Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/9EHaesU_PiV3L4G7LPA7sOiBlPM.roa
File:                     9EHaesU_PiV3L4G7LPA7sOiBlPM.roa (raw, json)
Hash identifier:          Zlr09srhM8cu9HOWHbEYbHmGORXhyVJRJdaSKtHEUCU=
Subject key identifier:   F4:41:DA:7A:C5:3F:3E:25:77:2F:81:BB:2C:F0:3B:B0:E8:81:94:F3
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0B8A
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9EHaesU_PiV3L4G7LPA7sOiBlPM.roa
Signing time:             Thu 15 Sep 2022 02:41:17 +0000
ROA not before:           Thu 15 Sep 2022 02:41:17 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     1659
IP address blocks:        140.138.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2954 (0xb8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 15 02:41:17 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=F441DA7AC53F3E25772F81BB2CF03BB0E88194F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1a:a4:d2:6d:02:a4:be:c5:dc:6c:5f:86:59:
                    1b:f7:f1:9e:d2:0a:aa:d9:66:b2:e3:57:fa:4d:45:
                    e9:09:b2:f5:c7:9d:53:03:62:24:b4:88:bf:1d:b3:
                    a7:f6:69:b0:b6:32:de:d2:6d:91:c6:a3:79:1a:37:
                    c4:48:88:38:6a:3b:34:a0:74:c5:ca:2f:f2:6e:d3:
                    0b:17:78:01:fd:a3:67:d1:f7:80:9f:07:4b:40:1d:
                    8d:52:df:fe:73:2d:c7:81:a5:50:49:a4:5d:64:b6:
                    b4:d5:fe:d3:3a:55:bb:1c:70:c6:78:1a:8b:aa:4b:
                    8e:a3:27:a2:58:01:51:24:9b:a5:ba:e9:32:9b:eb:
                    c0:94:c1:64:73:bd:d1:14:7d:6e:1f:94:00:57:39:
                    39:55:9d:1b:fe:3c:f2:35:72:80:61:b0:b8:fd:01:
                    95:6d:a4:ba:2f:77:45:a3:9c:59:70:d3:38:a2:bf:
                    f7:16:b3:83:75:72:c2:c8:7a:fc:8f:08:c1:fa:98:
                    d9:f4:4c:8e:92:c7:32:7f:7e:9d:b8:0e:b6:50:4b:
                    78:88:b8:b3:ef:1c:29:ee:1f:61:d5:f9:eb:33:58:
                    a2:b6:e0:35:50:5c:58:9b:5b:33:5f:69:b6:46:70:
                    8e:55:22:70:fc:94:79:25:ae:c6:eb:ac:c2:21:6e:
                    d2:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:41:DA:7A:C5:3F:3E:25:77:2F:81:BB:2C:F0:3B:B0:E8:81:94:F3
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9EHaesU_PiV3L4G7LPA7sOiBlPM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.138.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         51:b4:40:08:3b:35:a3:73:6c:72:23:6a:50:28:6e:20:ff:60:
         fa:c2:c7:f4:8e:0f:4c:63:4e:2d:20:ea:34:00:1a:c1:9a:83:
         23:1f:83:80:5e:ca:a0:c5:bb:ca:a9:f5:a5:13:ed:75:e6:e1:
         86:25:df:73:be:f0:a6:82:08:71:2a:6a:05:6c:57:04:e0:b6:
         a8:f1:56:39:17:77:c6:39:b1:fe:60:d9:8a:ed:62:f5:4d:bb:
         71:93:76:a9:77:ba:ce:02:ae:3d:ae:ba:3a:4c:2a:fa:9b:01:
         47:9b:f2:d7:4a:8e:08:49:31:33:77:3c:16:74:5c:e9:59:7e:
         38:0d:e6:86:ca:0e:d8:7b:fe:47:3a:dd:dd:20:98:b7:0f:62:
         7f:14:db:c3:f0:f1:6d:f5:0b:87:9b:08:3e:fb:8b:91:54:a7:
         fd:b3:4a:53:91:a1:6a:48:ef:df:aa:69:75:f4:9b:a7:ae:ad:
         81:fd:8f:c6:c7:c2:df:f7:27:76:98:78:fc:29:24:86:5f:9b:
         58:1d:f7:0f:9c:73:e1:3e:e2:d7:aa:a1:2f:2b:bb:0f:a6:ed:
         64:80:a9:1b:eb:2b:fc:f9:3a:6e:41:fb:d6:8b:58:bc:68:11:
         2e:9a:76:cf:de:3f:e7:b9:9b:af:0a:fd:74:7c:30:18:7c:88:
         ac:68:6e:d6
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICC4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMjA5MTUw
MjQxMTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY0NDFEQTdBQzUzRjNF
MjU3NzJGODFCQjJDRjAzQkIwRTg4MTk0RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+GqTSbQKkvsXcbF+GWRv38Z7SCqrZZrLjV/pNRekJsvXHnVMD
YiS0iL8ds6f2abC2Mt7SbZHGo3kaN8RIiDhqOzSgdMXKL/Ju0wsXeAH9o2fR94Cf
B0tAHY1S3/5zLceBpVBJpF1ktrTV/tM6VbsccMZ4GouqS46jJ6JYAVEkm6W66TKb
68CUwWRzvdEUfW4flABXOTlVnRv+PPI1coBhsLj9AZVtpLovd0WjnFlw0ziiv/cW
s4N1csLIevyPCMH6mNn0TI6SxzJ/fp24DrZQS3iIuLPvHCnuH2HV+eszWKK24DVQ
XFibWzNfabZGcI5VInD8lHklrsbrrMIhbtIFAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU9EHaesU/PiV3L4G7LPA7sOiBlPMwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC85RUhhZXNVX1BpVjNMNEc3TFBB
N3NPaUJsUE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjIow
DQYJKoZIhvcNAQELBQADggEBAFG0QAg7NaNzbHIjalAobiD/YPrCx/SOD0xjTi0g
6jQAGsGagyMfg4BeyqDFu8qp9aUT7XXm4YYl33O+8KaCCHEqagVsVwTgtqjxVjkX
d8Y5sf5g2YrtYvVNu3GTdql3us4Crj2uujpMKvqbAUeb8tdKjghJMTN3PBZ0XOlZ
fjgN5obKDth7/kc63d0gmLcPYn8U28Pw8W31C4ebCD77i5FUp/2zSlORoWpI79+q
aXX0m6eurYH9j8bHwt/3J3aYePwpJIZfm1gd9w+cc+E+4teqoS8ruw+m7WSAqRvr
K/z5Om5B+9aLWLxoES6ads/eP+e5m68K/XR8MBh8iKxobtY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org