Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/42NJuvBkboeDZwk33NUlSReyoio.roa
File:                     42NJuvBkboeDZwk33NUlSReyoio.roa (raw, json)
Hash identifier:          +kK4Rx4wRGT25kMZwPjsIpRtQ9KeVryv7gB18ipSyQ8=
Subject key identifier:   E3:63:49:BA:F0:64:6E:87:83:67:09:37:DC:D5:25:49:17:B2:A2:2A
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       09BE
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/42NJuvBkboeDZwk33NUlSReyoio.roa
Signing time:             Sun 07 Feb 2021 12:38:38 +0000
ROA not before:           Sun 07 Feb 2021 12:38:38 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9916
IP address blocks:        120.126.96.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2494 (0x9be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Feb  7 12:38:38 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E36349BAF0646E8783670937DCD5254917B2A22A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:19:93:76:66:0d:8a:8d:06:90:de:3f:68:b5:
                    f4:84:82:f0:39:01:5b:ae:5a:93:8c:61:dc:28:4f:
                    14:cd:78:ef:ac:07:62:c9:63:b1:ec:69:61:50:bb:
                    29:b1:53:d5:b3:c3:12:e8:b2:d8:ca:6e:f4:b1:c2:
                    b1:e2:b4:6a:2a:28:db:19:fc:9c:dc:87:fb:20:5d:
                    ea:16:90:d0:5c:9e:e2:be:27:24:d4:3c:5d:7b:d3:
                    41:30:09:1c:b1:ce:5a:d6:c1:3e:69:42:0f:4e:61:
                    99:87:26:b8:ff:ef:11:a1:49:0c:bf:a3:19:5e:56:
                    ef:9b:9f:f1:5d:48:04:44:e8:20:fe:21:aa:af:1a:
                    cd:f9:f0:e4:0a:99:57:d6:3c:6e:53:0d:39:ef:49:
                    52:a2:bd:7e:90:79:83:3e:80:1a:42:88:60:64:bc:
                    a6:c8:da:6c:3d:13:4e:40:2b:02:e0:b6:5d:43:d5:
                    e6:a0:c6:e7:98:63:71:77:28:20:c2:2a:8f:f2:b5:
                    08:74:f5:bf:ad:04:ba:e1:1c:e7:d7:95:39:42:4f:
                    1f:53:01:6c:b5:8e:a2:ad:91:fb:73:52:db:f4:95:
                    d8:dd:cf:d6:c3:9f:56:05:59:aa:c7:8c:ac:73:c8:
                    f8:2a:f7:08:67:f1:5e:18:ae:00:95:57:53:0e:d5:
                    c9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:63:49:BA:F0:64:6E:87:83:67:09:37:DC:D5:25:49:17:B2:A2:2A
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/42NJuvBkboeDZwk33NUlSReyoio.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.126.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         48:37:7a:20:a3:c7:b2:03:44:aa:be:76:c9:4a:bf:db:bc:11:
         77:c8:ad:ec:3f:67:84:8b:2e:cf:a3:95:cb:ba:21:55:d9:4a:
         99:26:1d:4b:2b:1f:0b:6b:8e:5e:75:1b:42:63:4d:2b:cd:af:
         f9:66:f8:11:79:58:6d:7a:57:5c:6d:fe:13:c5:c1:6f:68:ff:
         b8:26:1f:73:6a:e2:77:78:78:ca:f8:df:38:3b:96:2a:12:85:
         43:95:19:7f:1a:37:f8:87:52:77:71:68:74:cb:8a:d9:ff:89:
         6f:9c:43:32:d5:1c:09:8a:31:26:73:d8:36:df:f0:7b:05:07:
         99:55:65:3a:7c:84:f8:1c:a5:4f:46:9a:63:e4:9d:5b:80:2b:
         35:2b:a9:04:8b:ba:16:de:52:1f:4f:41:5d:43:f7:40:28:49:
         d7:69:62:9c:70:70:77:3f:5d:30:20:49:4b:76:67:cb:db:dc:
         66:7d:1b:fd:21:91:f5:fd:48:91:d9:02:e9:74:b0:ba:7d:c3:
         9b:aa:54:a6:8b:2c:b3:d8:68:7d:37:a3:fa:f8:ff:a1:2b:75:
         4d:80:7b:d1:14:54:61:be:2b:e5:69:60:f1:c2:e7:19:fe:1f:
         aa:5b:24:1b:4f:33:46:60:25:45:a4:07:24:93:26:f1:cf:88:
         44:9f:3b:0f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCb4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTAyMDcx
MjM4MzhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEUzNjM0OUJBRjA2NDZF
ODc4MzY3MDkzN0RDRDUyNTQ5MTdCMkEyMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzGZN2Zg2KjQaQ3j9otfSEgvA5AVuuWpOMYdwoTxTNeO+sB2LJ
Y7HsaWFQuymxU9WzwxLostjKbvSxwrHitGoqKNsZ/Jzch/sgXeoWkNBcnuK+JyTU
PF1700EwCRyxzlrWwT5pQg9OYZmHJrj/7xGhSQy/oxleVu+bn/FdSARE6CD+Iaqv
Gs358OQKmVfWPG5TDTnvSVKivX6QeYM+gBpCiGBkvKbI2mw9E05AKwLgtl1D1eag
xueYY3F3KCDCKo/ytQh09b+tBLrhHOfXlTlCTx9TAWy1jqKtkftzUtv0ldjdz9bD
n1YFWarHjKxzyPgq9whn8V4YrgCVV1MO1cmpAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU42NJuvBkboeDZwk33NUlSReyoiowHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC80Mk5KdXZCa2JvZURad2szM05V
bFNSZXlvaW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEeH5g
MA0GCSqGSIb3DQEBCwUAA4IBAQBIN3ogo8eyA0SqvnbJSr/bvBF3yK3sP2eEiy7P
o5XLuiFV2UqZJh1LKx8La45edRtCY00rza/5ZvgReVhteldcbf4TxcFvaP+4Jh9z
auJ3eHjK+N84O5YqEoVDlRl/Gjf4h1J3cWh0y4rZ/4lvnEMy1RwJijEmc9g23/B7
BQeZVWU6fIT4HKVPRppj5J1bgCs1K6kEi7oW3lIfT0FdQ/dAKEnXaWKccHB3P10w
IElLdmfL29xmfRv9IZH1/UiR2QLpdLC6fcObqlSmiyyz2Gh9N6P6+P+hK3VNgHvR
FFRhvivlaWDxwucZ/h+qWyQbTzNGYCVFpAckkybxz4hEnzsP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org