Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SYSNET/Erz9D4CfYfieHGsZuJ_HYdiCrAk.roa
File:                     Erz9D4CfYfieHGsZuJ_HYdiCrAk.roa (raw, json)
Hash identifier:          +ho3qvfk9QPu/u5pr4sMk73UHI8wEQwAhlZ1VNTv+pk=
Subject key identifier:   12:BC:FD:0F:80:9F:61:F8:9E:1C:6B:19:B8:9F:C7:61:D8:82:AC:09
Certificate issuer:       /CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC
Certificate serial:       097F
Authority key identifier: 96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/Erz9D4CfYfieHGsZuJ_HYdiCrAk.roa
Signing time:             Wed 29 Sep 2021 02:36:39 +0000
ROA not before:           Wed 29 Sep 2021 02:36:39 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     4783
IP address blocks:        210.67.128.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2431 (0x97f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC
        Validity
            Not Before: Sep 29 02:36:39 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=12BCFD0F809F61F89E1C6B19B89FC761D882AC09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cc:c1:46:7e:3b:0c:ee:36:1c:b2:49:38:13:
                    c3:36:83:b3:b8:f8:c0:a6:c9:d7:f2:e1:30:fb:09:
                    b9:b3:7a:1d:a3:72:21:6a:fc:04:84:5b:e4:3e:b2:
                    4c:36:a9:08:ae:5d:ee:3f:f3:fa:51:04:fe:d5:cc:
                    de:f0:80:c1:eb:e5:0b:ba:ef:d9:da:5f:86:28:b8:
                    72:cd:49:a7:72:bc:b7:01:cc:f6:80:00:9d:4c:f0:
                    4b:a4:0c:c0:f0:c3:0e:e4:75:73:d5:1d:24:2a:a7:
                    d6:8c:a9:e3:e5:24:ac:97:e8:04:ff:a5:d9:03:56:
                    d7:04:c0:bd:91:87:f8:bd:44:85:48:f8:80:4a:43:
                    29:de:f7:3a:9f:55:73:c1:cb:4f:95:0f:bc:d7:45:
                    fd:9e:03:67:54:ae:15:e9:a9:31:00:6b:6e:af:b1:
                    49:04:da:c6:9e:e1:2f:9b:90:05:a3:81:da:ef:83:
                    92:1c:21:ed:39:20:31:14:52:1e:9f:cf:fe:47:01:
                    d8:31:ce:cb:49:84:2f:ca:bb:5b:2b:63:cd:9d:37:
                    b6:41:0c:26:1d:49:ae:79:ce:d7:c2:d2:a2:38:ac:
                    8a:4e:04:b6:ca:05:fb:9a:8b:cf:92:87:9b:3a:16:
                    b5:d8:d0:48:5e:73:5f:62:33:51:9b:6d:31:fa:29:
                    b6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:BC:FD:0F:80:9F:61:F8:9E:1C:6B:19:B8:9F:C7:61:D8:82:AC:09
            X509v3 Authority Key Identifier:
                keyid:96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/Erz9D4CfYfieHGsZuJ_HYdiCrAk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.67.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         75:77:87:c6:f5:45:10:97:39:92:7f:08:25:dd:b7:75:27:13:
         90:60:02:5e:a1:0f:69:bf:d5:7b:31:96:94:5d:27:73:6e:ad:
         48:64:0e:7f:33:65:e5:88:cb:cc:2a:1f:da:82:82:33:37:18:
         db:ea:2b:98:9e:e1:87:5c:47:5f:d5:e0:10:9a:aa:6f:17:63:
         00:f5:87:09:87:d7:ab:0a:ad:c8:77:7b:10:76:01:91:fd:19:
         9b:e7:b3:ed:b0:b3:cf:d3:cc:49:6d:ab:63:50:f2:c3:39:b4:
         46:ac:9f:fa:dc:67:8f:00:da:2f:ab:41:93:a6:7e:a6:c5:ac:
         7d:32:09:70:9a:ca:32:ba:9b:7c:a1:9d:2d:66:95:22:06:bf:
         8e:4c:ae:bc:c6:fd:c6:5d:6c:b9:6d:57:e4:28:f9:91:34:44:
         56:ad:29:9b:38:3b:57:e2:aa:d7:6f:e4:f9:8f:df:14:de:33:
         70:10:c4:14:f0:c3:aa:f0:8d:0a:13:62:e8:7b:74:63:60:61:
         52:a4:ee:32:33:28:45:3a:60:e9:d2:95:60:c8:fe:76:ff:89:
         7a:b0:ca:55:df:7b:7c:93:e3:fb:d0:15:74:c7:de:5e:56:2a:
         f4:02:dd:9c:d8:5a:5c:62:79:d1:77:59:13:56:31:cb:cd:47:
         a3:1f:e9:d6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCX8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTZC
Qjk0QjQ1N0Y5RDgyQTI5QjVCMkZEOUYzQTQ0MTg4OTlFNzFFQzAeFw0yMTA5Mjkw
MjM2MzlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDEyQkNGRDBGODA5RjYx
Rjg5RTFDNkIxOUI4OUZDNzYxRDg4MkFDMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKzMFGfjsM7jYcskk4E8M2g7O4+MCmydfy4TD7Cbmzeh2jciFq
/ASEW+Q+skw2qQiuXe4/8/pRBP7VzN7wgMHr5Qu679naX4YouHLNSadyvLcBzPaA
AJ1M8EukDMDwww7kdXPVHSQqp9aMqePlJKyX6AT/pdkDVtcEwL2Rh/i9RIVI+IBK
Qyne9zqfVXPBy0+VD7zXRf2eA2dUrhXpqTEAa26vsUkE2sae4S+bkAWjgdrvg5Ic
Ie05IDEUUh6fz/5HAdgxzstJhC/Ku1srY82dN7ZBDCYdSa55ztfC0qI4rIpOBLbK
Bfuai8+Sh5s6FrXY0Ehec19iM1GbbTH6Kbb/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUErz9D4CfYfieHGsZuJ/HYdiCrAkwHwYDVR0jBBgwFoAUlruUtFf52CoptbL9
nzpEGImecewwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVU
L2xydVV0RmY1MkNvcHRiTDluenBFR0ltZWNldy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbHJ1VXRGZjUyQ29wdGJMOW56cEVHSW1lY2V3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVUL0VyejlENENmWWZpZUhHc1p1
Sl9IWWRpQ3JBay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATS
Q4AwDQYJKoZIhvcNAQELBQADggEBAHV3h8b1RRCXOZJ/CCXdt3UnE5BgAl6hD2m/
1XsxlpRdJ3NurUhkDn8zZeWIy8wqH9qCgjM3GNvqK5ie4YdcR1/V4BCaqm8XYwD1
hwmH16sKrch3exB2AZH9GZvns+2ws8/TzEltq2NQ8sM5tEasn/rcZ48A2i+rQZOm
fqbFrH0yCXCayjK6m3yhnS1mlSIGv45MrrzG/cZdbLltV+Qo+ZE0RFatKZs4O1fi
qtdv5PmP3xTeM3AQxBTww6rwjQoTYuh7dGNgYVKk7jIzKEU6YOnSlWDI/nb/iXqw
ylXfe3yT4/vQFXTH3l5WKvQC3ZzYWlxiedF3WRNWMcvNR6Mf6dY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org