Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/5yYN5x9omrv8uqiP6QHdWwpiwfU.roa
File:                     5yYN5x9omrv8uqiP6QHdWwpiwfU.roa (raw, json)
Hash identifier:          //LNgpAdneJdQHdnNLzuLw2/1VrWfHsvef13GW1ji70=
Subject key identifier:   E7:26:0D:E7:1F:68:9A:BB:FC:BA:A8:8F:E9:01:DD:5B:0A:62:C1:F5
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0AE9
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/5yYN5x9omrv8uqiP6QHdWwpiwfU.roa
Signing time:             Wed 29 Sep 2021 02:41:15 +0000
ROA not before:           Wed 29 Sep 2021 02:41:15 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     1659
IP address blocks:        210.71.0.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2793 (0xae9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 02:41:15 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=E7260DE71F689ABBFCBAA88FE901DD5B0A62C1F5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8a:e6:96:0d:1d:0e:0b:ed:31:6d:32:72:53:
                    f0:33:8e:06:5f:4b:bb:88:ac:bf:51:a8:9f:65:d0:
                    7d:0b:94:a4:e3:64:dc:9b:ad:a8:55:6c:75:79:46:
                    11:14:c8:c3:74:b2:59:7a:96:f6:72:bf:05:51:f5:
                    a6:24:0a:da:64:e7:1f:e0:da:41:8a:95:38:b2:bb:
                    31:78:43:0c:36:c7:38:e6:8d:8d:d3:77:c7:0c:e3:
                    ba:c2:c0:b8:ad:c2:64:3f:88:45:cd:89:07:ef:d8:
                    a5:ab:72:f5:91:3c:37:89:88:4e:fd:3b:62:80:2b:
                    cb:16:d8:3e:53:92:e6:84:8b:1b:79:5a:72:61:cf:
                    17:08:dc:8c:a6:39:b6:28:a4:a6:ee:3e:98:8b:3b:
                    dd:dc:5b:98:d5:e6:5f:08:ed:97:c5:45:d8:f4:1b:
                    bd:fd:4d:ba:f1:36:85:fc:82:fc:dd:50:e3:75:2c:
                    32:35:48:63:45:5a:9e:62:9f:9d:91:ba:aa:7f:cc:
                    ba:9c:b1:a0:44:5f:eb:db:69:96:ab:f0:5d:ad:0f:
                    5d:77:5a:23:70:5c:d4:a3:9b:d5:03:51:94:2a:02:
                    04:a8:f2:e0:25:7e:82:e8:35:b0:85:2b:2e:2e:bf:
                    0d:c5:8e:9f:5c:fd:ec:1c:e9:83:5c:05:99:4f:18:
                    fa:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:26:0D:E7:1F:68:9A:BB:FC:BA:A8:8F:E9:01:DD:5B:0A:62:C1:F5
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/5yYN5x9omrv8uqiP6QHdWwpiwfU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.71.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         68:2a:91:88:3a:a3:bb:9c:fe:4b:b9:d3:37:4e:d4:8e:8c:ff:
         21:15:7a:c1:cd:79:c2:22:f3:1a:95:a6:e3:af:77:0a:5e:8c:
         95:20:ba:0c:46:e5:1a:37:c4:7e:48:ad:b0:eb:7a:a7:6b:ec:
         71:da:9e:65:f2:1b:a9:da:7c:7c:14:14:8d:ef:ae:94:64:02:
         0c:15:73:9f:f9:d1:7d:b8:e8:3d:bb:0b:ab:96:68:e5:b5:1d:
         43:b9:1b:77:b4:51:84:80:1b:a8:c0:44:b8:fb:b6:f9:4f:21:
         4a:38:30:a9:69:3e:50:cf:13:5e:f2:2a:44:44:3d:26:b8:f5:
         72:82:09:6e:6e:8a:52:d0:e0:1b:7e:5f:b0:ef:bf:1d:3e:75:
         41:46:7c:2c:28:ee:0f:7d:00:de:ad:f1:c0:9f:b9:07:9c:ba:
         99:e9:8a:49:e7:9a:9d:35:ad:a6:72:8a:42:79:0e:8b:99:78:
         f3:a7:25:1f:5b:15:14:b7:c0:d6:f3:57:f4:b6:08:5c:c6:0f:
         6b:b5:6c:00:13:b6:fb:84:bf:8f:a6:bf:00:f9:e8:4a:e4:d3:
         27:5a:1d:bd:c1:b2:14:06:df:1c:2e:47:99:f7:66:96:3e:ab:
         a3:23:d5:06:f9:b3:00:1f:d2:7c:4b:ed:f7:9b:82:d9:4a:7e:
         e3:ff:58:c2
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCukwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTA5Mjkw
MjQxMTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEU3MjYwREU3MUY2ODlB
QkJGQ0JBQTg4RkU5MDFERDVCMEE2MkMxRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9iuaWDR0OC+0xbTJyU/AzjgZfS7uIrL9RqJ9l0H0LlKTjZNyb
rahVbHV5RhEUyMN0sll6lvZyvwVR9aYkCtpk5x/g2kGKlTiyuzF4Qww2xzjmjY3T
d8cM47rCwLitwmQ/iEXNiQfv2KWrcvWRPDeJiE79O2KAK8sW2D5TkuaEixt5WnJh
zxcI3IymObYopKbuPpiLO93cW5jV5l8I7ZfFRdj0G739TbrxNoX8gvzdUON1LDI1
SGNFWp5in52Ruqp/zLqcsaBEX+vbaZar8F2tD113WiNwXNSjm9UDUZQqAgSo8uAl
foLoNbCFKy4uvw3Fjp9c/ewc6YNcBZlPGPr9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU5yYN5x9omrv8uqiP6QHdWwpiwfUwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC81eVlONXg5b21ydjh1cWlQNlFI
ZFd3cGl3ZlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH0kcA
MA0GCSqGSIb3DQEBCwUAA4IBAQBoKpGIOqO7nP5LudM3TtSOjP8hFXrBzXnCIvMa
labjr3cKXoyVILoMRuUaN8R+SK2w63qna+xx2p5l8hup2nx8FBSN766UZAIMFXOf
+dF9uOg9uwurlmjltR1DuRt3tFGEgBuowES4+7b5TyFKODCpaT5QzxNe8ipERD0m
uPVygglubopS0OAbfl+w778dPnVBRnwsKO4PfQDerfHAn7kHnLqZ6YpJ55qdNa2m
copCeQ6LmXjzpyUfWxUUt8DW81f0tghcxg9rtWwAE7b7hL+Ppr8A+ehK5NMnWh29
wbIUBt8cLkeZ92aWPqujI9UG+bMAH9J8S+33m4LZSn7j/1jC
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org