Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/p2EdhSUeXIwuofyh1Xqmk5S3AMU.roa
File:                     p2EdhSUeXIwuofyh1Xqmk5S3AMU.roa (raw, json)
Hash identifier:          OZlSr1sVhURCJdNRGD2kvLyrApDa8oEhRnZ/f8JrQHk=
Subject key identifier:   A7:61:1D:85:25:1E:5C:8C:2E:A1:FC:A1:D5:7A:A6:93:94:B7:00:C5
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0B15
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/p2EdhSUeXIwuofyh1Xqmk5S3AMU.roa
Signing time:             Sun 07 Feb 2021 11:47:23 +0000
ROA not before:           Sun 07 Feb 2021 11:47:23 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17421
IP address blocks:        114.136.0.0/15 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2837 (0xb15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 11:47:23 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=A7611D85251E5C8C2EA1FCA1D57AA69394B700C5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9a:c5:b6:2f:81:c9:fa:1a:6f:a1:b7:90:97:
                    c7:83:99:dc:bd:31:24:14:95:63:56:84:ca:d1:15:
                    1c:ee:e3:36:a7:4c:b1:cf:f7:c1:3b:2f:7e:57:55:
                    d5:db:4d:6e:94:da:cd:33:7e:5e:40:10:55:28:48:
                    04:99:9a:4c:dc:77:66:df:9f:8c:98:25:c0:b4:09:
                    19:2d:29:7a:0e:a9:f2:71:4c:41:dd:e5:44:0e:f0:
                    57:16:e4:32:03:fe:05:75:30:ad:90:b3:ad:98:0d:
                    56:07:db:ab:1a:dc:1e:38:bc:fe:98:1b:b3:6b:d6:
                    cc:ae:db:46:40:33:a6:eb:7b:22:1b:c0:e3:df:fa:
                    ab:2b:d0:e5:0c:ff:cc:c9:46:f5:7d:5a:f9:4d:c1:
                    40:24:20:c1:a6:21:d1:64:2a:03:97:8a:81:ee:a7:
                    e8:5f:e6:a2:4d:7c:89:86:b5:fc:ef:fb:f0:0d:d8:
                    bc:f3:65:14:9b:2d:86:b6:22:da:3e:c2:17:d1:25:
                    9d:29:48:fe:d6:5d:77:fa:15:15:5d:29:6c:54:c9:
                    51:00:f2:fa:b9:b2:50:37:14:c1:ff:ce:94:dc:96:
                    a0:96:43:74:1a:b5:fa:25:58:20:4a:a8:68:c2:ab:
                    54:9e:26:d1:6f:94:62:ba:bd:29:85:e0:5f:13:ab:
                    07:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:61:1D:85:25:1E:5C:8C:2E:A1:FC:A1:D5:7A:A6:93:94:B7:00:C5
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/p2EdhSUeXIwuofyh1Xqmk5S3AMU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.136.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         b0:24:f0:43:6d:87:f1:0d:a2:65:da:c7:70:0e:9f:6d:d4:c4:
         02:ee:6f:b8:d0:88:84:80:95:eb:50:44:50:fb:7b:4f:f6:4a:
         6a:82:f4:0e:58:c1:1c:f8:af:6f:0b:f7:8b:dd:41:f1:7c:39:
         dc:b6:61:3e:df:7f:c9:e8:dd:7f:6b:bc:a7:7e:25:61:a6:ae:
         bd:6a:b2:32:e0:65:9c:a0:c6:07:19:2f:61:52:52:6d:e2:cf:
         c7:7e:50:e4:28:d0:45:3e:68:5a:6a:68:7b:50:e8:02:38:4f:
         5a:34:a4:ff:4a:1f:0e:7f:df:47:ff:e5:76:4a:f5:b3:66:2e:
         31:e4:2b:58:fe:95:5a:cb:2a:4d:ca:fd:4a:c8:03:b3:a0:7a:
         d2:e7:30:bc:fc:0b:55:6f:82:cf:5c:6c:4f:26:4c:54:25:5e:
         2c:5e:48:4c:a7:85:21:f0:c1:30:6a:b3:e8:f9:28:1f:a0:cf:
         ac:75:2e:d5:6b:cd:a9:e4:e8:78:2b:92:d5:d0:2b:0e:a9:7f:
         65:1d:c0:da:8e:a9:12:68:73:1e:ac:7b:28:e8:fd:67:4b:01:
         0e:c5:43:2f:1b:42:ec:6c:d1:3e:1a:6f:5a:c9:71:25:83:6d:
         b0:41:71:cf:e7:7b:d7:79:4b:ad:2d:a7:75:83:21:dd:18:17:
         52:70:95:18
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCxUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTQ3MjNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEE3NjExRDg1MjUxRTVD
OEMyRUExRkNBMUQ1N0FBNjkzOTRCNzAwQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2msW2L4HJ+hpvobeQl8eDmdy9MSQUlWNWhMrRFRzu4zanTLHP
98E7L35XVdXbTW6U2s0zfl5AEFUoSASZmkzcd2bfn4yYJcC0CRktKXoOqfJxTEHd
5UQO8FcW5DID/gV1MK2Qs62YDVYH26sa3B44vP6YG7Nr1syu20ZAM6breyIbwOPf
+qsr0OUM/8zJRvV9WvlNwUAkIMGmIdFkKgOXioHup+hf5qJNfImGtfzv+/AN2Lzz
ZRSbLYa2Ito+whfRJZ0pSP7WXXf6FRVdKWxUyVEA8vq5slA3FMH/zpTclqCWQ3Qa
tfolWCBKqGjCq1SeJtFvlGK6vSmF4F8TqwfJAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUp2EdhSUeXIwuofyh1Xqmk5S3AMUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9wMkVkaFNVZVhJd3VvZnloMVhx
bWs1UzNBTVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBcogw
DQYJKoZIhvcNAQELBQADggEBALAk8ENth/ENomXax3AOn23UxALub7jQiISAletQ
RFD7e0/2SmqC9A5YwRz4r28L94vdQfF8Ody2YT7ff8no3X9rvKd+JWGmrr1qsjLg
ZZygxgcZL2FSUm3iz8d+UOQo0EU+aFpqaHtQ6AI4T1o0pP9KHw5/30f/5XZK9bNm
LjHkK1j+lVrLKk3K/UrIA7OgetLnMLz8C1Vvgs9cbE8mTFQlXixeSEynhSHwwTBq
s+j5KB+gz6x1LtVrzank6HgrktXQKw6pf2UdwNqOqRJocx6seyjo/WdLAQ7FQy8b
Quxs0T4ab1rJcSWDbbBBcc/ne9d5S60tp3WDId0YF1JwlRg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org