Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/zfQuMm5ZZ1NmPcdRa4DNxjV4ndY.roa
File:                     zfQuMm5ZZ1NmPcdRa4DNxjV4ndY.roa (raw, json)
Hash identifier:          9EebeMwWW6ZJCY+az+Smlj5x5ahhIFEHIjymaqSB1aw=
Subject key identifier:   CD:F4:2E:32:6E:59:67:53:66:3D:C7:51:6B:80:CD:C6:35:78:9D:D6
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0A84
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/zfQuMm5ZZ1NmPcdRa4DNxjV4ndY.roa
Signing time:             Sun 07 Feb 2021 11:38:05 +0000
ROA not before:           Sun 07 Feb 2021 11:38:05 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     3462
IP address blocks:        125.232.0.0/15 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2692 (0xa84)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Feb  7 11:38:05 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=CDF42E326E596753663DC7516B80CDC635789DD6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6a:bc:35:b7:92:60:48:fc:3b:a2:0b:33:64:
                    c1:fd:76:f6:a9:43:8b:72:ed:9e:98:25:33:3e:2b:
                    2e:f4:5d:9d:3e:65:28:4c:b3:c7:99:ed:86:96:80:
                    3e:2a:d7:4b:96:3a:e4:08:4d:8d:78:45:ca:3c:73:
                    dd:c8:4e:f9:6f:b5:89:e4:e4:91:9f:b9:5d:b4:35:
                    f2:b8:bd:89:c5:87:b3:c4:ef:a7:0b:e4:14:53:4f:
                    5f:bf:94:3b:e0:3a:5c:5d:1d:1c:90:e0:1c:52:c3:
                    f9:95:b9:0b:49:30:bc:55:70:45:ed:53:f8:c2:db:
                    e7:5e:21:79:27:00:57:fb:6f:55:48:a8:49:c6:93:
                    35:7f:6a:ad:53:75:ab:a2:91:fb:ac:99:ca:69:6e:
                    75:b1:96:b8:9d:0c:fa:40:ba:b9:8d:5e:e7:9e:92:
                    6e:ce:52:9d:ec:ac:28:68:53:57:ab:7d:bd:1e:3e:
                    17:4c:cc:30:ee:cc:37:74:87:16:05:a2:d2:6b:49:
                    59:b8:16:09:ee:14:09:2d:6e:e7:84:6d:c1:17:d5:
                    fc:21:b7:66:cd:66:02:38:bf:17:a6:c9:17:49:60:
                    a7:dd:01:95:d9:d9:83:e5:4d:2d:d2:3b:eb:02:56:
                    50:d3:62:89:d2:f3:a0:fd:13:1f:13:ac:9c:d2:de:
                    79:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:F4:2E:32:6E:59:67:53:66:3D:C7:51:6B:80:CD:C6:35:78:9D:D6
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/zfQuMm5ZZ1NmPcdRa4DNxjV4ndY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.232.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         a3:a3:12:4b:ad:91:d9:35:96:e9:40:e9:3a:83:47:f7:4d:fa:
         9a:da:1e:f7:14:41:3d:83:8d:95:27:0b:3f:ae:8e:bd:37:80:
         cf:e2:ac:25:eb:c4:dd:97:18:5d:e4:75:32:25:d8:80:cf:45:
         d4:01:4e:ef:01:29:44:65:3b:0d:1c:54:e5:47:a0:e3:e3:8b:
         eb:48:c6:c9:97:ed:6a:02:b4:31:73:c4:02:ef:82:bc:7e:34:
         bf:96:1f:28:2b:4c:96:35:0d:89:ae:34:2c:18:1a:0f:a2:aa:
         d3:f5:ea:99:9d:e7:80:ed:ec:d8:d8:27:d2:48:77:78:4d:76:
         32:c4:aa:84:a8:7f:bd:e8:36:61:ec:b3:13:39:6a:80:0c:96:
         9e:46:31:76:58:b3:6e:38:89:0e:c3:75:39:97:ac:3b:63:ad:
         ac:a6:07:a7:f6:52:ba:62:c1:29:76:89:34:e9:d2:50:81:df:
         f2:0b:2a:83:ec:97:78:ee:f9:9d:ee:e8:45:92:90:c4:f9:89:
         71:ef:54:a7:81:c1:7c:65:cc:96:fc:f5:8b:cc:e3:23:eb:56:
         1d:ea:a0:a9:ba:8e:98:5b:fd:ce:cc:6a:4d:4e:9b:69:4f:4e:
         55:aa:a5:75:87:a0:73:41:3d:02:ac:86:33:4a:19:a3:26:87:
         21:b4:b4:b0
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM4MDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENERjQyRTMyNkU1OTY3
NTM2NjNEQzc1MTZCODBDREM2MzU3ODlERDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/arw1t5JgSPw7ogszZMH9dvapQ4ty7Z6YJTM+Ky70XZ0+ZShM
s8eZ7YaWgD4q10uWOuQITY14Rco8c93ITvlvtYnk5JGfuV20NfK4vYnFh7PE76cL
5BRTT1+/lDvgOlxdHRyQ4BxSw/mVuQtJMLxVcEXtU/jC2+deIXknAFf7b1VIqEnG
kzV/aq1TdauikfusmcppbnWxlridDPpAurmNXueekm7OUp3srChoU1erfb0ePhdM
zDDuzDd0hxYFotJrSVm4FgnuFAktbueEbcEX1fwht2bNZgI4vxemyRdJYKfdAZXZ
2YPlTS3SO+sCVlDTYonS86D9Ex8TrJzS3nnXAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUzfQuMm5ZZ1NmPcdRa4DNxjV4ndYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC96ZlF1TW01WloxTm1QY2RSYTRE
TnhqVjRuZFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBfegw
DQYJKoZIhvcNAQELBQADggEBAKOjEkutkdk1lulA6TqDR/dN+praHvcUQT2DjZUn
Cz+ujr03gM/irCXrxN2XGF3kdTIl2IDPRdQBTu8BKURlOw0cVOVHoOPji+tIxsmX
7WoCtDFzxALvgrx+NL+WHygrTJY1DYmuNCwYGg+iqtP16pmd54Dt7NjYJ9JId3hN
djLEqoSof73oNmHssxM5aoAMlp5GMXZYs244iQ7DdTmXrDtjraymB6f2UrpiwSl2
iTTp0lCB3/ILKoPsl3ju+Z3u6EWSkMT5iXHvVKeBwXxlzJb89YvM4yPrVh3qoKm6
jphb/c7Mak1Om2lPTlWqpXWHoHNBPQKshjNKGaMmhyG0tLA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org