Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/rswSuGLRYMSII0ox7nhqzYDwcXo.roa
File:                     rswSuGLRYMSII0ox7nhqzYDwcXo.roa (raw, json)
Hash identifier:          hxBrpO1wJjkuFkwVVDoEtPKFrDOYdE/fCl6b2GDhTjE=
Subject key identifier:   AE:CC:12:B8:62:D1:60:C4:88:23:4A:31:EE:78:6A:CD:80:F0:71:7A
Certificate issuer:       /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial:       08CC
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/rswSuGLRYMSII0ox7nhqzYDwcXo.roa
Signing time:             Sun 07 Feb 2021 11:55:24 +0000
ROA not before:           Sun 07 Feb 2021 11:55:24 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18182
IP address blocks:        219.85.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2252 (0x8cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
        Validity
            Not Before: Feb  7 11:55:24 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=AECC12B862D160C488234A31EE786ACD80F0717A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:45:49:91:14:b4:70:c5:ab:2b:5d:ed:0b:64:
                    82:b0:5a:99:11:9f:cb:63:eb:d8:0d:11:7d:3b:e6:
                    8a:72:fc:8a:3a:5f:2b:8b:9d:ec:e3:4c:c1:f1:15:
                    56:5f:21:b1:ec:e7:02:20:7f:39:4c:e4:11:f4:40:
                    8f:71:27:5b:88:66:9f:d2:cb:65:52:8d:6b:a2:8c:
                    d1:fc:fa:7c:4f:16:c7:b3:f0:c1:15:1b:85:88:6d:
                    03:28:29:e1:dd:6a:ad:2c:1c:31:2f:5e:d6:d0:d5:
                    ac:47:18:d7:03:cb:47:c1:58:46:e0:9d:09:d6:ca:
                    45:b9:6e:35:e0:cb:48:a7:fc:96:d1:f4:78:32:c2:
                    5b:5a:c3:27:82:8d:be:e0:96:09:f7:46:2f:72:ff:
                    d1:da:ff:e3:b7:49:69:82:07:36:41:eb:5d:71:7e:
                    2e:1b:f9:46:5d:a2:a0:d8:73:c9:50:41:cf:0f:f3:
                    77:37:18:ed:d5:1e:a6:01:cf:90:84:63:5c:fc:1a:
                    0c:2c:f4:11:cd:75:2b:88:f4:ff:ab:cc:6c:8b:c2:
                    98:2b:36:c2:f9:88:ae:96:fe:5f:c9:c5:9a:7a:75:
                    e6:ea:f8:39:0b:79:4a:02:7a:e2:50:72:4b:6a:e6:
                    ef:21:49:b0:62:31:f5:24:d7:e0:66:af:30:0d:48:
                    99:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:CC:12:B8:62:D1:60:C4:88:23:4A:31:EE:78:6A:CD:80:F0:71:7A
            X509v3 Authority Key Identifier:
                keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/rswSuGLRYMSII0ox7nhqzYDwcXo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.85.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4e:fb:c1:79:55:cc:44:f0:20:76:a3:82:e9:56:eb:e9:ab:bb:
         25:ab:bb:2f:7c:6a:62:0d:4f:c1:c4:61:3d:43:77:70:4f:80:
         3a:ca:cc:e8:ef:7b:19:64:95:5d:1f:d5:78:cb:30:89:66:b0:
         0d:2a:c9:84:83:93:3d:31:be:f5:7f:d7:96:c6:ee:11:3e:83:
         0d:08:8a:db:b5:fc:4c:ba:27:d9:3d:0b:ef:0c:4f:5c:3f:7c:
         1c:ba:ed:88:ae:4d:b1:55:93:5e:3f:4e:74:73:5e:77:0b:07:
         a0:cc:a6:b5:da:23:cb:4e:bf:b7:64:dc:5d:b5:42:19:10:60:
         e3:95:fb:a6:22:4d:4b:e6:2f:71:bc:68:44:89:4f:9e:c9:30:
         63:f1:78:21:69:06:d9:10:db:e0:4b:6b:9a:43:d3:c5:19:f0:
         9c:09:00:7e:f1:dd:ce:e7:f8:9c:34:a6:5e:a2:fb:38:5e:48:
         32:45:5e:68:35:a9:2d:e3:83:2e:16:c9:b3:5d:09:0b:77:22:
         5f:bc:61:b0:1f:cb:ff:4a:3f:d9:e8:af:81:6c:63:d2:bc:d2:
         59:76:69:fb:2b:04:d1:bf:a6:1e:85:a5:da:62:95:58:93:aa:
         8c:aa:af:a6:54:97:ef:1d:68:a8:01:34:dd:f6:dd:44:8d:83:
         e3:0f:50:fe
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yMTAyMDcx
MTU1MjRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFFQ0MxMkI4NjJEMTYw
QzQ4ODIzNEEzMUVFNzg2QUNEODBGMDcxN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvRUmRFLRwxasrXe0LZIKwWpkRn8tj69gNEX075opy/Io6XyuL
nezjTMHxFVZfIbHs5wIgfzlM5BH0QI9xJ1uIZp/Sy2VSjWuijNH8+nxPFsez8MEV
G4WIbQMoKeHdaq0sHDEvXtbQ1axHGNcDy0fBWEbgnQnWykW5bjXgy0in/JbR9Hgy
wltawyeCjb7glgn3Ri9y/9Ha/+O3SWmCBzZB611xfi4b+UZdoqDYc8lQQc8P83c3
GO3VHqYBz5CEY1z8Ggws9BHNdSuI9P+rzGyLwpgrNsL5iK6W/l/JxZp6debq+DkL
eUoCeuJQcktq5u8hSbBiMfUk1+BmrzANSJm9AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUrswSuGLRYMSII0ox7nhqzYDwcXowHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9yc3dTdUdMUllNU0lJMG94N25o
cXpZRHdjWG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA21Uw
DQYJKoZIhvcNAQELBQADggEBAE77wXlVzETwIHajgulW6+mruyWruy98amINT8HE
YT1Dd3BPgDrKzOjvexlklV0f1XjLMIlmsA0qyYSDkz0xvvV/15bG7hE+gw0Iitu1
/Ey6J9k9C+8MT1w/fBy67YiuTbFVk14/TnRzXncLB6DMprXaI8tOv7dk3F21QhkQ
YOOV+6YiTUvmL3G8aESJT57JMGPxeCFpBtkQ2+BLa5pD08UZ8JwJAH7x3c7n+Jw0
pl6i+zheSDJFXmg1qS3jgy4WybNdCQt3Il+8YbAfy/9KP9nor4FsY9K80ll2afsr
BNG/ph6FpdpilViTqoyqr6ZUl+8daKgBNN323USNg+MPUP4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org