Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/1VfSEziJYcimH2WgQcgCK7fiG9o.roa
File:                     1VfSEziJYcimH2WgQcgCK7fiG9o.roa (raw, json)
Hash identifier:          3/gE5xfknjZstg4Bb1Ligp9RsA4KWJzS7s1SiQALlX8=
Subject key identifier:   D5:57:D2:13:38:89:61:C8:A6:1F:65:A0:41:C8:02:2B:B7:E2:1B:DA
Certificate issuer:       /CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2
Certificate serial:       5714
Authority key identifier: B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/1VfSEziJYcimH2WgQcgCK7fiG9o.roa
Signing time:             Thu 15 Sep 2022 02:47:41 +0000
ROA not before:           Thu 15 Sep 2022 02:47:41 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38851
IP address blocks:        43.227.24.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22292 (0x5714)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2
        Validity
            Not Before: Sep 15 02:47:41 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=D557D213388961C8A61F65A041C8022BB7E21BDA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6c:37:f4:50:23:4d:1c:43:51:30:83:1d:29:
                    93:33:8d:8d:6f:21:79:c3:47:a2:b9:40:19:b1:ea:
                    f3:51:f8:6d:d7:56:89:6a:83:3a:52:b0:e0:6a:57:
                    38:88:7a:6e:37:34:9a:fb:70:57:0c:e4:be:b3:19:
                    a7:c5:e5:36:c5:af:02:c7:62:c1:1a:db:b1:6b:b9:
                    c6:d1:38:ed:dc:b4:66:0d:2b:05:07:0b:e6:c4:6e:
                    df:f2:53:2c:a4:38:70:77:c5:5a:37:a6:0c:01:72:
                    31:c1:c4:fc:9e:c1:60:cd:87:88:e8:42:9d:0c:a9:
                    41:f8:12:2d:74:c5:74:d2:ca:d1:c1:fc:bc:da:ee:
                    36:8b:83:73:0c:a5:db:a3:68:d3:2d:d9:5d:65:7b:
                    71:56:8a:2c:c3:f1:9b:93:2a:23:bf:64:4d:6a:8a:
                    8f:66:5b:98:1b:89:f7:1c:54:00:bc:99:09:39:f4:
                    3a:1d:b3:45:3e:32:97:eb:8f:24:e5:65:be:54:c1:
                    f7:a6:8e:0c:f8:aa:c4:24:f4:34:ff:a2:0e:bd:5b:
                    0d:65:26:06:36:80:b9:b3:b2:09:a3:4a:13:89:00:
                    26:c4:14:e7:a6:e8:a9:e5:4c:8f:dc:c0:01:b8:0a:
                    93:6d:71:22:f0:4d:c0:a0:28:0b:78:90:e9:5a:19:
                    fe:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:57:D2:13:38:89:61:C8:A6:1F:65:A0:41:C8:02:2B:B7:E2:1B:DA
            X509v3 Authority Key Identifier:
                keyid:B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/1VfSEziJYcimH2WgQcgCK7fiG9o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.227.24.0/23

    Signature Algorithm: sha256WithRSAEncryption
         30:ec:fb:e1:0e:0f:18:37:3d:94:c8:d4:34:9a:64:a7:4d:63:
         51:d6:de:d5:55:5a:36:38:0b:85:26:0f:1d:6a:0f:e6:e2:42:
         4e:d9:e6:31:70:d3:28:d4:4b:26:1f:b2:a7:6c:7c:69:c4:45:
         68:68:40:53:b2:a8:b2:43:47:bb:37:76:4d:f3:49:12:83:6e:
         0c:bf:56:60:18:5c:d8:59:bf:99:ee:d8:e9:17:a8:e4:18:3b:
         f8:64:77:55:48:94:31:7a:10:dc:e9:9c:b5:c7:8d:55:80:48:
         03:53:70:a9:18:d3:03:03:98:9f:70:eb:f1:a7:e1:d8:40:ee:
         72:58:f3:ec:02:46:6c:1b:76:ee:c9:80:f6:64:dd:83:f7:f3:
         12:89:15:38:1a:b6:d9:ef:ed:28:e8:79:7b:96:a5:f6:60:ed:
         55:7d:1a:7e:b4:f3:4c:f4:e7:c6:40:9f:b1:3f:1c:7c:07:ac:
         1b:45:a9:7d:42:bc:3c:bd:9c:40:7b:82:a2:c6:56:62:99:a6:
         2e:cc:39:6e:6d:8e:de:8d:ff:18:c3:80:a7:43:6e:41:33:02:
         bb:44:25:b5:56:a2:ca:6a:01:9d:69:b0:31:fe:fe:2c:3e:a9:
         e1:46:7d:10:63:7a:66:23:cc:85:af:f7:c9:5c:65:e2:f4:56:
         98:90:9e:5a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjQz
MjBGRDc4REZCNkE0RDFDOTIzMjJGNzk0OTY2Qjg1MjVERkREMjAeFw0yMjA5MTUw
MjQ3NDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ1NTdEMjEzMzg4OTYx
QzhBNjFGNjVBMDQxQzgwMjJCQjdFMjFCREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFbDf0UCNNHENRMIMdKZMzjY1vIXnDR6K5QBmx6vNR+G3XVolq
gzpSsOBqVziIem43NJr7cFcM5L6zGafF5TbFrwLHYsEa27FrucbROO3ctGYNKwUH
C+bEbt/yUyykOHB3xVo3pgwBcjHBxPyewWDNh4joQp0MqUH4Ei10xXTSytHB/Lza
7jaLg3MMpdujaNMt2V1le3FWiizD8ZuTKiO/ZE1qio9mW5gbifccVAC8mQk59Dod
s0U+MpfrjyTlZb5Uwfemjgz4qsQk9DT/og69Ww1lJgY2gLmzsgmjShOJACbEFOem
6KnlTI/cwAG4CpNtcSLwTcCgKAt4kOlaGf43AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1VfSEziJYcimH2WgQcgCK7fiG9owHwYDVR0jBBgwFoAUtDIP1437ak0ckjIv
eUlmuFJd/dIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlRDQ0FU
Vi90RElQMTQzN2FrMGNrakl2ZVVsbXVGSmRfZEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3RESVAxNDM3YWswY2tqSXZlVWxtdUZKZF9kSS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05UQ0NBVFYvMVZmU0V6aUpZY2ltSDJX
Z1FjZ0NLN2ZpRzlvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ASvjGDANBgkqhkiG9w0BAQsFAAOCAQEAMOz74Q4PGDc9lMjUNJpkp01jUdbe1VVa
NjgLhSYPHWoP5uJCTtnmMXDTKNRLJh+yp2x8acRFaGhAU7KoskNHuzd2TfNJEoNu
DL9WYBhc2Fm/me7Y6Reo5Bg7+GR3VUiUMXoQ3OmctceNVYBIA1NwqRjTAwOYn3Dr
8afh2EDucljz7AJGbBt27smA9mTdg/fzEokVOBq22e/tKOh5e5al9mDtVX0afrTz
TPTnxkCfsT8cfAesG0WpfUK8PL2cQHuCosZWYpmmLsw5bm2O3o3/GMOAp0NuQTMC
u0QltVaiymoBnWmwMf7+LD6p4UZ9EGN6ZiPMha/3yVxl4vRWmJCeWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org