Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/vtP1VTe7SEwYhKceofJn5bXOEiE.roa
File:                     vtP1VTe7SEwYhKceofJn5bXOEiE.roa (raw, json)
Hash identifier:          Lefjm+TYiw25XDORUvRhYRoIEYgT77LhyEPvSBCzakY=
Subject key identifier:   BE:D3:F5:55:37:BB:48:4C:18:84:A7:1E:A1:F2:67:E5:B5:CE:12:21
Certificate issuer:       /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial:       0AB1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/vtP1VTe7SEwYhKceofJn5bXOEiE.roa
Signing time:             Thu 15 Sep 2022 02:41:49 +0000
ROA not before:           Thu 15 Sep 2022 02:41:49 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     4780
IP address blocks:        150.129.228.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2737 (0xab1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
        Validity
            Not Before: Sep 15 02:41:49 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=BED3F55537BB484C1884A71EA1F267E5B5CE1221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:36:db:8a:69:ac:ff:9b:4b:f3:8b:b0:b8:9a:
                    f5:d8:11:f3:2b:aa:6b:f7:7a:7e:47:7b:1c:00:cb:
                    7f:06:85:42:fb:a0:36:c2:e1:4c:4a:81:80:39:1a:
                    b8:0a:68:da:52:61:fe:bc:41:ed:0b:7a:d6:94:62:
                    ed:b7:b2:3b:fc:18:bc:e1:0e:ce:4f:bb:13:0a:83:
                    e9:53:e9:89:a5:18:55:4b:ad:d4:5a:dc:82:a1:f7:
                    27:31:47:ed:47:66:d1:70:42:ec:f1:c7:76:36:9e:
                    ec:38:6e:be:72:8e:af:9c:fa:4f:6b:3e:08:b4:e5:
                    20:83:b3:0b:1d:84:5f:2d:20:18:24:da:fd:23:d0:
                    6d:9e:11:9f:90:08:b2:7d:6e:ba:f4:87:0d:c6:31:
                    ba:f2:2a:02:d0:2a:05:b9:9e:86:3a:75:56:60:85:
                    ca:a4:56:af:de:75:2b:75:17:f9:fe:3d:3d:81:ef:
                    51:fa:36:61:e5:29:97:57:94:6d:0d:a9:6f:5b:7f:
                    30:5d:43:a5:5f:70:09:e9:47:72:aa:b7:7a:8f:c0:
                    45:61:5f:47:4b:24:1c:a8:f9:47:c2:36:5a:f0:d1:
                    a9:76:50:d2:36:7b:71:36:2d:90:3b:a9:9e:ef:65:
                    db:bc:d3:9d:7e:6e:70:e7:06:4b:87:ed:4f:7d:75:
                    05:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:D3:F5:55:37:BB:48:4C:18:84:A7:1E:A1:F2:67:E5:B5:CE:12:21
            X509v3 Authority Key Identifier:
                keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/vtP1VTe7SEwYhKceofJn5bXOEiE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.129.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b2:37:4d:4e:f0:3f:d2:ad:49:c6:ed:a7:02:a6:87:f6:97:09:
         45:bf:34:9e:99:41:f3:47:c0:15:c4:5f:b5:79:3f:8d:28:55:
         81:8d:c9:50:d6:23:ae:f7:1e:fe:59:03:65:91:00:2d:64:da:
         cd:da:6f:57:8b:8e:0f:d4:19:59:4f:af:fd:49:08:d4:d1:33:
         f9:98:34:2f:d1:e4:e5:50:31:0f:cd:d0:d3:be:60:7c:61:e2:
         34:ea:83:d4:33:97:c6:31:be:21:4b:33:7d:3c:f7:4b:86:a1:
         fc:f1:36:2a:c0:c6:11:ca:86:c4:15:19:4b:4d:56:d3:19:68:
         89:44:d3:ba:2d:22:8c:12:b2:31:a2:61:b7:3a:a8:f2:17:29:
         f8:cf:fb:93:ee:0c:69:86:32:5c:53:89:68:c9:65:a9:e1:a2:
         ea:27:d5:46:0e:c1:1a:19:eb:b6:90:16:1b:ed:1e:f4:82:79:
         b7:c7:23:da:1a:e8:6c:a7:f0:8b:fb:21:6c:da:af:70:a4:e2:
         7b:69:8f:fa:3b:16:50:5e:c5:ca:42:9a:67:a4:5d:1e:52:98:
         a8:fd:7a:94:f4:c8:97:0a:83:8f:26:ca:44:24:52:49:cf:80:
         69:6d:5f:71:02:a4:90:04:4d:df:b5:c2:0a:b0:a1:a1:65:c6:
         86:7e:32:bb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMjA5MTUw
MjQxNDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJFRDNGNTU1MzdCQjQ4
NEMxODg0QTcxRUExRjI2N0U1QjVDRTEyMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1NtuKaaz/m0vzi7C4mvXYEfMrqmv3en5HexwAy38GhUL7oDbC
4UxKgYA5GrgKaNpSYf68Qe0LetaUYu23sjv8GLzhDs5PuxMKg+lT6YmlGFVLrdRa
3IKh9ycxR+1HZtFwQuzxx3Y2nuw4br5yjq+c+k9rPgi05SCDswsdhF8tIBgk2v0j
0G2eEZ+QCLJ9brr0hw3GMbryKgLQKgW5noY6dVZghcqkVq/edSt1F/n+PT2B71H6
NmHlKZdXlG0NqW9bfzBdQ6VfcAnpR3Kqt3qPwEVhX0dLJByo+UfCNlrw0al2UNI2
e3E2LZA7qZ7vZdu8051+bnDnBkuH7U99dQVrAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUvtP1VTe7SEwYhKceofJn5bXOEiEwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS92dFAxVlRlN1NFd1loS2Nlb2ZK
bjViWE9FaUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloHk
MA0GCSqGSIb3DQEBCwUAA4IBAQCyN01O8D/SrUnG7acCpof2lwlFvzSemUHzR8AV
xF+1eT+NKFWBjclQ1iOu9x7+WQNlkQAtZNrN2m9Xi44P1BlZT6/9SQjU0TP5mDQv
0eTlUDEPzdDTvmB8YeI06oPUM5fGMb4hSzN9PPdLhqH88TYqwMYRyobEFRlLTVbT
GWiJRNO6LSKMErIxomG3OqjyFyn4z/uT7gxphjJcU4loyWWp4aLqJ9VGDsEaGeu2
kBYb7R70gnm3xyPaGuhsp/CL+yFs2q9wpOJ7aY/6OxZQXsXKQppnpF0eUpio/XqU
9MiXCoOPJspEJFJJz4BpbV9xAqSQBE3ftcIKsKGhZcaGfjK7
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org