Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/3uGpYMiq-dP-wLY0ljnK0M8w-eM.roa
File:                     3uGpYMiq-dP-wLY0ljnK0M8w-eM.roa (raw, json)
Hash identifier:          ocWFXeKYNq8AGDCvds2JR8M5Jwby9yd3i7+Uk4kKKkE=
Subject key identifier:   DE:E1:A9:60:C8:AA:F9:D3:FE:C0:B6:34:96:39:CA:D0:CF:30:F9:E3
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       09D1
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/3uGpYMiq-dP-wLY0ljnK0M8w-eM.roa
Signing time:             Sun 07 Feb 2021 13:13:00 +0000
ROA not before:           Sun 07 Feb 2021 13:13:00 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9916
IP address blocks:        140.129.64.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2513 (0x9d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Feb  7 13:13:00 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=DEE1A960C8AAF9D3FEC0B6349639CAD0CF30F9E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e1:94:e1:ee:58:7a:02:26:02:22:e1:5b:09:
                    0a:d9:ca:ab:6b:02:06:c5:ac:22:bd:54:73:79:f5:
                    57:a1:5e:3f:78:ce:e2:ba:b4:e4:b6:a3:f1:ba:2b:
                    7c:da:d9:82:54:5d:ab:9f:29:3a:bb:46:c2:c9:d2:
                    3c:19:8b:8e:44:2d:ed:7f:c7:88:82:11:64:4f:39:
                    5e:79:2b:16:3b:aa:fe:56:df:86:04:4e:f2:7e:4b:
                    ef:13:5c:ac:d6:c4:94:3d:d4:f2:a0:50:88:13:b4:
                    b9:88:66:48:b7:21:31:d0:43:e8:68:aa:f4:eb:03:
                    b0:ce:6e:e9:1c:6f:b8:b8:4e:4c:17:c9:04:7d:3b:
                    46:57:f1:0d:e7:12:11:30:3b:9a:f3:08:5c:b7:aa:
                    e0:c3:92:e5:12:0e:c1:87:6f:ff:ae:00:fb:d9:f1:
                    24:5d:c9:72:84:3f:94:5b:b9:e7:1c:e4:c9:fd:e4:
                    bf:99:17:01:7e:37:97:1f:81:e8:18:f2:e9:e8:22:
                    b4:2d:9f:55:17:c3:c6:e3:2a:ed:70:cf:ff:56:e7:
                    ae:91:94:15:68:f8:ca:55:43:29:70:ec:b5:a4:ae:
                    14:33:8e:60:f6:fc:ec:4e:5a:91:31:06:dc:39:b1:
                    6e:7e:77:9f:36:7d:05:9f:0f:91:62:3e:6c:9b:fa:
                    34:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:E1:A9:60:C8:AA:F9:D3:FE:C0:B6:34:96:39:CA:D0:CF:30:F9:E3
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/3uGpYMiq-dP-wLY0ljnK0M8w-eM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.129.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         5e:4c:88:75:3a:5a:66:bd:a4:7f:e9:22:f1:08:bc:bc:4f:db:
         ab:2f:d1:b2:d9:c0:42:5d:d9:f5:ae:b7:8a:03:ae:7a:43:6b:
         ce:1f:88:36:ab:b0:99:85:29:65:dd:8e:78:ba:d8:59:1c:87:
         72:e3:b8:51:d1:6f:1c:9a:0e:10:65:bb:88:7d:16:15:bf:55:
         30:51:42:cc:52:7f:af:8a:fd:07:61:13:4e:39:33:71:ac:67:
         c3:75:41:75:fa:cb:52:03:c0:c5:24:62:56:6b:35:83:17:2d:
         c1:a8:10:d3:a6:bf:d3:33:ef:fd:ab:b6:0c:8c:3b:6c:7a:eb:
         97:54:91:e5:53:2c:d7:60:94:83:d2:40:c9:eb:42:06:9d:cd:
         6e:a8:ad:d5:34:1b:44:ee:99:f0:07:88:83:06:8c:86:3b:df:
         53:27:f3:96:fa:a2:45:91:61:6a:fe:aa:0c:7c:82:2e:8c:00:
         36:d4:1b:96:b9:ab:3a:4b:0f:dc:8c:c0:dd:7f:e3:34:f2:a5:
         6b:62:66:45:da:e0:ac:87:17:68:5e:db:9e:a6:e8:2c:32:c4:
         bb:0e:f8:30:a4:53:f5:c2:05:5b:4b:03:ed:a4:52:5d:18:24:
         fe:fc:fa:92:7c:e0:86:3f:38:04:61:33:64:b1:6d:94:74:42:
         7b:45:7c:53
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCdEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTAyMDcx
MzEzMDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERFRTFBOTYwQzhBQUY5
RDNGRUMwQjYzNDk2MzlDQUQwQ0YzMEY5RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCU4ZTh7lh6AiYCIuFbCQrZyqtrAgbFrCK9VHN59VehXj94zuK6
tOS2o/G6K3za2YJUXaufKTq7RsLJ0jwZi45ELe1/x4iCEWRPOV55KxY7qv5W34YE
TvJ+S+8TXKzWxJQ91PKgUIgTtLmIZki3ITHQQ+hoqvTrA7DObukcb7i4TkwXyQR9
O0ZX8Q3nEhEwO5rzCFy3quDDkuUSDsGHb/+uAPvZ8SRdyXKEP5Rbuecc5Mn95L+Z
FwF+N5cfgegY8unoIrQtn1UXw8bjKu1wz/9W566RlBVo+MpVQylw7LWkrhQzjmD2
/OxOWpExBtw5sW5+d582fQWfD5FiPmyb+jS1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3uGpYMiq+dP+wLY0ljnK0M8w+eMwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC8zdUdwWU1pcS1kUC13TFkwbGpu
SzBNOHctZU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEjIFA
MA0GCSqGSIb3DQEBCwUAA4IBAQBeTIh1OlpmvaR/6SLxCLy8T9urL9Gy2cBCXdn1
rreKA656Q2vOH4g2q7CZhSll3Y54uthZHIdy47hR0W8cmg4QZbuIfRYVv1UwUULM
Un+viv0HYRNOOTNxrGfDdUF1+stSA8DFJGJWazWDFy3BqBDTpr/TM+/9q7YMjDts
euuXVJHlUyzXYJSD0kDJ60IGnc1uqK3VNBtE7pnwB4iDBoyGO99TJ/OW+qJFkWFq
/qoMfIIujAA21BuWuas6Sw/cjMDdf+M08qVrYmZF2uCshxdoXtuepugsMsS7Dvgw
pFP1wgVbSwPtpFJdGCT+/PqSfOCGPzgEYTNksW2UdEJ7RXxT
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org