Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/khmvh-EZS6bR0tI370x0_zIUyvE.roa
File:                     khmvh-EZS6bR0tI370x0_zIUyvE.roa (raw, json)
Hash identifier:          NlNeDsMcNdgCi41FQ5BOXTya0fUUztE9nxcKreREhH4=
Subject key identifier:   92:19:AF:87:E1:19:4B:A6:D1:D2:D2:37:EF:4C:74:FF:32:14:CA:F1
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0C6A
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/khmvh-EZS6bR0tI370x0_zIUyvE.roa
Signing time:             Wed 29 Sep 2021 02:51:15 +0000
ROA not before:           Wed 29 Sep 2021 02:51:15 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     198949
IP address blocks:        210.242.118.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3178 (0xc6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 02:51:15 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=9219AF87E1194BA6D1D2D237EF4C74FF3214CAF1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:94:b0:a9:f8:5f:2d:4c:80:4e:7a:4d:64:bf:
                    d4:57:93:0f:8b:fb:96:93:95:9d:6b:fe:2e:d8:0d:
                    bf:bb:e2:d7:c8:75:59:52:40:39:cd:e7:bb:59:6a:
                    b5:3f:91:b0:95:c0:03:46:05:09:f6:9c:02:4b:02:
                    60:cb:bc:8d:33:15:1e:5b:5f:36:95:5e:ee:0f:0b:
                    5d:af:73:68:5e:48:8f:43:f5:07:35:eb:70:7e:1c:
                    bd:e8:61:31:90:5e:35:0d:40:3f:1f:d6:5f:69:62:
                    db:75:de:a7:05:84:ac:58:8a:12:53:81:f0:24:83:
                    fb:9e:f8:1a:40:a6:bd:ca:ce:b4:2d:8d:c3:58:ba:
                    da:3a:0f:a2:fb:ca:dc:ad:14:8c:fb:98:e9:40:2a:
                    2d:df:11:a8:fe:95:25:1f:ed:22:36:a1:c7:1b:7e:
                    10:09:ef:6d:09:63:60:6f:67:4a:24:43:34:61:fb:
                    40:92:23:63:43:01:d7:9b:57:53:13:23:86:a9:6f:
                    5f:6d:f5:d0:ae:20:d0:70:96:49:7b:f3:b7:d3:e5:
                    85:a4:12:6a:39:ad:14:e2:38:79:3d:58:99:68:56:
                    0d:d0:59:9a:b3:43:41:cf:a9:2e:7c:b2:e0:6b:a6:
                    dc:87:09:25:5a:a3:5a:75:b4:28:b1:ab:46:23:98:
                    18:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:19:AF:87:E1:19:4B:A6:D1:D2:D2:37:EF:4C:74:FF:32:14:CA:F1
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/khmvh-EZS6bR0tI370x0_zIUyvE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.242.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:d2:cd:2b:97:dd:a1:5d:56:33:b3:cb:e3:98:75:cd:92:13:
         11:5b:a0:09:ee:bc:c1:a2:a4:5a:3b:c3:52:e6:b8:31:1a:96:
         61:b1:51:40:f1:bd:06:88:db:a8:84:42:85:2e:87:62:73:6e:
         38:e3:c5:06:a2:63:43:2c:4b:83:06:d0:e9:f5:54:5e:f1:d8:
         3e:ca:c9:b7:52:9c:43:fb:b5:38:75:33:16:11:b6:72:16:c9:
         55:a9:be:93:c1:81:3a:ff:f0:9e:c6:6e:1f:e0:9f:c4:76:bf:
         3f:4d:a6:9a:ce:a3:88:e0:df:51:bc:db:81:27:cc:e5:19:2c:
         23:e4:fb:b8:1a:42:6c:e4:d6:c9:cb:a5:3d:d3:0e:e8:bf:b7:
         e9:66:b1:44:d5:90:08:17:3c:b5:f7:ae:c1:75:16:ae:b5:2c:
         47:bc:7c:90:4d:6b:61:73:53:5c:ea:8f:66:8f:e1:d8:04:d0:
         e6:dc:e5:be:6b:b2:37:c8:f2:43:1a:8d:97:11:ae:6c:62:bf:
         68:5b:27:dc:65:c9:57:e6:32:82:96:a1:82:00:82:12:52:75:
         4c:35:5e:bf:b0:2b:71:d6:89:a6:ed:97:ab:cc:dd:d1:5a:6c:
         f2:da:53:03:3f:3a:ef:25:c6:34:54:60:93:1f:88:ae:2a:b3:
         3c:da:92:a5
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDGowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDkyMTlBRjg3RTExOTRC
QTZEMUQyRDIzN0VGNEM3NEZGMzIxNENBRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvlLCp+F8tTIBOek1kv9RXkw+L+5aTlZ1r/i7YDb+74tfIdVlS
QDnN57tZarU/kbCVwANGBQn2nAJLAmDLvI0zFR5bXzaVXu4PC12vc2heSI9D9Qc1
63B+HL3oYTGQXjUNQD8f1l9pYtt13qcFhKxYihJTgfAkg/ue+BpApr3KzrQtjcNY
uto6D6L7ytytFIz7mOlAKi3fEaj+lSUf7SI2occbfhAJ720JY2BvZ0okQzRh+0CS
I2NDAdebV1MTI4apb19t9dCuINBwlkl787fT5YWkEmo5rRTiOHk9WJloVg3QWZqz
Q0HPqS58suBrptyHCSVao1p1tCixq0YjmBgzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUkhmvh+EZS6bR0tI370x0/zIUyvEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9raG12aC1FWlM2YlIwdEkzNzB4
MF96SVV5dkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0vJ2
MA0GCSqGSIb3DQEBCwUAA4IBAQAM0s0rl92hXVYzs8vjmHXNkhMRW6AJ7rzBoqRa
O8NS5rgxGpZhsVFA8b0GiNuohEKFLodic24448UGomNDLEuDBtDp9VRe8dg+ysm3
UpxD+7U4dTMWEbZyFslVqb6TwYE6//Cexm4f4J/Edr8/TaaazqOI4N9RvNuBJ8zl
GSwj5Pu4GkJs5NbJy6U90w7ov7fpZrFE1ZAIFzy1967BdRautSxHvHyQTWthc1Nc
6o9mj+HYBNDm3OW+a7I3yPJDGo2XEa5sYr9oWyfcZclX5jKClqGCAIISUnVMNV6/
sCtx1omm7ZerzN3RWmzy2lMDPzrvJcY0VGCTH4iuKrM82pKl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org