Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SYSNET/JHCwE2g6utHosrZR3DmAoJY5klk.roa
File:                     JHCwE2g6utHosrZR3DmAoJY5klk.roa (raw, json)
Hash identifier:          6LijCa7r9npdszAtIQG+V/uTQRx+Gu3jpMqa9V2JmJ0=
Subject key identifier:   24:70:B0:13:68:3A:BA:D1:E8:B2:B6:51:DC:39:80:A0:96:39:92:59
Certificate issuer:       /CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC
Certificate serial:       0791
Authority key identifier: 96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/JHCwE2g6utHosrZR3DmAoJY5klk.roa
Signing time:             Tue 29 Sep 2020 10:06:19 +0000
ROA not before:           Tue 29 Sep 2020 10:06:19 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     4783
IP address blocks:        202.39.96.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1937 (0x791)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC
        Validity
            Not Before: Sep 29 10:06:19 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=2470B013683ABAD1E8B2B651DC3980A096399259
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:33:ac:0b:6e:f2:fe:f7:ce:02:40:f1:9b:7b:
                    49:a3:94:c6:f6:9d:d0:82:7a:c8:b9:0e:e4:32:93:
                    7d:8a:6a:c3:5c:de:1b:61:81:5e:ee:e8:95:d1:ce:
                    09:08:72:32:f7:1d:44:eb:de:dd:23:56:29:56:6d:
                    e9:f3:0f:fe:56:69:41:11:44:ae:9d:27:0d:72:c6:
                    4f:5f:4b:d2:15:ca:83:7e:58:97:56:ef:a8:02:21:
                    eb:0b:87:a4:33:73:df:1a:1c:de:c9:53:2e:17:06:
                    00:5f:58:18:dc:86:a4:8e:bf:ca:78:0e:ea:76:05:
                    c0:26:cd:d7:7a:74:c7:f8:de:87:a9:b9:fc:c9:c8:
                    58:dc:85:35:6a:94:0c:28:35:fb:4f:bd:53:02:07:
                    98:67:cb:04:69:c5:db:f7:b0:f3:4d:79:79:07:11:
                    13:28:af:46:7e:14:7d:6c:1e:95:1f:ce:f1:04:d5:
                    da:f5:80:71:a6:7d:62:00:f6:a7:40:d1:9d:1c:bb:
                    dd:1e:7f:02:5e:df:7f:ec:e9:26:cb:01:67:30:c3:
                    0e:7d:49:b1:48:12:78:c4:b9:03:03:53:46:94:98:
                    d7:92:54:93:f0:14:d7:e5:4e:b2:bf:00:78:2c:ab:
                    1e:b6:83:ec:fe:c0:68:52:ca:dd:a1:96:b8:50:3a:
                    d0:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:70:B0:13:68:3A:BA:D1:E8:B2:B6:51:DC:39:80:A0:96:39:92:59
            X509v3 Authority Key Identifier:
                keyid:96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/JHCwE2g6utHosrZR3DmAoJY5klk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.39.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         57:20:be:11:bc:83:b2:a9:8b:e5:86:9f:8b:99:e1:1b:cf:3b:
         27:26:6f:34:4f:9c:30:c8:20:ce:4f:b6:7b:d5:34:6c:41:a8:
         be:43:98:26:41:3c:ad:3b:6f:7e:3d:90:7d:40:5d:40:03:c0:
         02:dd:ac:01:c6:9e:03:bb:34:3f:3b:53:3c:f0:4f:a2:69:1a:
         36:1b:6e:19:00:1d:60:83:4a:77:1c:16:97:3e:81:1e:a2:9b:
         c8:9c:47:26:6c:1f:b2:f6:48:73:c8:ed:60:ac:9a:79:5a:e1:
         7e:20:ab:e5:be:27:d4:86:df:a1:3c:4f:23:60:50:6f:ae:7c:
         81:91:0b:68:59:c6:b8:37:5e:0d:7b:9a:57:55:96:9a:b7:5d:
         9c:ae:18:65:bc:fd:05:f2:6c:a7:1d:9a:82:6d:a0:a9:ce:2b:
         7d:44:b3:51:60:d8:42:49:e9:96:1f:08:41:52:92:3b:55:df:
         a5:48:a3:9c:66:75:14:f9:3a:eb:51:1d:a9:08:ce:4d:e5:f6:
         2b:50:de:d1:b5:f6:16:76:fc:57:16:68:d4:ce:3a:73:3f:d9:
         04:7e:51:de:a3:41:6f:7b:6f:f6:81:15:91:f4:52:60:6b:77:
         c9:0c:af:1f:c8:20:af:76:bc:94:33:e9:2b:bd:ca:cf:87:50:
         b1:57:e2:a0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTZC
Qjk0QjQ1N0Y5RDgyQTI5QjVCMkZEOUYzQTQ0MTg4OTlFNzFFQzAeFw0yMDA5Mjkx
MDA2MTlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI0NzBCMDEzNjgzQUJB
RDFFOEIyQjY1MURDMzk4MEEwOTYzOTkyNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoM6wLbvL+984CQPGbe0mjlMb2ndCCesi5DuQyk32KasNc3hth
gV7u6JXRzgkIcjL3HUTr3t0jVilWbenzD/5WaUERRK6dJw1yxk9fS9IVyoN+WJdW
76gCIesLh6Qzc98aHN7JUy4XBgBfWBjchqSOv8p4Dup2BcAmzdd6dMf43oepufzJ
yFjchTVqlAwoNftPvVMCB5hnywRpxdv3sPNNeXkHERMor0Z+FH1sHpUfzvEE1dr1
gHGmfWIA9qdA0Z0cu90efwJe33/s6SbLAWcwww59SbFIEnjEuQMDU0aUmNeSVJPw
FNflTrK/AHgsqx62g+z+wGhSyt2hlrhQOtAzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJHCwE2g6utHosrZR3DmAoJY5klkwHwYDVR0jBBgwFoAUlruUtFf52CoptbL9
nzpEGImecewwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVU
L2xydVV0RmY1MkNvcHRiTDluenBFR0ltZWNldy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbHJ1VXRGZjUyQ29wdGJMOW56cEVHSW1lY2V3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVUL0pIQ3dFMmc2dXRIb3NyWlIz
RG1Bb0pZNWtsay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATK
J2AwDQYJKoZIhvcNAQELBQADggEBAFcgvhG8g7Kpi+WGn4uZ4RvPOycmbzRPnDDI
IM5PtnvVNGxBqL5DmCZBPK07b349kH1AXUADwALdrAHGngO7ND87UzzwT6JpGjYb
bhkAHWCDSnccFpc+gR6im8icRyZsH7L2SHPI7WCsmnla4X4gq+W+J9SG36E8TyNg
UG+ufIGRC2hZxrg3Xg17mldVlpq3XZyuGGW8/QXybKcdmoJtoKnOK31Es1Fg2EJJ
6ZYfCEFSkjtV36VIo5xmdRT5OutRHakIzk3l9itQ3tG19hZ2/FcWaNTOOnM/2QR+
Ud6jQW97b/aBFZH0UmBrd8kMrx/IIK92vJQz6Su9ys+HULFX4qA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org