Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/9DxhXoMq_OieLbJb9iIDXLAUZ-Q.roa
File:                     9DxhXoMq_OieLbJb9iIDXLAUZ-Q.roa (raw, json)
Hash identifier:          tv1129BeJC4afXVoI2VeQbcWAltKvh5QZ3zrXPkVqa4=
Subject key identifier:   F4:3C:61:5E:83:2A:FC:E8:9E:2D:B2:5B:F6:22:03:5C:B0:14:67:E4
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0BD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9DxhXoMq_OieLbJb9iIDXLAUZ-Q.roa
Signing time:             Thu 15 Sep 2022 02:41:13 +0000
ROA not before:           Thu 15 Sep 2022 02:41:13 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     1659
IP address blocks:        163.32.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3032 (0xbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 15 02:41:13 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=F43C615E832AFCE89E2DB25BF622035CB01467E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b8:88:82:df:ea:d7:4c:ad:c2:12:f2:1d:65:
                    55:c3:76:3f:c1:d6:9c:64:d3:d6:f1:60:94:6a:9f:
                    76:d3:42:a5:7f:67:e0:4f:ac:c8:89:4f:ce:e3:2c:
                    ad:df:74:ee:8e:85:28:7a:79:73:9d:12:35:39:56:
                    c2:74:3d:2b:81:12:9b:3e:1f:65:64:0a:6f:dd:ef:
                    d0:11:97:a9:5c:f5:0c:b5:2e:22:e6:fa:b6:43:2f:
                    b5:c7:41:17:3a:2a:99:ac:53:43:b7:0e:c1:ce:07:
                    9b:c4:6d:4e:1b:17:5b:0f:f6:d8:ac:56:f4:80:59:
                    91:f3:dc:b5:20:52:e8:7a:43:be:25:cf:f0:9a:b2:
                    c1:e3:f2:52:77:a8:e7:9f:7f:cf:ca:9c:03:8f:5c:
                    73:2e:ba:56:47:5a:52:6e:12:ee:b5:33:86:a1:37:
                    7e:d6:29:fc:53:73:d9:50:21:cd:13:e6:36:e5:19:
                    40:08:d3:9d:cf:fd:fc:b8:8d:ec:4d:b3:2b:08:f7:
                    c8:62:fc:3c:91:69:58:03:3b:d7:b4:fa:f3:0c:c0:
                    c2:8e:d9:00:ba:9a:a1:15:ad:bf:7b:25:04:0d:32:
                    cd:2b:9c:f9:5c:cc:2b:c1:77:96:09:3e:7d:8e:cc:
                    14:44:49:7b:58:30:69:be:c4:5a:72:7a:05:c5:ba:
                    d9:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:3C:61:5E:83:2A:FC:E8:9E:2D:B2:5B:F6:22:03:5C:B0:14:67:E4
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9DxhXoMq_OieLbJb9iIDXLAUZ-Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.32.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a2:77:fd:52:40:07:b8:d1:97:e8:c1:2e:b1:e4:d1:63:3e:3c:
         93:cb:13:fa:1a:41:16:25:bb:41:be:18:5c:ac:79:e2:f9:ce:
         ab:28:94:5f:70:f1:9b:7a:50:df:8d:f6:37:8f:61:8d:bf:2a:
         5f:91:26:ea:9d:1a:44:25:43:09:38:f5:30:48:87:e1:6b:b4:
         a3:35:ff:0d:ea:bb:29:17:95:72:06:e3:5d:77:82:2d:01:6a:
         74:ed:fb:bf:45:95:90:05:32:0c:0a:97:bc:23:ff:2c:4f:a7:
         3c:06:60:24:82:9f:f6:ee:5e:86:48:77:f5:f8:19:49:ec:71:
         bb:93:6d:0a:01:03:f5:8f:a7:96:e7:0d:60:78:fa:0e:d3:46:
         9f:05:0f:5f:72:d3:a2:87:92:8f:49:d2:7d:fb:df:78:d6:5d:
         5d:10:69:08:6c:0a:d8:a8:d8:53:12:3a:fc:42:90:4e:f0:0a:
         7d:8e:1c:69:58:68:fe:7a:e0:f5:7d:05:ce:a6:a2:64:92:30:
         fa:11:76:bd:98:a0:07:ae:a8:ff:f3:7b:b3:60:78:60:29:36:
         e2:c7:b1:b3:81:43:ff:7b:23:e4:9e:f5:9c:ac:b5:3e:ec:03:
         d4:1b:ee:25:80:60:d4:77:7a:84:05:50:31:8b:e4:f5:f0:c2:
         fe:0c:a7:77
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMjA5MTUw
MjQxMTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY0M0M2MTVFODMyQUZD
RTg5RTJEQjI1QkY2MjIwMzVDQjAxNDY3RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpuIiC3+rXTK3CEvIdZVXDdj/B1pxk09bxYJRqn3bTQqV/Z+BP
rMiJT87jLK3fdO6OhSh6eXOdEjU5VsJ0PSuBEps+H2VkCm/d79ARl6lc9Qy1LiLm
+rZDL7XHQRc6KpmsU0O3DsHOB5vEbU4bF1sP9tisVvSAWZHz3LUgUuh6Q74lz/Ca
ssHj8lJ3qOeff8/KnAOPXHMuulZHWlJuEu61M4ahN37WKfxTc9lQIc0T5jblGUAI
053P/fy4jexNsysI98hi/DyRaVgDO9e0+vMMwMKO2QC6mqEVrb97JQQNMs0rnPlc
zCvBd5YJPn2OzBRESXtYMGm+xFpyegXFutkHAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU9DxhXoMq/OieLbJb9iIDXLAUZ+QwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC85RHhoWG9NcV9PaWVMYkpiOWlJ
RFhMQVVaLVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoyAw
DQYJKoZIhvcNAQELBQADggEBAKJ3/VJAB7jRl+jBLrHk0WM+PJPLE/oaQRYlu0G+
GFyseeL5zqsolF9w8Zt6UN+N9jePYY2/Kl+RJuqdGkQlQwk49TBIh+FrtKM1/w3q
uykXlXIG4113gi0BanTt+79FlZAFMgwKl7wj/yxPpzwGYCSCn/buXoZId/X4GUns
cbuTbQoBA/WPp5bnDWB4+g7TRp8FD19y06KHko9J0n3733jWXV0QaQhsCtio2FMS
OvxCkE7wCn2OHGlYaP564PV9Bc6momSSMPoRdr2YoAeuqP/ze7NgeGApNuLHsbOB
Q/97I+Se9ZystT7sA9Qb7iWAYNR3eoQFUDGL5PXwwv4Mp3c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org