Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/c2OMg3cwn0u675jk6hkkSK2wzZg.roa
File:                     c2OMg3cwn0u675jk6hkkSK2wzZg.roa (raw, json)
Hash identifier:          4gv98TmO3JZ9uN3guf81X/wVSrhXkxNxzym/sLqZaSo=
Subject key identifier:   73:63:8C:83:77:30:9F:4B:BA:EF:98:E4:EA:19:24:48:AD:B0:CD:98
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0824
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/c2OMg3cwn0u675jk6hkkSK2wzZg.roa
Signing time:             Tue 29 Sep 2020 09:58:24 +0000
ROA not before:           Tue 29 Sep 2020 09:58:24 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     3462
IP address blocks:        43.255.92.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2084 (0x824)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 09:58:24 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=73638C8377309F4BBAEF98E4EA192448ADB0CD98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e3:ec:f2:e4:ed:c1:4e:03:35:e8:8b:9f:36:
                    c5:40:05:be:6d:85:69:d1:aa:9a:8e:6a:85:61:d9:
                    5f:dc:0a:df:20:63:97:77:a3:9a:d3:51:53:4d:38:
                    d6:f4:3b:d6:91:bf:cf:c0:70:d3:c0:32:65:7c:e1:
                    23:ee:2f:bb:37:43:ad:13:67:df:d4:59:6e:37:da:
                    93:dc:9d:ca:ac:d7:66:0b:f3:3e:07:ed:7e:e0:dc:
                    6d:df:bf:ef:55:3e:cf:a9:3d:38:e5:d1:54:a3:6d:
                    a5:4a:9d:f4:33:98:c0:9f:40:81:97:25:7f:a4:de:
                    51:3f:e4:f6:6e:57:86:d3:5f:df:bd:2c:9b:67:a2:
                    cc:dc:5f:ff:1e:88:91:8c:b1:02:c8:28:c1:e4:d7:
                    61:58:93:4b:c8:70:68:ed:d2:22:bb:6f:45:0f:8a:
                    59:8b:e4:c2:f0:20:ef:be:6e:71:0b:e8:09:df:f7:
                    4d:db:fa:4e:7e:c4:5e:c2:2f:a4:80:02:42:17:a8:
                    c9:68:ae:e4:8d:08:a6:c4:94:66:42:e9:8d:59:d1:
                    57:63:03:e1:fc:f4:bb:e8:2c:d1:8d:af:e3:88:87:
                    34:37:15:a3:04:b8:2f:dd:4e:ee:7d:91:07:27:56:
                    cb:2c:c7:2d:51:c2:76:bd:10:b8:29:0e:35:84:7e:
                    86:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:63:8C:83:77:30:9F:4B:BA:EF:98:E4:EA:19:24:48:AD:B0:CD:98
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/c2OMg3cwn0u675jk6hkkSK2wzZg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:64:21:9b:97:5b:4e:3c:1d:c0:1c:b8:12:97:32:0f:e5:e8:
         c1:5f:83:21:af:27:7f:12:0f:8a:00:e2:6f:94:c6:af:a7:b1:
         03:8c:dd:a9:38:dc:b0:12:93:8d:62:f0:b1:c9:8a:1c:bc:f8:
         6c:5e:4d:e9:b1:f7:57:e1:22:50:03:98:69:6b:c3:09:e0:c1:
         24:a6:4d:29:17:32:ca:e3:9b:a7:14:92:86:bb:2f:f4:cf:86:
         b4:36:f2:cb:98:3c:18:7d:35:83:1e:cd:a5:1b:be:10:9b:12:
         18:ec:4b:34:af:d1:64:a5:e5:a1:bb:45:3d:f9:c4:8e:fd:69:
         39:87:7f:9e:f3:38:93:2f:70:0f:79:25:ec:e5:6a:e8:b0:30:
         2e:63:4c:97:c4:f0:32:90:32:72:6d:d2:3a:69:ad:56:12:7e:
         91:af:06:cd:34:19:3e:38:61:bf:21:35:ad:45:04:ec:86:61:
         ab:c6:10:7b:5c:45:e3:37:81:31:69:00:41:1a:21:3f:4d:b3:
         f1:97:31:43:c4:d9:f9:48:20:28:fc:f7:54:ae:81:7c:e6:72:
         2f:81:1f:3e:7d:be:88:9b:16:d9:38:d3:28:1c:de:37:2c:16:
         be:f8:b4:2d:8a:69:ed:41:8c:2d:43:65:a0:02:f0:4a:07:30:
         87:89:b2:f9
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCCQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4MjRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDczNjM4QzgzNzczMDlG
NEJCQUVGOThFNEVBMTkyNDQ4QURCMENEOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX4+zy5O3BTgM16IufNsVABb5thWnRqpqOaoVh2V/cCt8gY5d3
o5rTUVNNONb0O9aRv8/AcNPAMmV84SPuL7s3Q60TZ9/UWW432pPcncqs12YL8z4H
7X7g3G3fv+9VPs+pPTjl0VSjbaVKnfQzmMCfQIGXJX+k3lE/5PZuV4bTX9+9LJtn
oszcX/8eiJGMsQLIKMHk12FYk0vIcGjt0iK7b0UPilmL5MLwIO++bnEL6Anf903b
+k5+xF7CL6SAAkIXqMloruSNCKbElGZC6Y1Z0VdjA+H89LvoLNGNr+OIhzQ3FaME
uC/dTu59kQcnVsssxy1Rwna9ELgpDjWEfoZdAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUc2OMg3cwn0u675jk6hkkSK2wzZgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9jMk9NZzNjd24wdTY3NWprNmhr
a1NLMnd6Wmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCK/9c
MA0GCSqGSIb3DQEBCwUAA4IBAQAiZCGbl1tOPB3AHLgSlzIP5ejBX4Mhryd/Eg+K
AOJvlMavp7EDjN2pONywEpONYvCxyYocvPhsXk3psfdX4SJQA5hpa8MJ4MEkpk0p
FzLK45unFJKGuy/0z4a0NvLLmDwYfTWDHs2lG74QmxIY7Es0r9FkpeWhu0U9+cSO
/Wk5h3+e8ziTL3APeSXs5WrosDAuY0yXxPAykDJybdI6aa1WEn6RrwbNNBk+OGG/
ITWtRQTshmGrxhB7XEXjN4ExaQBBGiE/TbPxlzFDxNn5SCAo/PdUroF85nIvgR8+
fb6ImxbZONMoHN43LBa++LQtimntQYwtQ2WgAvBKBzCHibL5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org