Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/B7C41_5LoCIYi4e_d1syIrHwLnM.roa
File:                     B7C41_5LoCIYi4e_d1syIrHwLnM.roa (raw, json)
Hash identifier:          OFP+s4GHO1pEMK316E1dDXcBvh6lHgCS5QmFls1EKb8=
Subject key identifier:   07:B0:B8:D7:FE:4B:A0:22:18:8B:87:BF:77:5B:32:22:B1:F0:2E:73
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       098C
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/B7C41_5LoCIYi4e_d1syIrHwLnM.roa
Signing time:             Sun 07 Feb 2021 12:38:56 +0000
ROA not before:           Sun 07 Feb 2021 12:38:56 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38844
IP address blocks:        140.122.0.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2444 (0x98c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Feb  7 12:38:56 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=07B0B8D7FE4BA022188B87BF775B3222B1F02E73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:07:1f:5e:47:72:e0:60:46:5a:f3:84:82:fa:
                    17:ec:1e:9c:ec:1f:ee:00:27:5c:b1:ae:84:ca:90:
                    5a:06:dd:32:28:bc:9a:94:e7:94:d0:17:3d:f5:e3:
                    14:63:4c:24:2c:1c:db:a3:4f:e8:39:27:78:0e:ba:
                    bd:41:de:cd:22:69:11:a6:d2:c2:fa:87:2e:df:6c:
                    ea:14:78:89:ac:99:7d:a0:12:a1:90:b6:33:cc:b5:
                    67:e3:63:58:47:4f:3b:77:4c:17:db:49:8a:71:36:
                    83:52:3b:19:eb:54:d0:72:69:91:a2:e9:a8:06:7f:
                    a4:31:b1:9f:9f:be:48:60:8d:43:fb:4c:e3:d2:70:
                    73:cc:87:dc:02:76:49:87:75:ce:4d:f7:80:d4:5a:
                    4f:08:f5:48:31:13:13:b7:55:c5:d4:6f:02:2e:e9:
                    df:05:8d:fd:bf:2b:20:e4:a0:9e:b5:0d:b0:93:18:
                    66:96:fa:b2:dc:ab:05:85:35:5c:97:dd:27:dd:44:
                    07:f1:38:72:96:2b:36:84:ec:99:7f:b6:b3:1e:94:
                    d1:0d:48:78:99:f5:17:fc:0a:14:f3:8d:a4:56:7c:
                    ed:22:ad:a2:86:b3:0b:ad:0c:49:a9:24:8a:22:b3:
                    1c:fd:47:f5:22:b4:fb:d4:e7:29:dd:58:85:4e:67:
                    ca:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:B0:B8:D7:FE:4B:A0:22:18:8B:87:BF:77:5B:32:22:B1:F0:2E:73
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/B7C41_5LoCIYi4e_d1syIrHwLnM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.122.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         0c:7a:1a:e8:38:30:c2:86:9a:6c:b0:c5:14:e5:12:81:cd:c7:
         d4:10:d0:aa:83:99:f4:7e:c8:42:ba:5c:db:a7:1e:22:a4:48:
         32:bc:d1:68:d5:17:0b:e8:39:86:a5:7b:dc:3b:e8:15:9c:1d:
         1c:d3:42:7f:4a:19:a4:59:1b:51:c1:d6:cc:29:cd:af:50:2b:
         cc:97:66:65:62:17:60:c1:1d:eb:fe:6f:40:dc:58:98:d2:41:
         03:1e:ad:62:bb:ae:7a:5a:ff:94:ec:eb:e1:32:bd:90:a4:3f:
         4a:f5:a8:c1:b6:db:79:21:4c:e4:f2:34:36:40:82:a8:30:b7:
         15:f2:a5:2e:95:97:6e:ba:c1:de:63:53:d3:5e:99:00:90:01:
         04:36:6f:bc:7c:41:26:bb:0e:4b:be:7e:91:40:58:92:db:33:
         ce:36:fe:4d:ff:d4:01:e7:1d:bc:ef:92:07:e5:f5:b5:f2:23:
         62:2c:c0:5f:89:6e:8a:b0:e0:f0:c0:e2:67:6a:2c:51:70:2d:
         ee:93:11:bb:33:7d:a1:4a:f2:aa:9a:a5:2f:75:70:94:92:7b:
         c0:ac:03:09:87:e4:f0:9a:61:f6:c6:b8:f0:22:a5:01:01:37:
         5b:31:19:fb:bb:e4:a8:58:51:5d:45:ec:47:14:14:64:c6:4b:
         6d:56:90:91
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCYwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTAyMDcx
MjM4NTZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA3QjBCOEQ3RkU0QkEw
MjIxODhCODdCRjc3NUIzMjIyQjFGMDJFNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/Bx9eR3LgYEZa84SC+hfsHpzsH+4AJ1yxroTKkFoG3TIovJqU
55TQFz314xRjTCQsHNujT+g5J3gOur1B3s0iaRGm0sL6hy7fbOoUeImsmX2gEqGQ
tjPMtWfjY1hHTzt3TBfbSYpxNoNSOxnrVNByaZGi6agGf6QxsZ+fvkhgjUP7TOPS
cHPMh9wCdkmHdc5N94DUWk8I9UgxExO3VcXUbwIu6d8Fjf2/KyDkoJ61DbCTGGaW
+rLcqwWFNVyX3SfdRAfxOHKWKzaE7Jl/trMelNENSHiZ9Rf8ChTzjaRWfO0iraKG
swutDEmpJIoisxz9R/UitPvU5yndWIVOZ8oNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUB7C41/5LoCIYi4e/d1syIrHwLnMwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9CN0M0MV81TG9DSVlpNGVfZDFz
eUlySHdMbk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHjHoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAMehroODDChppssMUU5RKBzcfUENCqg5n0fshC
ulzbpx4ipEgyvNFo1RcL6DmGpXvcO+gVnB0c00J/ShmkWRtRwdbMKc2vUCvMl2Zl
YhdgwR3r/m9A3FiY0kEDHq1iu656Wv+U7OvhMr2QpD9K9ajBttt5IUzk8jQ2QIKo
MLcV8qUulZduusHeY1PTXpkAkAEENm+8fEEmuw5Lvn6RQFiS2zPONv5N/9QB5x28
75IH5fW18iNiLMBfiW6KsODwwOJnaixRcC3ukxG7M32hSvKqmqUvdXCUknvArAMJ
h+TwmmH2xrjwIqUBATdbMRn7u+SoWFFdRexHFBRkxkttVpCR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org