Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/nOvYaQPHOJTDaoJXP0sa6E6MsSM.roa
File:                     nOvYaQPHOJTDaoJXP0sa6E6MsSM.roa (raw, json)
Hash identifier:          LA46iRmcg8wd4yb0Pu4BqKh+Ac2xQLQzqqlfxykdRnE=
Subject key identifier:   9C:EB:D8:69:03:C7:38:94:C3:6A:82:57:3F:4B:1A:E8:4E:8C:B1:23
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0C5A
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nOvYaQPHOJTDaoJXP0sa6E6MsSM.roa
Signing time:             Wed 29 Sep 2021 02:51:11 +0000
ROA not before:           Wed 29 Sep 2021 02:51:11 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17421
IP address blocks:        211.79.32.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3162 (0xc5a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 02:51:11 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=9CEBD86903C73894C36A82573F4B1AE84E8CB123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:40:19:4a:cf:ee:28:09:51:e8:91:55:26:b1:
                    db:c5:a3:0d:80:91:d6:9a:45:66:cc:2d:eb:45:d3:
                    f0:40:a6:01:43:9a:ff:db:93:0a:31:f8:63:63:00:
                    4d:d5:ef:5e:43:99:3b:d6:c9:7d:8d:ef:fe:cc:1a:
                    77:82:1f:94:c7:a3:3d:6d:c7:23:c6:33:bd:d4:3c:
                    45:44:4b:b6:03:40:88:fb:d2:c2:ea:91:cb:6d:d1:
                    e8:53:f8:03:28:ba:da:8a:88:47:a7:89:3c:1b:86:
                    5e:1f:ab:3c:a2:d7:dc:b1:f5:34:58:83:9b:1a:48:
                    6b:88:01:25:0a:4d:d4:e0:aa:ed:ec:f3:9c:2b:46:
                    72:a3:7b:d5:28:b9:7c:38:5f:2c:8d:aa:e7:8c:32:
                    d9:63:f2:b9:e9:d5:d4:6b:55:72:45:2f:16:5b:20:
                    8c:c6:11:18:1c:c3:6b:4c:71:dc:97:d5:12:4d:01:
                    be:fa:ec:51:02:d9:c2:5c:a8:b9:0a:25:df:0e:9f:
                    54:ee:2b:27:a1:b5:c4:3a:5c:93:27:aa:b5:d3:11:
                    32:d2:4d:5e:dc:09:74:ba:1e:78:a4:f5:91:bc:7e:
                    06:69:31:7f:89:d3:72:11:11:dc:34:7d:7b:16:c7:
                    19:5f:b1:ae:fd:b3:cf:e4:ff:67:4a:86:af:8b:ff:
                    08:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:EB:D8:69:03:C7:38:94:C3:6A:82:57:3F:4B:1A:E8:4E:8C:B1:23
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nOvYaQPHOJTDaoJXP0sa6E6MsSM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.79.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         73:98:77:56:50:27:2d:27:33:55:c6:b7:0e:ed:a8:d6:0a:c2:
         4e:32:71:4e:96:6c:76:d5:4e:4f:d0:2e:eb:b1:85:f6:97:0f:
         5f:3a:8d:f9:4b:59:0b:7a:6f:e5:67:5a:88:b8:ea:6a:cc:b4:
         17:f3:5b:3e:fc:0b:c8:c3:72:4b:09:ec:c2:aa:52:b8:9a:87:
         df:32:2c:86:7c:17:28:35:fa:a2:af:e5:d3:c8:0a:1b:e6:f4:
         05:97:51:23:8e:47:1b:dd:b9:79:b2:5a:aa:9b:a6:e9:70:06:
         8f:cc:73:93:23:b9:45:24:60:36:ef:59:85:85:97:b1:df:bb:
         9b:b9:7d:3e:1f:c0:a4:bf:2d:fb:b5:ea:8e:44:04:50:63:ae:
         bc:b3:57:db:e6:96:0a:93:37:a6:ac:7f:07:9d:27:cd:b9:49:
         e7:f4:1a:3e:b5:3c:d6:f1:56:b1:78:06:eb:02:cc:c5:58:3a:
         14:b9:31:af:65:f6:66:2c:96:24:9e:f9:76:95:51:d4:fc:1f:
         4e:aa:63:76:1b:dd:0b:f1:48:4f:8f:27:16:49:de:ec:35:f2:
         ba:94:9e:5e:43:36:a5:0c:ac:35:03:36:58:bb:3f:6e:21:44:
         b7:fb:e6:17:68:95:be:3f:81:29:38:60:f6:29:cb:6a:fa:97:
         36:44:af:7f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlDRUJEODY5MDNDNzM4
OTRDMzZBODI1NzNGNEIxQUU4NEU4Q0IxMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkQBlKz+4oCVHokVUmsdvFow2AkdaaRWbMLetF0/BApgFDmv/b
kwox+GNjAE3V715DmTvWyX2N7/7MGneCH5THoz1txyPGM73UPEVES7YDQIj70sLq
kctt0ehT+AMoutqKiEeniTwbhl4fqzyi19yx9TRYg5saSGuIASUKTdTgqu3s85wr
RnKje9UouXw4XyyNqueMMtlj8rnp1dRrVXJFLxZbIIzGERgcw2tMcdyX1RJNAb76
7FEC2cJcqLkKJd8On1TuKyehtcQ6XJMnqrXTETLSTV7cCXS6Hnik9ZG8fgZpMX+J
03IREdw0fXsWxxlfsa79s8/k/2dKhq+L/widAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUnOvYaQPHOJTDaoJXP0sa6E6MsSMwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9uT3ZZYVFQSE9KVERhb0pYUDBz
YTZFNk1zU00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE008g
MA0GCSqGSIb3DQEBCwUAA4IBAQBzmHdWUCctJzNVxrcO7ajWCsJOMnFOlmx21U5P
0C7rsYX2lw9fOo35S1kLem/lZ1qIuOpqzLQX81s+/AvIw3JLCezCqlK4moffMiyG
fBcoNfqir+XTyAob5vQFl1Ejjkcb3bl5slqqm6bpcAaPzHOTI7lFJGA271mFhZex
37ubuX0+H8Ckvy37teqORARQY668s1fb5pYKkzemrH8HnSfNuUnn9Bo+tTzW8Vax
eAbrAszFWDoUuTGvZfZmLJYknvl2lVHU/B9OqmN2G90L8UhPjycWSd7sNfK6lJ5e
QzalDKw1AzZYuz9uIUS3++YXaJW+P4EpOGD2Kctq+pc2RK9/
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org