Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/xFsk1SQetwSxtcOokDpWYDO4BrY.roa
File:                     xFsk1SQetwSxtcOokDpWYDO4BrY.roa (raw, json)
Hash identifier:          XqWIbAzoEadoeGubQwu2r0NHTqtefOjOII6c1U/G8H8=
Subject key identifier:   C4:5B:24:D5:24:1E:B7:04:B1:B5:C3:A8:90:3A:56:60:33:B8:06:B6
Certificate issuer:       /CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2
Certificate serial:       5644
Authority key identifier: B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/xFsk1SQetwSxtcOokDpWYDO4BrY.roa
Signing time:             Tue 09 Nov 2021 09:18:34 +0000
ROA not before:           Tue 09 Nov 2021 09:18:34 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38851
IP address blocks:        43.227.26.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22084 (0x5644)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2
        Validity
            Not Before: Nov  9 09:18:34 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=C45B24D5241EB704B1B5C3A8903A566033B806B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:6e:90:70:1e:93:b6:c8:a9:6b:2b:db:7d:5e:
                    cb:1f:54:2f:d7:ae:8e:e1:1b:5d:d1:fc:17:c6:2e:
                    95:1b:38:1e:e8:f0:ff:0c:0a:30:b2:75:8d:73:88:
                    79:b5:f3:2c:cd:2b:b7:1d:52:f4:4d:1d:49:e1:7b:
                    fb:09:4c:11:da:ac:a6:03:cf:41:0e:f6:42:ad:55:
                    d1:b5:b3:b6:23:ee:15:ee:c0:d4:e7:65:93:58:15:
                    33:28:26:1e:cc:e6:f7:f9:3c:76:45:1e:53:4d:cd:
                    3e:c1:63:3d:8a:10:80:32:fa:bc:01:f0:4b:a5:33:
                    af:11:62:40:f5:29:90:9c:ea:1d:4b:d6:78:01:5e:
                    a0:c6:97:a5:f4:a3:38:d8:21:4c:24:45:21:f7:c0:
                    4c:12:7c:c2:e5:71:80:2c:c6:82:c3:69:c7:80:1d:
                    84:c3:88:72:42:c0:d3:8c:cf:b6:2b:d5:54:c2:a0:
                    be:69:89:2e:e2:fe:75:02:ce:f8:99:94:91:1b:b6:
                    44:fe:b0:09:3d:5e:b9:f4:af:d2:a2:6b:41:2e:bd:
                    88:b7:dc:bf:8b:80:c5:62:c8:1a:ec:15:90:4d:62:
                    54:ae:66:a4:d6:f8:ff:3d:9e:43:e7:8f:68:58:fe:
                    f2:66:c7:11:5c:00:1c:87:28:05:54:74:c2:d8:dd:
                    5a:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:5B:24:D5:24:1E:B7:04:B1:B5:C3:A8:90:3A:56:60:33:B8:06:B6
            X509v3 Authority Key Identifier:
                keyid:B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/xFsk1SQetwSxtcOokDpWYDO4BrY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.227.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         02:ba:a0:19:a4:af:d5:b5:4c:b7:80:d1:48:88:b0:2f:15:6f:
         4c:28:7c:7e:90:a8:ab:cd:ae:8c:96:f4:24:71:a6:30:a7:bd:
         36:58:ae:04:a2:03:84:77:33:5f:8e:46:3a:39:13:ef:79:8c:
         2b:7d:cb:8f:a2:e1:0c:ef:60:c7:a7:bf:77:be:79:e5:d7:10:
         92:3c:a1:c2:8a:bc:4b:47:4a:93:f3:c2:1d:e4:74:53:e4:82:
         2b:dd:a7:f3:35:b6:66:c9:29:6f:c3:e4:ff:4a:2b:88:3b:db:
         4a:48:93:a8:16:7e:59:c3:55:d1:5d:26:b2:1d:ba:3f:ca:e0:
         98:3e:3a:ab:79:6d:89:ce:99:ca:0c:c9:6c:91:10:39:dd:5e:
         43:8a:ac:51:03:d2:ec:f6:62:db:66:f9:87:4b:67:5a:65:c2:
         eb:6c:c0:75:7e:d6:51:dd:25:03:2a:03:0a:1b:19:8b:d6:5f:
         6b:8e:2b:0d:58:22:27:23:d9:b3:a9:7e:e2:c8:51:26:05:6d:
         5c:f1:b7:51:e4:c2:36:b4:55:ad:76:59:e8:fe:b4:f8:15:bf:
         9d:b5:09:40:fd:c1:1f:f7:46:28:ab:a9:31:31:d8:08:8b:d5:
         cd:c7:65:66:4d:fe:d9:93:07:56:e5:f3:65:65:dc:70:3e:ea:
         5f:86:4f:0d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICVkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjQz
MjBGRDc4REZCNkE0RDFDOTIzMjJGNzk0OTY2Qjg1MjVERkREMjAeFw0yMTExMDkw
OTE4MzRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEM0NUIyNEQ1MjQxRUI3
MDRCMUI1QzNBODkwM0E1NjYwMzNCODA2QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpbpBwHpO2yKlrK9t9XssfVC/Xro7hG13R/BfGLpUbOB7o8P8M
CjCydY1ziHm18yzNK7cdUvRNHUnhe/sJTBHarKYDz0EO9kKtVdG1s7Yj7hXuwNTn
ZZNYFTMoJh7M5vf5PHZFHlNNzT7BYz2KEIAy+rwB8EulM68RYkD1KZCc6h1L1ngB
XqDGl6X0ozjYIUwkRSH3wEwSfMLlcYAsxoLDaceAHYTDiHJCwNOMz7Yr1VTCoL5p
iS7i/nUCzviZlJEbtkT+sAk9Xrn0r9Kia0EuvYi33L+LgMViyBrsFZBNYlSuZqTW
+P89nkPnj2hY/vJmxxFcAByHKAVUdMLY3VovAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxFsk1SQetwSxtcOokDpWYDO4BrYwHwYDVR0jBBgwFoAUtDIP1437ak0ckjIv
eUlmuFJd/dIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlRDQ0FU
Vi90RElQMTQzN2FrMGNrakl2ZVVsbXVGSmRfZEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3RESVAxNDM3YWswY2tqSXZlVWxtdUZKZF9kSS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05UQ0NBVFYveEZzazFTUWV0d1N4dGNP
b2tEcFdZRE80QnJZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ASvjGjANBgkqhkiG9w0BAQsFAAOCAQEAArqgGaSv1bVMt4DRSIiwLxVvTCh8fpCo
q82ujJb0JHGmMKe9NliuBKIDhHczX45GOjkT73mMK33Lj6LhDO9gx6e/d7555dcQ
kjyhwoq8S0dKk/PCHeR0U+SCK92n8zW2Zskpb8Pk/0oriDvbSkiTqBZ+WcNV0V0m
sh26P8rgmD46q3ltic6ZygzJbJEQOd1eQ4qsUQPS7PZi22b5h0tnWmXC62zAdX7W
Ud0lAyoDChsZi9Zfa44rDVgiJyPZs6l+4shRJgVtXPG3UeTCNrRVrXZZ6P60+BW/
nbUJQP3BH/dGKKupMTHYCIvVzcdlZk3+2ZMHVuXzZWXccD7qX4ZPDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org