Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/nuWBvvp2zbumwX4o9ypLp2is6VQ.roa
File:                     nuWBvvp2zbumwX4o9ypLp2is6VQ.roa (raw, json)
Hash identifier:          bld+u2dygYyvkV79hDjfWCC3hQZVrOZnRDbjQnlzbtk=
Subject key identifier:   9E:E5:81:BE:FA:76:CD:BB:A6:C1:7E:28:F7:2A:4B:A7:68:AC:E9:54
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nuWBvvp2zbumwX4o9ypLp2is6VQ.roa
Signing time:             Thu 15 Sep 2022 02:48:19 +0000
ROA not before:           Thu 15 Sep 2022 02:48:19 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131660
IP address blocks:        2001:b000:590::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3446 (0xd76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 15 02:48:19 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=9EE581BEFA76CDBBA6C17E28F72A4BA768ACE954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3c:74:35:62:63:ef:ee:ba:8b:1e:3d:0f:29:
                    3f:ca:5c:92:a7:ea:5c:ef:1b:84:8f:ab:3f:13:58:
                    61:91:de:28:49:80:af:a8:78:f0:84:52:74:01:43:
                    e3:d2:a6:3c:63:b9:f2:f6:cf:c2:0c:e8:61:4d:f6:
                    15:3d:65:bc:be:05:c1:39:28:ee:08:57:ac:d4:a2:
                    ec:53:85:24:39:10:6d:7f:24:4d:d9:6b:c3:74:7e:
                    a5:ed:dd:fb:79:42:d3:b4:ac:f5:28:01:c7:54:53:
                    84:7c:e9:92:e1:59:98:35:b9:0a:55:2f:39:25:78:
                    16:b2:09:55:f1:bf:92:fc:3d:3a:4f:bf:b8:b0:57:
                    1c:fb:7f:a3:ec:19:ff:54:28:38:43:6f:76:d7:9b:
                    8b:1d:9a:a7:fc:b8:bd:e5:6d:2b:2f:99:4d:6a:d9:
                    ca:8d:fd:84:1e:3f:ee:74:8c:71:fd:29:25:90:13:
                    14:db:93:c2:03:72:6d:85:2c:26:b3:0e:77:36:cc:
                    8c:f4:c9:5b:d0:45:bc:d7:e3:f0:b5:c7:47:2c:d3:
                    03:f4:44:87:da:5c:d1:d5:26:ae:d8:db:63:e9:05:
                    39:35:14:7a:33:47:1a:26:86:8f:e2:4e:28:5e:7f:
                    52:90:ed:49:c1:32:ea:4b:0d:b0:af:51:2a:43:d2:
                    ca:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:E5:81:BE:FA:76:CD:BB:A6:C1:7E:28:F7:2A:4B:A7:68:AC:E9:54
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nuWBvvp2zbumwX4o9ypLp2is6VQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:b000:590::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:f0:ca:70:ab:3e:86:82:9f:2a:f3:0c:82:18:d5:d6:a8:a7:
         b8:0d:2b:cf:dc:29:7b:5b:39:c6:a5:74:c4:c9:7d:d8:37:21:
         fb:31:18:38:88:cc:03:45:da:f4:73:7c:4a:95:fb:38:81:1c:
         73:ed:3a:78:00:4b:19:73:9c:5b:e9:fd:fa:03:80:c6:e8:f8:
         5a:e9:51:b3:20:c3:44:ec:04:c1:6d:fe:4f:d8:cc:c5:68:43:
         38:84:e7:62:bb:97:49:9d:e1:43:2f:08:be:b4:fe:18:1a:d1:
         e0:9e:1f:e8:6c:54:82:fb:a2:63:1f:b4:21:90:1b:2e:6c:d6:
         ee:4a:27:e2:d6:e6:c1:12:e8:24:65:88:6b:ab:75:ea:5c:12:
         62:bc:70:64:3f:c6:9d:21:8f:9d:01:9a:a5:e1:0c:a0:2d:2b:
         32:e3:03:50:e0:28:a0:99:90:80:07:84:0a:6e:82:58:3f:83:
         68:a3:56:fa:6b:07:2a:5c:45:37:67:e4:b9:f9:93:61:b6:1d:
         54:20:87:e0:be:ab:9b:f0:29:ca:34:e6:b0:c1:aa:04:2d:f4:
         75:0f:a2:8a:f5:1e:eb:3b:6e:56:17:db:09:ed:d0:6c:a3:1c:
         9c:e2:d2:8a:b1:e7:6d:4f:90:0f:71:9c:02:75:0e:4f:0c:84:
         5f:0b:5a:ee
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDlFRTU4MUJFRkE3NkNE
QkJBNkMxN0UyOEY3MkE0QkE3NjhBQ0U5NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnPHQ1YmPv7rqLHj0PKT/KXJKn6lzvG4SPqz8TWGGR3ihJgK+o
ePCEUnQBQ+PSpjxjufL2z8IM6GFN9hU9Zby+BcE5KO4IV6zUouxThSQ5EG1/JE3Z
a8N0fqXt3ft5QtO0rPUoAcdUU4R86ZLhWZg1uQpVLzkleBayCVXxv5L8PTpPv7iw
Vxz7f6PsGf9UKDhDb3bXm4sdmqf8uL3lbSsvmU1q2cqN/YQeP+50jHH9KSWQExTb
k8IDcm2FLCazDnc2zIz0yVvQRbzX4/C1x0cs0wP0RIfaXNHVJq7Y22PpBTk1FHoz
Rxomho/iTihef1KQ7UnBMupLDbCvUSpD0sqdAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUnuWBvvp2zbumwX4o9ypLp2is6VQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9udVdCdnZwMnpidW13WDRvOXlw
THAyaXM2VlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw
AAWQMA0GCSqGSIb3DQEBCwUAA4IBAQCQ8Mpwqz6Ggp8q8wyCGNXWqKe4DSvP3Cl7
WznGpXTEyX3YNyH7MRg4iMwDRdr0c3xKlfs4gRxz7Tp4AEsZc5xb6f36A4DG6Pha
6VGzIMNE7ATBbf5P2MzFaEM4hOdiu5dJneFDLwi+tP4YGtHgnh/obFSC+6JjH7Qh
kBsubNbuSifi1ubBEugkZYhrq3XqXBJivHBkP8adIY+dAZql4QygLSsy4wNQ4Cig
mZCAB4QKboJYP4Noo1b6awcqXEU3Z+S5+ZNhth1UIIfgvqub8CnKNOawwaoELfR1
D6KK9R7rO25WF9sJ7dBsoxyc4tKKsedtT5APcZwCdQ5PDIRfC1ru
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org