Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/oJA_X8RXE5JUm_iSZJ3QPwVYBlQ.roa
File:                     oJA_X8RXE5JUm_iSZJ3QPwVYBlQ.roa (raw, json)
Hash identifier:          goBN+4hNX5sBcVxb6wPEmN9qgzz/rWRWlcvYpL3eICs=
Subject key identifier:   A0:90:3F:5F:C4:57:13:92:54:9B:F8:92:64:9D:D0:3F:05:58:06:54
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/oJA_X8RXE5JUm_iSZJ3QPwVYBlQ.roa
Signing time:             Thu 15 Sep 2022 02:48:22 +0000
ROA not before:           Thu 15 Sep 2022 02:48:22 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131660
IP address blocks:        2001:b000:591::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3446 (0xd76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 15 02:48:22 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A0903F5FC4571392549BF892649DD03F05580654
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:68:ac:b4:7e:62:6b:e8:e8:6c:0e:e2:21:1a:
                    83:67:c2:75:46:23:72:21:b5:9e:44:a7:ef:d9:c3:
                    54:d8:f0:67:17:44:ec:a8:58:53:a2:f1:ad:26:b6:
                    0b:98:2d:b9:91:89:b6:f5:87:97:f2:61:e2:1f:0d:
                    4e:ab:32:b3:bc:e5:e5:93:7a:78:2e:a6:0a:17:85:
                    56:fa:d9:2c:c3:49:05:c6:96:46:bd:05:f1:27:2d:
                    61:e6:9a:1a:8b:24:e8:80:d4:d5:e7:2d:6f:2c:98:
                    f8:59:d7:06:2c:be:98:23:91:38:37:12:1c:31:a9:
                    aa:13:48:64:31:93:ab:00:90:bc:04:5f:d1:ee:0f:
                    81:8e:d7:1f:64:6d:dc:02:db:ff:c0:2f:e4:4a:12:
                    4a:48:37:cd:e6:5b:8e:66:42:2c:66:e9:11:a4:c3:
                    44:1b:20:fd:74:29:6f:1c:41:05:0e:ee:f1:7c:e2:
                    20:f3:1a:78:08:ca:9b:37:a4:4c:ad:51:21:39:0a:
                    b6:55:1e:3b:05:cc:2d:b7:87:4c:f7:d5:a7:86:75:
                    67:8f:c5:c4:75:0f:1e:6b:03:91:fa:29:2b:f9:70:
                    92:f3:72:21:9f:f5:4c:9b:82:6e:09:34:3a:57:dc:
                    db:5d:10:a5:28:84:cc:fd:8a:88:6c:33:40:b8:4e:
                    07:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:90:3F:5F:C4:57:13:92:54:9B:F8:92:64:9D:D0:3F:05:58:06:54
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/oJA_X8RXE5JUm_iSZJ3QPwVYBlQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:b000:591::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:a8:87:e2:f5:80:00:7f:93:81:65:e8:ff:74:f5:78:65:6f:
         6b:5b:84:da:e3:b3:d9:60:a4:ec:7d:4b:20:c6:8d:09:ea:e1:
         a3:57:04:df:88:da:6c:bf:87:1a:ca:00:29:f5:f0:7a:fa:69:
         0f:b8:e1:3a:4b:a6:71:ee:b2:75:63:61:cd:53:84:aa:39:4e:
         c2:1c:aa:2e:35:9b:51:3b:62:e6:b7:8d:24:0c:c8:c7:b1:c4:
         06:f9:e1:ad:b9:46:f8:03:c1:e9:e3:40:c9:2d:a9:7d:2c:1d:
         ac:25:58:d2:f8:2a:90:a5:c5:5a:24:fd:45:d1:eb:f4:93:69:
         e7:a6:cc:27:9d:6d:b7:09:32:d3:eb:b3:0e:5d:f1:ea:63:21:
         74:c7:f2:db:ab:b0:8c:90:31:45:7d:8f:29:ca:84:c1:d9:6e:
         b3:3e:c4:ec:df:15:7c:4e:d0:d1:40:33:42:5f:ca:7d:ed:5f:
         df:69:a4:7f:8a:c0:a0:4b:1f:4d:cb:66:e9:89:87:3b:88:20:
         34:c1:a8:39:8e:22:d2:0c:52:b5:c4:54:12:1c:3e:f4:d5:59:
         14:20:db:3c:27:76:3c:87:6e:72:90:2e:3e:0e:c3:00:25:d4:
         75:b4:2d:19:e9:db:5f:b7:13:eb:f4:59:bf:47:b2:44:8f:4d:
         ac:5f:16:21
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEEwOTAzRjVGQzQ1NzEz
OTI1NDlCRjg5MjY0OUREMDNGMDU1ODA2NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsaKy0fmJr6OhsDuIhGoNnwnVGI3IhtZ5Ep+/Zw1TY8GcXROyo
WFOi8a0mtguYLbmRibb1h5fyYeIfDU6rMrO85eWTengupgoXhVb62SzDSQXGlka9
BfEnLWHmmhqLJOiA1NXnLW8smPhZ1wYsvpgjkTg3EhwxqaoTSGQxk6sAkLwEX9Hu
D4GO1x9kbdwC2//AL+RKEkpIN83mW45mQixm6RGkw0QbIP10KW8cQQUO7vF84iDz
GngIyps3pEytUSE5CrZVHjsFzC23h0z31aeGdWePxcR1Dx5rA5H6KSv5cJLzciGf
9Uybgm4JNDpX3NtdEKUohMz9iohsM0C4TgcRAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUoJA/X8RXE5JUm/iSZJ3QPwVYBlQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9vSkFfWDhSWEU1SlVtX2lTWkoz
UVB3VllCbFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw
AAWRMA0GCSqGSIb3DQEBCwUAA4IBAQBaqIfi9YAAf5OBZej/dPV4ZW9rW4Ta47PZ
YKTsfUsgxo0J6uGjVwTfiNpsv4caygAp9fB6+mkPuOE6S6Zx7rJ1Y2HNU4SqOU7C
HKouNZtRO2Lmt40kDMjHscQG+eGtuUb4A8Hp40DJLal9LB2sJVjS+CqQpcVaJP1F
0ev0k2nnpswnnW23CTLT67MOXfHqYyF0x/Lbq7CMkDFFfY8pyoTB2W6zPsTs3xV8
TtDRQDNCX8p97V/faaR/isCgSx9Ny2bpiYc7iCA0wag5jiLSDFK1xFQSHD701VkU
INs8J3Y8h25ykC4+DsMAJdR1tC0Z6dtftxPr9Fm/R7JEj02sXxYh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org