Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/u4VlEx24wjAPOL-A6wqfXYxS7EQ.roa
File:                     u4VlEx24wjAPOL-A6wqfXYxS7EQ.roa (raw, json)
Hash identifier:          40aB0rSglo/6mEKxG1//mzeNUGDiBf7T1Q/xd0ZFZ70=
Subject key identifier:   BB:85:65:13:1D:B8:C2:30:0F:38:BF:80:EB:0A:9F:5D:8C:52:EC:44
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0872
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/u4VlEx24wjAPOL-A6wqfXYxS7EQ.roa
Signing time:             Tue 29 Sep 2020 09:58:44 +0000
ROA not before:           Tue 29 Sep 2020 09:58:44 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     3462
IP address blocks:        2001:b000::/23 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2162 (0x872)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 09:58:44 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=BB8565131DB8C2300F38BF80EB0A9F5D8C52EC44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:dd:f0:ac:ef:f5:de:f3:5a:44:1c:26:c5:02:
                    76:44:b9:51:2c:83:62:cd:fd:a2:34:9e:4f:3c:39:
                    cd:bd:84:e4:64:21:43:7d:cf:64:8b:b6:9d:7c:d6:
                    a3:dc:fb:4e:34:74:2b:d1:8a:d7:29:fa:38:33:d2:
                    b0:ca:d8:77:02:ee:af:54:eb:94:38:28:d6:92:54:
                    96:b8:9a:8a:92:61:0d:93:f3:dc:2b:56:82:d1:6a:
                    86:2e:fa:7b:4d:e1:94:b0:0a:c7:1f:53:15:c3:62:
                    1c:87:04:b0:5e:a5:30:2e:9e:eb:64:19:ef:c3:10:
                    df:81:8b:fd:a5:ec:98:b4:d2:e7:97:c7:6f:a4:d4:
                    be:fb:99:32:7a:ec:26:87:c8:b5:db:4c:75:1d:c2:
                    8d:54:de:2e:e2:5d:da:6c:62:48:a7:59:2a:99:90:
                    71:9d:49:04:00:44:a9:ab:ff:e7:03:19:57:a6:a7:
                    7d:fb:c2:cb:77:15:38:a7:40:c8:2d:9b:19:61:e4:
                    b3:0e:9d:85:6e:c9:85:09:17:f6:09:e0:1d:1b:ec:
                    c7:e9:66:16:1b:ac:49:40:70:b5:89:5d:f6:c1:b0:
                    2e:ae:37:d8:8b:14:a1:90:90:60:78:37:20:77:12:
                    43:13:1e:97:70:3e:07:7a:98:84:65:d5:3d:6c:14:
                    f7:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:85:65:13:1D:B8:C2:30:0F:38:BF:80:EB:0A:9F:5D:8C:52:EC:44
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/u4VlEx24wjAPOL-A6wqfXYxS7EQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:b000::/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:f3:b9:ee:29:8f:c4:b8:23:8e:01:df:d1:62:ca:1c:68:93:
         c8:fb:30:e4:88:ea:71:7f:3f:8d:8a:cf:55:6c:56:de:f9:3b:
         f2:00:2f:08:04:36:96:7e:76:32:ff:df:20:de:ee:87:f0:92:
         bf:88:3e:f4:b7:66:69:6e:03:6d:f6:e2:30:28:55:6b:cd:93:
         c4:e9:cf:68:1a:30:75:34:27:3a:c5:2f:44:94:7c:78:e0:32:
         51:71:4b:52:3c:9a:5b:98:8d:00:e2:87:0f:5c:2e:6e:cd:6b:
         ed:6c:b2:89:a7:ab:d5:ec:1e:27:29:95:88:c1:34:df:4f:bc:
         0f:d0:e9:d9:c3:ba:7e:c8:3c:3b:8a:70:dd:02:ff:30:7f:03:
         e8:7e:1c:a5:a6:cf:23:ed:09:fb:f1:29:f0:7c:8a:b6:03:be:
         ba:c6:8f:d2:97:cd:d8:32:8e:61:96:ff:56:6b:63:dc:3e:49:
         8d:d0:ef:23:4e:82:07:43:5b:93:9c:4c:c9:5d:4d:6c:5e:a0:
         bf:c3:45:df:66:74:51:52:92:a0:ba:e6:46:1b:36:5b:2f:5c:
         49:d6:5c:f7:d9:4f:72:bd:2f:2f:34:c2:de:38:8c:4c:fe:ee:
         39:9d:ae:97:3e:18:64:a9:53:b0:70:47:8e:47:58:fb:5f:f8:
         f0:37:c7:ce
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4NDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJCODU2NTEzMURCOEMy
MzAwRjM4QkY4MEVCMEE5RjVEOEM1MkVDNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC63fCs7/Xe81pEHCbFAnZEuVEsg2LN/aI0nk88Oc29hORkIUN9
z2SLtp181qPc+040dCvRitcp+jgz0rDK2HcC7q9U65Q4KNaSVJa4moqSYQ2T89wr
VoLRaoYu+ntN4ZSwCscfUxXDYhyHBLBepTAunutkGe/DEN+Bi/2l7Ji00ueXx2+k
1L77mTJ67CaHyLXbTHUdwo1U3i7iXdpsYkinWSqZkHGdSQQARKmr/+cDGVemp337
wst3FTinQMgtmxlh5LMOnYVuyYUJF/YJ4B0b7MfpZhYbrElAcLWJXfbBsC6uN9iL
FKGQkGB4NyB3EkMTHpdwPgd6mIRl1T1sFPdnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUu4VlEx24wjAPOL+A6wqfXYxS7EQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC91NFZsRXgyNHdqQVBPTC1BNndx
ZlhZeFM3RVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQBIAGw
MA0GCSqGSIb3DQEBCwUAA4IBAQCp87nuKY/EuCOOAd/RYsocaJPI+zDkiOpxfz+N
is9VbFbe+TvyAC8IBDaWfnYy/98g3u6H8JK/iD70t2ZpbgNt9uIwKFVrzZPE6c9o
GjB1NCc6xS9ElHx44DJRcUtSPJpbmI0A4ocPXC5uzWvtbLKJp6vV7B4nKZWIwTTf
T7wP0OnZw7p+yDw7inDdAv8wfwPofhylps8j7Qn78SnwfIq2A766xo/Sl83YMo5h
lv9Wa2PcPkmN0O8jToIHQ1uTnEzJXU1sXqC/w0XfZnRRUpKguuZGGzZbL1xJ1lz3
2U9yvS8vNMLeOIxM/u45na6XPhhkqVOwcEeOR1j7X/jwN8fO
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org