Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/skOzrKckZiP9MpHxqZTpN2salKQ.roa
File:                     skOzrKckZiP9MpHxqZTpN2salKQ.roa (raw, json)
Hash identifier:          dkPILSBj9HZ7az58VbQFv/QvJWS6nJFhvsbx+sC8qUI=
Subject key identifier:   B2:43:B3:AC:A7:24:66:23:FD:32:91:F1:A9:94:E9:37:6B:1A:94:A4
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0BF9
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/skOzrKckZiP9MpHxqZTpN2salKQ.roa
Signing time:             Wed 29 Sep 2021 02:50:43 +0000
ROA not before:           Wed 29 Sep 2021 02:50:43 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     21859
IP address blocks:        210.61.201.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3065 (0xbf9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 02:50:43 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=B243B3ACA7246623FD3291F1A994E9376B1A94A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:80:4c:85:7f:f2:33:bd:fd:8f:d1:76:4d:72:
                    26:d3:34:54:65:c4:3f:9b:a2:c2:df:d1:23:d3:3c:
                    9c:5a:7a:b6:82:48:97:ab:76:95:78:ea:98:a7:ea:
                    81:a9:b6:c7:da:c9:33:d3:c7:ba:1d:b3:49:30:af:
                    6c:23:6d:f9:a8:5f:c8:aa:31:33:5a:76:24:01:ce:
                    58:ad:1f:4d:d8:8c:7d:8b:82:08:23:45:23:a4:d0:
                    4e:db:cc:61:a2:43:a4:3b:43:95:7f:8f:40:21:dd:
                    88:4c:b6:39:8b:5f:73:99:b4:a7:1a:54:77:ad:36:
                    52:2d:0d:ed:dc:82:f0:90:37:f9:fd:04:d8:83:bb:
                    bd:a0:46:1f:61:73:ca:85:25:93:ac:1f:f9:34:0f:
                    6b:2d:f8:c9:f4:8e:d5:d6:43:63:27:bd:3d:c1:ea:
                    dc:34:6a:17:31:3c:22:cc:78:54:15:b0:7e:48:33:
                    19:ee:4c:c7:6d:ea:07:76:03:cc:78:d3:c7:32:46:
                    1e:ab:5d:99:22:ba:4c:87:18:ad:50:64:21:c3:02:
                    c5:7e:f3:c9:46:32:e2:ad:06:5c:78:7c:6b:df:91:
                    a4:68:4c:8a:26:57:76:a8:74:3c:25:4f:6f:4f:be:
                    a6:ac:bb:c8:a8:53:c4:f1:34:78:84:35:03:e1:2f:
                    58:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:43:B3:AC:A7:24:66:23:FD:32:91:F1:A9:94:E9:37:6B:1A:94:A4
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/skOzrKckZiP9MpHxqZTpN2salKQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.61.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:6a:1c:7b:7a:df:19:fe:d8:b5:5d:87:54:a6:43:df:ab:4b:
         dc:0a:ff:df:6b:6e:96:a5:b7:1d:2c:ec:ab:09:b1:03:be:df:
         09:d8:7d:34:b4:33:c7:0e:40:bb:4c:5e:a5:cb:64:df:28:90:
         ca:11:43:d5:17:43:81:c9:2c:b1:9e:03:24:37:01:68:17:15:
         d3:d6:48:7a:08:6a:e8:41:20:a4:3a:73:11:ae:0e:3a:f2:93:
         fb:7b:35:b5:00:2c:bc:78:90:21:10:ee:50:25:b2:42:92:29:
         fb:1a:1d:7c:f7:a3:1b:85:7e:c3:dd:7b:bc:f0:13:92:dd:b7:
         d1:c0:c3:cd:af:a8:03:ac:99:82:46:a0:0e:97:5f:3f:9f:96:
         39:80:df:db:c2:05:ae:eb:75:56:93:ac:74:e1:e0:bc:ef:f6:
         ad:1e:79:44:70:9c:25:71:7a:ce:52:5c:ef:e6:be:6f:5f:4e:
         8e:a3:f9:d1:3e:e8:fb:7f:d8:66:b3:8a:9c:ca:99:8b:f0:15:
         da:67:4a:5e:f3:af:12:21:85:8c:b3:c9:3b:fe:8d:80:bd:a2:
         fd:8e:96:e3:41:6c:d2:06:3c:fc:af:5a:60:1f:ed:e7:90:3c:
         cb:54:b7:9a:f2:eb:d8:3e:5a:f8:02:cf:2d:c6:e8:d2:f5:e4:
         79:8a:ad:3f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC/kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUwNDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEIyNDNCM0FDQTcyNDY2
MjNGRDMyOTFGMUE5OTRFOTM3NkIxQTk0QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/gEyFf/Izvf2P0XZNcibTNFRlxD+bosLf0SPTPJxaeraCSJer
dpV46pin6oGptsfayTPTx7ods0kwr2wjbfmoX8iqMTNadiQBzlitH03YjH2Lgggj
RSOk0E7bzGGiQ6Q7Q5V/j0Ah3YhMtjmLX3OZtKcaVHetNlItDe3cgvCQN/n9BNiD
u72gRh9hc8qFJZOsH/k0D2st+Mn0jtXWQ2MnvT3B6tw0ahcxPCLMeFQVsH5IMxnu
TMdt6gd2A8x408cyRh6rXZkiukyHGK1QZCHDAsV+88lGMuKtBlx4fGvfkaRoTIom
V3aodDwlT29Pvqasu8ioU8TxNHiENQPhL1jtAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUskOzrKckZiP9MpHxqZTpN2salKQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9za096cktja1ppUDlNcEh4cVpU
cE4yc2FsS1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0j3J
MA0GCSqGSIb3DQEBCwUAA4IBAQBxahx7et8Z/ti1XYdUpkPfq0vcCv/fa26Wpbcd
LOyrCbEDvt8J2H00tDPHDkC7TF6ly2TfKJDKEUPVF0OBySyxngMkNwFoFxXT1kh6
CGroQSCkOnMRrg468pP7ezW1ACy8eJAhEO5QJbJCkin7Gh1896MbhX7D3Xu88BOS
3bfRwMPNr6gDrJmCRqAOl18/n5Y5gN/bwgWu63VWk6x04eC87/atHnlEcJwlcXrO
Ulzv5r5vX06Oo/nRPuj7f9hms4qcypmL8BXaZ0pe868SIYWMs8k7/o2AvaL9jpbj
QWzSBjz8r1pgH+3nkDzLVLea8uvYPlr4As8txujS9eR5iq0/
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org