Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/WIPpysUY56jKhCrS7Er28fRcaZM.roa
File:                     WIPpysUY56jKhCrS7Er28fRcaZM.roa (raw, json)
Hash identifier:          0pPjAEt7WUCS+uMg8YYsIinDoijG3kFHAlUOD2SweDE=
Subject key identifier:   58:83:E9:CA:C5:18:E7:A8:CA:84:2A:D2:EC:4A:F6:F1:F4:5C:69:93
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0AA9
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WIPpysUY56jKhCrS7Er28fRcaZM.roa
Signing time:             Sun 07 Feb 2021 11:38:38 +0000
ROA not before:           Sun 07 Feb 2021 11:38:38 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     3462
IP address blocks:        211.72.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2729 (0xaa9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 11:38:38 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=5883E9CAC518E7A8CA842AD2EC4AF6F1F45C6993
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:19:53:8d:0c:c4:3c:0d:51:d7:c9:0e:15:45:
                    05:ca:2d:8c:e6:dd:ed:88:35:3a:90:fa:71:bd:c5:
                    66:60:f8:05:c8:4b:63:5a:5d:c5:fe:ba:cc:3a:41:
                    55:aa:c9:67:0c:2f:5d:e1:a9:b6:bf:4e:01:da:b4:
                    eb:6b:92:ed:9f:d1:9c:a0:00:03:a0:50:4e:6b:be:
                    62:db:00:49:df:af:db:02:4f:ea:82:8b:a0:ce:11:
                    5e:a5:a2:e8:1a:02:19:45:82:31:6b:52:54:55:91:
                    59:55:03:92:66:18:be:9b:b1:b8:fb:d6:88:c5:40:
                    ab:91:6c:80:0a:7b:f5:6d:8d:48:37:d6:3d:81:0d:
                    ef:0b:28:bb:8a:fb:54:26:e9:0b:69:03:77:38:05:
                    c6:20:11:22:8f:90:a9:a0:57:d2:63:c6:47:c9:f0:
                    57:69:52:60:07:ab:99:21:1a:11:25:d2:44:af:a5:
                    48:ba:2a:52:ed:2b:8c:83:1d:be:2d:72:cd:75:be:
                    13:25:77:1b:0d:a4:2a:0e:be:9f:9d:b0:85:3a:5f:
                    69:3a:ae:1c:7c:48:af:3c:fd:a8:a6:26:dc:81:ce:
                    65:7c:0c:f1:40:0d:03:48:52:88:b8:ba:62:34:2d:
                    c1:c8:e5:84:88:fc:96:7c:f2:e4:f3:89:60:d8:4b:
                    7c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:83:E9:CA:C5:18:E7:A8:CA:84:2A:D2:EC:4A:F6:F1:F4:5C:69:93
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WIPpysUY56jKhCrS7Er28fRcaZM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.72.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2d:ce:1b:79:fa:32:b7:4c:8e:c3:03:6e:f6:32:65:b4:5f:4a:
         3e:d6:c2:de:1b:24:aa:f7:7e:aa:ce:12:23:29:ac:39:8c:b8:
         98:b1:02:d8:6a:3b:c4:19:aa:d2:b8:7b:d1:a2:39:5c:b1:95:
         54:a6:5e:b7:1a:be:e7:7f:94:10:22:e6:24:5f:27:f9:73:d8:
         a5:66:3e:72:f7:66:91:a4:a0:4e:37:16:37:ef:9b:96:24:32:
         6e:a8:e4:8b:f3:4e:c3:27:86:3a:89:3b:43:6f:90:82:f3:96:
         f2:44:08:d6:af:39:02:f6:b7:db:df:96:51:db:86:34:88:ce:
         b1:b8:25:c8:60:1d:95:52:25:33:32:38:bc:3d:af:70:40:26:
         f6:07:e7:04:a2:16:c8:3d:99:81:1b:ab:70:4a:69:1e:7c:e1:
         a3:8a:14:a3:51:87:42:72:a4:4a:7e:fd:4c:26:0b:08:fa:58:
         90:0a:48:de:0d:e0:6b:54:59:1c:ef:c6:22:31:b0:de:c2:fa:
         e4:42:15:c7:37:47:c8:32:7a:74:09:e8:4c:ca:4b:12:b0:61:
         9c:62:2f:6b:46:b1:3a:c8:e4:b2:17:02:13:6e:60:bb:ee:21:
         3f:b2:a5:7e:1c:24:c3:98:c8:70:bd:3d:e8:e7:08:df:08:af:
         43:78:31:e8
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM4MzhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDU4ODNFOUNBQzUxOEU3
QThDQTg0MkFEMkVDNEFGNkYxRjQ1QzY5OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAGVONDMQ8DVHXyQ4VRQXKLYzm3e2INTqQ+nG9xWZg+AXIS2Na
XcX+usw6QVWqyWcML13hqba/TgHatOtrku2f0ZygAAOgUE5rvmLbAEnfr9sCT+qC
i6DOEV6lougaAhlFgjFrUlRVkVlVA5JmGL6bsbj71ojFQKuRbIAKe/VtjUg31j2B
De8LKLuK+1Qm6QtpA3c4BcYgESKPkKmgV9JjxkfJ8FdpUmAHq5khGhEl0kSvpUi6
KlLtK4yDHb4tcs11vhMldxsNpCoOvp+dsIU6X2k6rhx8SK88/aimJtyBzmV8DPFA
DQNIUoi4umI0LcHI5YSI/JZ88uTziWDYS3wXAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUWIPpysUY56jKhCrS7Er28fRcaZMwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9XSVBweXNVWTU2aktoQ3JTN0Vy
MjhmUmNhWk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA00gw
DQYJKoZIhvcNAQELBQADggEBAC3OG3n6MrdMjsMDbvYyZbRfSj7Wwt4bJKr3fqrO
EiMprDmMuJixAthqO8QZqtK4e9GiOVyxlVSmXrcavud/lBAi5iRfJ/lz2KVmPnL3
ZpGkoE43Fjfvm5YkMm6o5IvzTsMnhjqJO0NvkILzlvJECNavOQL2t9vfllHbhjSI
zrG4JchgHZVSJTMyOLw9r3BAJvYH5wSiFsg9mYEbq3BKaR584aOKFKNRh0JypEp+
/UwmCwj6WJAKSN4N4GtUWRzvxiIxsN7C+uRCFcc3R8gyenQJ6EzKSxKwYZxiL2tG
sTrI5LIXAhNuYLvuIT+ypX4cJMOYyHC9PejnCN8Ir0N4Meg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org