Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/fzKkiM36Cx6Y79gNJsVHewOQ3bc.roa
File:                     fzKkiM36Cx6Y79gNJsVHewOQ3bc.roa (raw, json)
Hash identifier:          DN48dyDIyNsBoCBQ1raw3zugXGeWYKRHVdryEHymDXQ=
Subject key identifier:   7F:32:A4:88:CD:FA:0B:1E:98:EF:D8:0D:26:C5:47:7B:03:90:DD:B7
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0832
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/fzKkiM36Cx6Y79gNJsVHewOQ3bc.roa
Signing time:             Tue 29 Sep 2020 09:58:27 +0000
ROA not before:           Tue 29 Sep 2020 09:58:27 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     3462
IP address blocks:        220.136.0.0/13 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2098 (0x832)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 09:58:27 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=7F32A488CDFA0B1E98EFD80D26C5477B0390DDB7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:37:cf:00:1b:76:e2:c3:52:32:e9:40:24:82:
                    3a:36:31:6b:9d:03:5a:a0:30:22:d6:18:66:0a:d9:
                    a1:80:17:42:02:16:7c:e6:f3:ef:9a:43:78:97:39:
                    4e:48:53:d5:f4:09:6f:ac:9e:de:4d:fb:57:1d:1b:
                    52:ab:f4:48:fd:4f:70:59:ab:af:58:ce:6a:49:e9:
                    9d:4a:32:2f:41:bf:2a:c4:2e:f2:42:f6:04:4d:29:
                    88:2a:00:0e:57:6c:61:ae:dd:ff:26:45:27:aa:ce:
                    86:57:99:25:dd:6d:7f:51:04:a9:8e:6c:4b:65:d9:
                    c7:0a:be:e7:77:89:da:9f:95:ce:0b:e1:5f:f0:7a:
                    01:2b:e9:05:44:8a:60:06:c7:f5:3d:83:5b:2f:19:
                    af:a6:9a:51:78:33:40:d3:a3:d9:76:1b:84:11:da:
                    99:55:c1:61:78:1a:1b:c2:0f:4c:d8:fa:1c:2b:bd:
                    38:8d:ae:43:fd:c1:4a:d6:63:0f:37:55:07:6c:c7:
                    30:f8:b4:c1:40:41:1e:bb:1e:b6:04:36:02:0f:df:
                    ce:94:ff:b0:24:bd:93:a3:fd:e3:a9:70:a9:5d:06:
                    65:1d:d1:bd:4e:25:a8:4a:58:d8:e1:9c:15:34:13:
                    1f:69:6f:07:63:7e:b4:b6:ef:e2:6e:b2:73:a3:26:
                    4c:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:32:A4:88:CD:FA:0B:1E:98:EF:D8:0D:26:C5:47:7B:03:90:DD:B7
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/fzKkiM36Cx6Y79gNJsVHewOQ3bc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.136.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         91:c0:f7:58:41:f8:7b:d0:f0:fc:3b:39:22:22:df:0f:ac:2e:
         4c:af:2e:fe:95:af:49:0c:a1:ac:f5:08:40:7f:7e:fd:9b:2c:
         93:21:76:3a:54:b0:78:5f:ad:48:aa:09:4f:18:38:a0:a8:35:
         7b:42:1f:24:7e:ff:35:aa:f2:cb:fc:90:b4:cf:ad:74:b0:38:
         c5:58:32:cc:f1:1f:14:65:52:ab:eb:96:1d:05:85:83:f4:b9:
         90:7c:18:55:25:e1:80:d8:9a:8a:23:6e:88:af:e0:74:04:d8:
         1e:ea:75:24:11:5c:8a:67:e5:9e:c4:59:f1:36:15:e6:d4:f4:
         0e:fe:6a:e8:0a:70:a3:79:e1:65:c2:71:11:8b:2b:61:99:8a:
         3a:52:8e:c4:85:9a:59:8b:43:c4:17:a4:5f:e6:50:73:15:2b:
         9a:3c:1c:fe:72:b3:ad:36:0d:38:82:c6:bb:b3:70:c8:da:d4:
         5d:1a:fc:fd:91:50:96:7f:ee:6c:b6:39:06:3f:ef:b3:0b:4d:
         90:27:26:e2:2a:cc:06:07:46:0c:14:a6:53:71:a7:4c:01:02:
         84:dc:9d:5a:1c:b5:8d:73:95:c7:4f:6a:de:91:e1:84:cf:ff:
         d3:43:de:02:0b:71:dd:16:73:c5:8b:34:8f:9a:d7:0d:4a:5e:
         bf:1c:f2:95
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4MjdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDdGMzJBNDg4Q0RGQTBC
MUU5OEVGRDgwRDI2QzU0NzdCMDM5MEREQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+N88AG3biw1Iy6UAkgjo2MWudA1qgMCLWGGYK2aGAF0ICFnzm
8++aQ3iXOU5IU9X0CW+snt5N+1cdG1Kr9Ej9T3BZq69YzmpJ6Z1KMi9BvyrELvJC
9gRNKYgqAA5XbGGu3f8mRSeqzoZXmSXdbX9RBKmObEtl2ccKvud3idqflc4L4V/w
egEr6QVEimAGx/U9g1svGa+mmlF4M0DTo9l2G4QR2plVwWF4GhvCD0zY+hwrvTiN
rkP9wUrWYw83VQdsxzD4tMFAQR67HrYENgIP386U/7AkvZOj/eOpcKldBmUd0b1O
JahKWNjhnBU0Ex9pbwdjfrS27+JusnOjJkxPAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUfzKkiM36Cx6Y79gNJsVHewOQ3bcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9mektraU0zNkN4Nlk3OWdOSnNW
SGV3T1EzYmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD3Igw
DQYJKoZIhvcNAQELBQADggEBAJHA91hB+HvQ8Pw7OSIi3w+sLkyvLv6Vr0kMoaz1
CEB/fv2bLJMhdjpUsHhfrUiqCU8YOKCoNXtCHyR+/zWq8sv8kLTPrXSwOMVYMszx
HxRlUqvrlh0FhYP0uZB8GFUl4YDYmoojboiv4HQE2B7qdSQRXIpn5Z7EWfE2FebU
9A7+augKcKN54WXCcRGLK2GZijpSjsSFmlmLQ8QXpF/mUHMVK5o8HP5ys602DTiC
xruzcMja1F0a/P2RUJZ/7my2OQY/77MLTZAnJuIqzAYHRgwUplNxp0wBAoTcnVoc
tY1zlcdPat6R4YTP/9ND3gILcd0Wc8WLNI+a1w1KXr8c8pU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org