:2a:31:ac:12:9a:27:
                    06:12:5e:8a:fa:a8:de:d3:e7:54:8f:5e:46:0b:b9:
                    1f:e6:f5:95:aa:78:d7:76:2f:fe:57:9d:c8:88:ca:
                    fc:e1:d5:cf:bb:82:81:e6:4d:32:3e:ae:0f:c8:fe:
                    94:b0:b9:12:aa:59:2b:4e:a7:1c:71:db:18:fd:9c:
                    9f:8b:4c:ba:3f:85:a8:e6:09:0b:3e:c0:09:b9:c1:
                    23:35:b9:2f:af:fa:b0:1b:ea:b0:b6:a9:55:c8:f3:
                    b9:f0:e8:81:41:55:70:30:97:0a:93:3c:61:0e:17:
                    76:be:fa:c2:e1:50:32:39:0a:e5:73:32:d5:80:a1:
                    b1:30:ae:ea:99:fa:6b:c5:ef:a1:07:3f:e6:e2:f0:
                    1d:b5:f3:7a:d2:76:58:19:00:50:56:78:87:b6:1f:
                    62:1d:85:90:03:26:26:3c:85:65:8d:0e:85:9a:6f:
                    16:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:BB:9A:96:FB:5C:C7:9E:F6:52:3A:F2:2F:38:01:5E:BF:FF:BB:16
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/W7ualvtcx572UjryLzgBXr__uxY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.128.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:96:7e:2d:a1:b5:07:5d:72:35:b7:02:ee:76:41:a2:1d:9c:
         81:73:de:f0:30:ba:7b:3f:20:d1:14:17:a1:a2:83:fd:be:d7:
         0c:60:26:24:32:0e:0b:0c:a8:fd:60:b4:b7:f3:95:b3:31:fe:
         eb:08:4a:54:cf:71:d1:bc:fe:58:71:c0:b6:6d:e8:24:44:41:
         52:64:a5:d1:45:f8:1d:5f:c5:59:8f:03:e8:02:43:50:8c:8e:
         88:aa:07:50:ab:73:c7:97:1a:e5:3b:f4:f7:e6:56:46:00:b3:
         c9:d8:ea:ee:20:e1:30:fa:27:71:47:f3:81:37:ab:4d:12:1f:
         32:32:29:78:82:83:50:50:64:5f:00:43:1c:b6:9f:42:8a:93:
         b4:e0:56:5e:2e:0c:b2:ae:76:68:ea:c1:f1:df:1b:c3:23:4c:
         06:f8:be:84:b7:06:7c:84:6b:94:3c:f7:01:61:81:ef:24:22:
         e0:c6:38:e2:3f:0e:f4:67:3b:80:c2:29:21:8f:83:8b:c5:51:
         2c:ae:19:30:77:c6:9d:b2:07:8d:7c:87:90:54:77:0d:0f:d0:
         53:44:56:81:ef:8c:9f:96:e0:00:42:4e:f6:ef:66:53:39:d1:
         f7:72:bc:f9:72:ef:a8:3f:8f:42:a7:31:29:5d:8e:cf:1a:e6:
         ad:92:ba:a8
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDVCQkI5QTk2RkI1Q0M3
OUVGNjUyM0FGMjJGMzgwMTVFQkZGRkJCMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv5aajgZrcasmah59qdBGqHmwEpbGg1hevaXuwWxRd5fLYD20b
rsScittpkx1j6AqlOQcT+L1d8a/FZ4loix+t7kTQBQAXQfuuI3p3VUomJishZiox
rBKaJwYSXor6qN7T51SPXkYLuR/m9ZWqeNd2L/5XnciIyvzh1c+7goHmTTI+rg/I
/pSwuRKqWStOpxxx2xj9nJ+LTLo/hajmCQs+wAm5wSM1uS+v+rAb6rC2qVXI87nw
6IFBVXAwlwqTPGEOF3a++sLhUDI5CuVzMtWAobEwruqZ+mvF76EHP+bi8B2183rS
dlgZAFBWeIe2H2IdhZADJiY8hWWNDoWabxZnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUW7ualvtcx572UjryLzgBXr//uxYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9XN3VhbHZ0Y3g1NzJVanJ5THpn
QlhyX191eFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IAw
MA0GCSqGSIb3DQEBCwUAA4IBAQBVln4tobUHXXI1twLudkGiHZyBc97wMLp7PyDR
FBehooP9vtcMYCYkMg4LDKj9YLS385WzMf7rCEpUz3HRvP5YccC2begkREFSZKXR
RfgdX8VZjwPoAkNQjI6IqgdQq3PHlxrlO/T35lZGALPJ2OruIOEw+idxR/OBN6tN
Eh8yMil4goNQUGRfAEMctp9CipO04FZeLgyyrnZo6sHx3xvDI0wG+L6EtwZ8hGuU
PPcBYYHvJCLgxjjiPw70ZzuAwikhj4OLxVEsrhkwd8adsgeNfIeQVHcND9BTRFaB
74yfluAAQk7272ZTOdH3crz5cu+oP49CpzEpXY7PGuatkrqo
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org