Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/5686l3m2Q23zI9xSbjl3s87RSO8.roa
File:                     5686l3m2Q23zI9xSbjl3s87RSO8.roa (raw, json)
Hash identifier:          azxGZ33LAXkbbK01cuC2BPDl3V7sT37+Q7Xy/7PPNrg=
Subject key identifier:   E7:AF:3A:97:79:B6:43:6D:F3:23:DC:52:6E:39:77:B3:CE:D1:48:EF
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0929
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/5686l3m2Q23zI9xSbjl3s87RSO8.roa
Signing time:             Wed 16 Dec 2020 08:54:28 +0000
ROA not before:           Wed 16 Dec 2020 08:54:28 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9916
IP address blocks:        120.126.96.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2345 (0x929)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Dec 16 08:54:28 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E7AF3A9779B6436DF323DC526E3977B3CED148EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c4:84:93:f9:9a:b8:e8:9f:eb:a5:3b:6b:9d:
                    b0:2a:c1:67:00:24:5e:71:00:f4:ae:26:e1:09:aa:
                    93:fe:62:12:8e:c4:5f:33:e2:ea:57:ac:fb:41:c4:
                    bd:77:2a:f4:3a:f4:b8:e0:0e:9f:64:53:5c:b4:83:
                    50:eb:63:c7:a5:f4:f4:8f:7e:6a:d8:af:00:fd:12:
                    6a:57:c7:51:8d:72:78:dd:cc:5e:7c:70:cb:71:e2:
                    5b:50:6d:d6:71:75:ec:47:1f:cf:da:0a:fb:44:58:
                    9b:62:50:3e:17:07:bd:1d:4a:3d:91:6a:59:8f:a0:
                    fe:44:15:b3:31:25:b2:1b:ae:ad:78:57:1f:7f:95:
                    6a:e3:13:d1:7a:79:4e:5f:36:f4:a9:a2:70:6f:27:
                    b3:48:e5:d2:fe:61:de:01:90:c9:95:3d:f8:a0:3d:
                    53:5f:f8:42:3f:67:9d:07:cf:5f:12:bc:6c:ab:bb:
                    e3:bb:e2:cc:ec:bf:89:02:dc:f4:dc:f8:8f:f9:d8:
                    e3:2d:38:59:fe:bd:95:eb:da:04:24:2b:56:03:b8:
                    20:f0:62:55:52:66:55:f1:ec:a6:51:5e:e4:92:95:
                    65:3b:e4:03:ae:15:35:0c:5b:d2:ec:55:b7:a5:5f:
                    61:91:99:69:11:23:75:01:db:d8:4b:79:a9:ff:13:
                    1a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:AF:3A:97:79:B6:43:6D:F3:23:DC:52:6E:39:77:B3:CE:D1:48:EF
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/5686l3m2Q23zI9xSbjl3s87RSO8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.126.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         2f:47:17:de:db:59:c2:80:f2:89:06:b4:7a:4a:92:20:79:a2:
         67:fb:a0:20:77:20:71:57:35:93:45:c5:5f:4e:5a:68:69:f2:
         c1:63:f5:65:e8:3f:7a:66:20:42:6a:6d:23:cd:0c:b4:d2:9c:
         28:85:70:37:62:59:a2:49:20:18:d5:f2:ec:be:b7:b6:24:9a:
         8c:32:68:a1:86:55:51:96:77:2e:84:79:b7:b3:7c:2a:57:19:
         ea:b2:9b:05:2a:ec:85:90:1d:89:51:40:41:70:e2:be:89:f4:
         a8:76:60:24:ab:a0:76:93:42:38:29:4a:8d:81:74:cf:8e:42:
         1d:95:40:2c:b2:05:3a:d1:b5:47:aa:de:ff:d2:64:0f:36:15:
         08:50:c2:fd:52:86:56:75:89:c2:69:69:11:9c:c8:76:fb:23:
         8e:d7:53:4f:2f:a1:16:c2:7b:a1:d2:30:aa:90:c3:60:5f:51:
         26:ac:6e:84:81:e6:5e:a1:45:43:54:a2:7c:00:32:fd:e3:7a:
         c4:83:ab:b3:5c:c2:73:c6:90:6d:46:1a:45:37:50:a9:d9:eb:
         db:ac:42:4b:9a:c1:dd:c0:6b:a3:81:14:35:d0:67:cc:10:f9:
         76:92:72:03:d8:77:cf:d8:c9:97:42:96:ce:4d:a3:61:fe:95:
         e7:a9:7c:8b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMDEyMTYw
ODU0MjhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEU3QUYzQTk3NzlCNjQz
NkRGMzIzREM1MjZFMzk3N0IzQ0VEMTQ4RUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIxIST+Zq46J/rpTtrnbAqwWcAJF5xAPSuJuEJqpP+YhKOxF8z
4upXrPtBxL13KvQ69LjgDp9kU1y0g1DrY8el9PSPfmrYrwD9EmpXx1GNcnjdzF58
cMtx4ltQbdZxdexHH8/aCvtEWJtiUD4XB70dSj2RalmPoP5EFbMxJbIbrq14Vx9/
lWrjE9F6eU5fNvSponBvJ7NI5dL+Yd4BkMmVPfigPVNf+EI/Z50Hz18SvGyru+O7
4szsv4kC3PTc+I/52OMtOFn+vZXr2gQkK1YDuCDwYlVSZlXx7KZRXuSSlWU75AOu
FTUMW9LsVbelX2GRmWkRI3UB29hLean/ExoPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU5686l3m2Q23zI9xSbjl3s87RSO8wHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC81Njg2bDNtMlEyM3pJOXhTYmps
M3M4N1JTTzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEeH5g
MA0GCSqGSIb3DQEBCwUAA4IBAQAvRxfe21nCgPKJBrR6SpIgeaJn+6AgdyBxVzWT
RcVfTlpoafLBY/Vl6D96ZiBCam0jzQy00pwohXA3YlmiSSAY1fLsvre2JJqMMmih
hlVRlncuhHm3s3wqVxnqspsFKuyFkB2JUUBBcOK+ifSodmAkq6B2k0I4KUqNgXTP
jkIdlUAssgU60bVHqt7/0mQPNhUIUML9UoZWdYnCaWkRnMh2+yOO11NPL6EWwnuh
0jCqkMNgX1EmrG6EgeZeoUVDVKJ8ADL943rEg6uzXMJzxpBtRhpFN1Cp2evbrEJL
msHdwGujgRQ10GfMEPl2knID2HfP2MmXQpbOTaNh/pXnqXyL
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org