Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/816AEO9i41AM4uGpXj6HbRpLxBU.roa
File:                     816AEO9i41AM4uGpXj6HbRpLxBU.roa (raw, json)
Hash identifier:          U0kj39dW6v74szVvozkyymXHBa2p05t/+ieohVtuaqU=
Subject key identifier:   F3:5E:80:10:EF:62:E3:50:0C:E2:E1:A9:5E:3E:87:6D:1A:4B:C4:15
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0AE5
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/816AEO9i41AM4uGpXj6HbRpLxBU.roa
Signing time:             Wed 29 Sep 2021 02:41:13 +0000
ROA not before:           Wed 29 Sep 2021 02:41:13 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     1659
IP address blocks:        210.62.224.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2789 (0xae5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 02:41:13 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=F35E8010EF62E3500CE2E1A95E3E876D1A4BC415
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:15:b5:0e:83:d5:48:6d:f5:78:32:e8:a6:20:
                    74:40:98:6f:45:da:7b:e9:65:b7:d8:61:4b:76:4b:
                    03:b1:fd:c1:f0:68:17:5e:cf:66:4e:1b:92:46:7c:
                    12:a3:f0:73:be:54:04:5d:f5:4a:8d:91:b8:e9:e6:
                    77:9f:0c:b2:16:ac:90:a2:14:9f:13:07:38:3a:8d:
                    9e:40:ba:0c:3f:bf:70:0b:2a:ef:cb:e7:7f:98:be:
                    aa:d2:2a:1e:6a:ad:7b:a6:7c:9c:0c:d2:01:c3:04:
                    22:c9:70:13:1e:dd:26:61:46:f6:ec:39:d3:1a:0d:
                    9a:8f:09:be:a5:02:52:51:28:a4:68:54:67:1f:02:
                    67:3f:52:eb:87:74:5c:ef:3c:82:ad:54:04:61:24:
                    ff:8b:2c:77:f9:ef:a0:9b:d9:56:4e:4e:ed:20:0d:
                    9d:23:21:7e:7d:10:f5:87:9c:e7:68:97:82:b2:90:
                    3b:2b:5b:0c:f4:0d:e2:da:de:64:8f:55:70:8d:21:
                    10:0c:6a:ba:14:30:2e:9a:7d:f8:a5:29:5d:ca:61:
                    ba:42:0f:03:28:05:fc:e8:60:c4:87:31:32:77:a8:
                    d8:af:90:97:09:ef:87:31:9f:ab:0b:28:2c:62:ff:
                    c8:a8:01:82:ed:05:91:ee:67:38:a3:04:8b:9c:16:
                    16:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:5E:80:10:EF:62:E3:50:0C:E2:E1:A9:5E:3E:87:6D:1A:4B:C4:15
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/816AEO9i41AM4uGpXj6HbRpLxBU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.62.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         84:05:a0:d3:3a:35:2e:11:4f:6f:97:b9:d6:a1:26:2b:0a:e1:
         c3:64:90:4b:82:c8:45:f7:ba:89:50:a2:59:ae:17:4f:0e:5d:
         5b:53:f0:7e:9b:36:b5:27:bd:a4:65:47:ed:24:aa:45:eb:4d:
         e4:26:bd:e4:cb:72:8a:ae:c1:be:dc:12:e4:1a:ed:68:32:d8:
         b4:11:57:f1:37:b6:22:75:97:86:47:42:34:19:26:91:c6:4f:
         ad:2e:5b:eb:ff:24:0a:48:81:c9:41:39:01:55:28:4e:81:3f:
         57:2b:29:8b:ed:92:11:b3:62:47:a0:33:9b:7b:3e:3b:64:cd:
         cb:9e:5a:a1:79:78:6b:5f:5b:72:08:37:b7:9b:f7:a3:8a:ea:
         e6:65:90:86:24:7a:35:11:42:07:0e:6d:3d:76:f1:d3:1d:12:
         28:2a:bd:cd:e7:68:ee:4f:d1:f5:8c:91:49:20:f2:0f:e7:e0:
         06:a3:8c:04:99:14:e0:2b:57:f7:f2:2a:ee:9f:dd:ed:fb:b1:
         34:05:92:88:0b:7e:af:48:f8:30:70:44:7e:00:f2:db:3b:40:
         46:2a:86:68:a1:5a:ca:0f:c7:e7:0f:31:30:f8:6c:1a:f6:22:
         11:85:5c:6c:3f:20:31:7f:a4:6d:67:5d:75:9d:6f:a2:93:ef:
         19:cf:82:6c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTA5Mjkw
MjQxMTNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEYzNUU4MDEwRUY2MkUz
NTAwQ0UyRTFBOTVFM0U4NzZEMUE0QkM0MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIFbUOg9VIbfV4MuimIHRAmG9F2nvpZbfYYUt2SwOx/cHwaBde
z2ZOG5JGfBKj8HO+VARd9UqNkbjp5nefDLIWrJCiFJ8TBzg6jZ5Augw/v3ALKu/L
53+YvqrSKh5qrXumfJwM0gHDBCLJcBMe3SZhRvbsOdMaDZqPCb6lAlJRKKRoVGcf
Amc/UuuHdFzvPIKtVARhJP+LLHf576Cb2VZOTu0gDZ0jIX59EPWHnOdol4KykDsr
Wwz0DeLa3mSPVXCNIRAMaroUMC6affilKV3KYbpCDwMoBfzoYMSHMTJ3qNivkJcJ
74cxn6sLKCxi/8ioAYLtBZHuZzijBIucFhbNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU816AEO9i41AM4uGpXj6HbRpLxBUwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC84MTZBRU85aTQxQU00dUdwWGo2
SGJScEx4QlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE0j7g
MA0GCSqGSIb3DQEBCwUAA4IBAQCEBaDTOjUuEU9vl7nWoSYrCuHDZJBLgshF97qJ
UKJZrhdPDl1bU/B+mza1J72kZUftJKpF603kJr3ky3KKrsG+3BLkGu1oMti0EVfx
N7YidZeGR0I0GSaRxk+tLlvr/yQKSIHJQTkBVShOgT9XKymL7ZIRs2JHoDObez47
ZM3LnlqheXhrX1tyCDe3m/ejiurmZZCGJHo1EUIHDm09dvHTHRIoKr3N52juT9H1
jJFJIPIP5+AGo4wEmRTgK1f38irun93t+7E0BZKIC36vSPgwcER+APLbO0BGKoZo
oVrKD8fnDzEw+Gwa9iIRhVxsPyAxf6RtZ111nW+ik+8Zz4Js
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org