Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/xjc8KTn0i2kClwJYfcT5nbVaIws.roa
File:                     xjc8KTn0i2kClwJYfcT5nbVaIws.roa (raw, json)
Hash identifier:          YisUAqc+iYXhOHkPF8kD9YMX9aF8oz8ux/jyf6v8wnI=
Subject key identifier:   C6:37:3C:29:39:F4:8B:69:02:97:02:58:7D:C4:F9:9D:B5:5A:23:0B
Certificate issuer:       /CN=01A53261B2001FA7EB57793E2E579B7322F8E76A
Certificate serial:       0AB8
Authority key identifier: 01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/xjc8KTn0i2kClwJYfcT5nbVaIws.roa
Signing time:             Thu 15 Sep 2022 02:39:34 +0000
ROA not before:           Thu 15 Sep 2022 02:39:34 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9676
IP address blocks:        118.99.128.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2744 (0xab8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01A53261B2001FA7EB57793E2E579B7322F8E76A
        Validity
            Not Before: Sep 15 02:39:34 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C6373C2939F48B69029702587DC4F99DB55A230B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:66:69:e3:0b:33:b7:c0:73:85:fa:b3:ee:5f:
                    0b:b2:6a:54:99:70:60:84:fd:47:c3:d0:dd:55:ce:
                    3b:e0:9c:c2:dd:a7:8b:35:9d:2e:c6:92:4c:3f:5f:
                    df:82:b3:f7:9e:7b:b1:69:6b:bc:38:10:50:57:82:
                    0c:7d:96:bd:aa:be:cb:76:5d:10:82:1a:2b:46:8a:
                    fd:08:93:79:1f:0f:df:88:4a:98:08:26:ad:8c:7c:
                    b4:46:3f:08:94:a3:91:f4:a7:9f:4f:28:b2:d1:64:
                    54:66:67:91:ca:c8:e9:de:e3:81:8d:67:85:bf:7b:
                    8e:0b:1c:75:ac:d4:a6:60:5b:51:6c:46:c0:05:1e:
                    86:55:5f:b8:60:df:af:b3:d0:33:7b:9f:2f:91:ec:
                    f8:1b:77:67:35:c8:75:bb:0c:4f:52:e1:0f:f1:39:
                    66:01:56:05:44:d9:a1:7e:8c:64:48:f0:6e:ba:c4:
                    f6:27:d8:a2:d6:b2:1b:ad:78:2e:31:c1:bc:91:8a:
                    e2:ea:48:8f:1c:5e:41:0c:e1:ef:f9:34:30:f7:21:
                    34:90:58:b0:d5:26:9e:ea:79:50:e1:61:d8:cb:2f:
                    fe:b3:da:bd:f5:e7:9f:7e:b8:aa:f6:07:e8:c4:76:
                    4c:ba:fd:7b:d1:2b:54:f4:ff:2f:9d:f8:99:da:d4:
                    e1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:37:3C:29:39:F4:8B:69:02:97:02:58:7D:C4:F9:9D:B5:5A:23:0B
            X509v3 Authority Key Identifier:
                keyid:01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/xjc8KTn0i2kClwJYfcT5nbVaIws.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.99.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         a0:da:c2:33:a5:b0:c1:8a:eb:dd:20:2f:0d:c0:27:3c:75:33:
         81:e1:b5:68:c3:87:a2:3e:c6:7a:da:97:25:d6:62:45:3e:1c:
         92:f7:3a:de:ad:68:ad:49:6c:7c:91:64:dc:28:1a:3b:e8:2a:
         3b:17:89:88:7a:f4:71:77:3b:35:3b:f9:fb:f8:82:0d:d1:c2:
         1e:7e:c2:2d:34:8f:85:0d:fc:69:d0:24:28:2e:ba:b2:d1:df:
         e4:36:a4:eb:3d:87:90:bd:e8:f9:77:7a:c0:cd:fc:31:2d:e1:
         ae:26:0a:21:c3:5e:c2:86:2d:5f:ef:b5:b8:0b:fc:ec:e2:ac:
         22:f8:d6:5e:49:c2:57:7b:23:82:86:a2:c1:62:8d:23:c1:54:
         09:63:bc:8e:76:8c:e6:b2:69:85:c7:62:7d:0b:5d:4d:d6:7c:
         79:56:0a:5c:cb:f8:7f:c5:62:50:6f:80:cc:70:75:c0:76:bd:
         05:5b:c6:81:36:47:89:7b:15:03:75:cc:84:ba:73:a3:ab:5d:
         22:f2:d1:01:0c:58:ef:2e:39:ba:58:f4:bf:5f:61:82:42:22:
         66:f8:b5:c8:26:0f:7b:67:2f:60:23:8b:88:04:78:0a:5e:9e:
         21:c7:38:06:6d:4a:3a:38:e9:fb:4a:b3:7c:fc:64:5d:23:f1:
         96:ee:6a:24
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCrgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDFB
NTMyNjFCMjAwMUZBN0VCNTc3OTNFMkU1NzlCNzMyMkY4RTc2QTAeFw0yMjA5MTUw
MjM5MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM2MzczQzI5MzlGNDhC
NjkwMjk3MDI1ODdEQzRGOTlEQjU1QTIzMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4ZmnjCzO3wHOF+rPuXwuyalSZcGCE/UfD0N1VzjvgnMLdp4s1
nS7Gkkw/X9+Cs/eee7Fpa7w4EFBXggx9lr2qvst2XRCCGitGiv0Ik3kfD9+ISpgI
Jq2MfLRGPwiUo5H0p59PKLLRZFRmZ5HKyOne44GNZ4W/e44LHHWs1KZgW1FsRsAF
HoZVX7hg36+z0DN7ny+R7Pgbd2c1yHW7DE9S4Q/xOWYBVgVE2aF+jGRI8G66xPYn
2KLWshuteC4xwbyRiuLqSI8cXkEM4e/5NDD3ITSQWLDVJp7qeVDhYdjLL/6z2r31
559+uKr2B+jEdky6/XvRK1T0/y+d+Jna1OFFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxjc8KTn0i2kClwJYfcT5nbVaIwswHwYDVR0jBBgwFoAUAaUyYbIAH6frV3k+
LlebcyL452owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FWRUNP
TS9BYVV5WWJJQUg2ZnJWM2stTGxlYmN5TDQ1Mm8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0FhVXlZYklBSDZmclYzay1MbGViY3lMNDUyby5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBVkVDT00veGpjOEtUbjBpMmtDbHdK
WWZjVDVuYlZhSXdzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
B3ZjgDANBgkqhkiG9w0BAQsFAAOCAQEAoNrCM6WwwYrr3SAvDcAnPHUzgeG1aMOH
oj7GetqXJdZiRT4ckvc63q1orUlsfJFk3CgaO+gqOxeJiHr0cXc7NTv5+/iCDdHC
Hn7CLTSPhQ38adAkKC66stHf5Dak6z2HkL3o+Xd6wM38MS3hriYKIcNewoYtX++1
uAv87OKsIvjWXknCV3sjgoaiwWKNI8FUCWO8jnaM5rJphcdifQtdTdZ8eVYKXMv4
f8ViUG+AzHB1wHa9BVvGgTZHiXsVA3XMhLpzo6tdIvLRAQxY7y45ulj0v19hgkIi
Zvi1yCYPe2cvYCOLiAR4Cl6eIcc4Bm1KOjjp+0qzfPxkXSPxlu5qJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org