Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/9QxJU6DboS0q3VqTC2P2tfB75hE.roa
File:                     9QxJU6DboS0q3VqTC2P2tfB75hE.roa (raw, json)
Hash identifier:          sRJz+f4WsN8LRpIQtjwx1+E204DsZUAOttDaPFgJd5w=
Subject key identifier:   F5:0C:49:53:A0:DB:A1:2D:2A:DD:5A:93:0B:63:F6:B5:F0:7B:E6:11
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0A88
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9QxJU6DboS0q3VqTC2P2tfB75hE.roa
Signing time:             Wed 29 Sep 2021 02:41:20 +0000
ROA not before:           Wed 29 Sep 2021 02:41:20 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9916
IP address blocks:        140.129.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2696 (0xa88)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 02:41:20 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=F50C4953A0DBA12D2ADD5A930B63F6B5F07BE611
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:87:ee:c6:e1:dc:ce:42:d3:a7:7c:cf:c6:a6:
                    6f:e6:29:d6:b2:49:ac:ed:7b:2e:63:02:4f:3a:61:
                    7e:b5:b2:6f:32:4a:ce:26:fe:e3:c9:88:71:27:3c:
                    9a:3c:bf:e3:a8:60:0b:2d:c1:8e:72:27:e4:fd:8a:
                    37:c1:0d:64:b8:4b:f2:60:16:ba:a8:d2:42:28:bb:
                    d4:74:a2:42:5b:c2:91:03:f1:9d:d3:3a:cc:dd:b6:
                    c5:a4:7d:99:05:63:5c:a5:94:cb:b0:9b:80:24:a3:
                    13:db:a1:32:06:c8:40:e1:5d:61:31:8e:00:ac:fb:
                    ec:21:80:63:50:e9:fd:fc:fd:de:15:d2:ca:d8:de:
                    d9:b9:d4:e1:01:a6:63:6c:ac:8f:ed:9c:1b:cd:53:
                    b4:b8:0f:4c:4f:04:6d:96:1d:4c:0c:13:85:26:07:
                    8f:c5:81:02:15:d5:b1:83:72:d3:9f:fe:b0:c1:29:
                    22:cd:ca:46:57:b6:42:5d:45:f6:44:72:af:6f:3b:
                    2f:7c:96:19:9a:4f:ae:eb:d3:bc:d1:08:10:7e:71:
                    a1:66:0a:2e:eb:36:a9:ff:7a:15:f2:94:43:01:d2:
                    c7:8d:9f:43:82:d1:44:ee:a8:9d:c8:27:0a:f8:44:
                    de:95:65:67:00:40:dc:6e:bf:d7:e2:89:47:72:f8:
                    0e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:0C:49:53:A0:DB:A1:2D:2A:DD:5A:93:0B:63:F6:B5:F0:7B:E6:11
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9QxJU6DboS0q3VqTC2P2tfB75hE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.129.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:8f:e3:dc:5c:f2:68:24:38:dd:3d:71:b6:b1:e2:f6:38:da:
         da:4a:26:33:c0:23:26:b5:5d:2a:f5:ff:83:5d:7c:4e:b2:d2:
         5b:f4:7e:db:be:b1:d7:8c:27:0c:6c:31:f1:0d:ff:c2:cc:4c:
         dc:b1:95:8e:d5:d9:3a:74:42:10:7b:b4:bc:9f:42:ad:31:09:
         48:17:ee:98:26:16:93:28:90:b0:04:76:8f:c0:cd:11:12:12:
         4d:b4:35:d1:2b:88:c9:10:61:76:ca:ab:d8:b1:ea:4a:3b:70:
         fe:30:50:03:fc:cf:ae:fb:3f:53:b5:ae:65:a6:6b:72:2f:36:
         37:04:e0:0a:69:7a:63:08:f1:f8:0c:6a:7e:99:cd:d5:a9:7f:
         86:ea:58:41:b5:21:ee:06:33:0a:28:3c:5a:fc:11:d0:c1:a7:
         bf:3d:f9:1e:ac:b4:a9:f1:2a:13:2e:54:e9:9e:49:7e:e4:ac:
         51:8f:7e:1f:0d:8e:bc:ce:d9:b6:99:c2:ec:d0:87:5b:f1:f9:
         89:22:cf:e1:e5:58:57:c1:01:24:bb:be:bc:4c:ff:c0:e7:06:
         88:0e:82:8b:74:09:e4:b5:38:ab:bb:c4:76:51:19:b2:2c:7b:
         3b:ba:ad:7e:02:dd:dd:a9:1a:d3:00:d8:db:d7:bd:01:a2:4d:
         06:20:69:6e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEY1MEM0OTUzQTBEQkEx
MkQyQURENUE5MzBCNjNGNkI1RjA3QkU2MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvh+7G4dzOQtOnfM/Gpm/mKdaySaztey5jAk86YX61sm8ySs4m
/uPJiHEnPJo8v+OoYAstwY5yJ+T9ijfBDWS4S/JgFrqo0kIou9R0okJbwpED8Z3T
OszdtsWkfZkFY1yllMuwm4AkoxPboTIGyEDhXWExjgCs++whgGNQ6f38/d4V0srY
3tm51OEBpmNsrI/tnBvNU7S4D0xPBG2WHUwME4UmB4/FgQIV1bGDctOf/rDBKSLN
ykZXtkJdRfZEcq9vOy98lhmaT67r07zRCBB+caFmCi7rNqn/ehXylEMB0seNn0OC
0UTuqJ3IJwr4RN6VZWcAQNxuv9fiiUdy+A7rAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU9QxJU6DboS0q3VqTC2P2tfB75hEwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC85UXhKVTZEYm9TMHEzVnFUQzJQ
MnRmQjc1aEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjIEz
MA0GCSqGSIb3DQEBCwUAA4IBAQCRj+PcXPJoJDjdPXG2seL2ONraSiYzwCMmtV0q
9f+DXXxOstJb9H7bvrHXjCcMbDHxDf/CzEzcsZWO1dk6dEIQe7S8n0KtMQlIF+6Y
JhaTKJCwBHaPwM0REhJNtDXRK4jJEGF2yqvYsepKO3D+MFAD/M+u+z9Tta5lpmty
LzY3BOAKaXpjCPH4DGp+mc3VqX+G6lhBtSHuBjMKKDxa/BHQwae/PfkerLSp8SoT
LlTpnkl+5KxRj34fDY68ztm2mcLs0Idb8fmJIs/h5VhXwQEku768TP/A5waIDoKL
dAnktTiru8R2URmyLHs7uq1+At3dqRrTANjb170Bok0GIGlu
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org