Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/BcuBMXjN4CCN1-yh2UwNm8EUbdQ.roa
File:                     BcuBMXjN4CCN1-yh2UwNm8EUbdQ.roa (raw, json)
Hash identifier:          Q4JpeMaRWz5GLnbo+hcpOFH4cK3ITuthMYdh/gRHOGQ=
Subject key identifier:   05:CB:81:31:78:CD:E0:20:8D:D7:EC:A1:D9:4C:0D:9B:C1:14:6D:D4
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       09D4
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/BcuBMXjN4CCN1-yh2UwNm8EUbdQ.roa
Signing time:             Sun 07 Feb 2021 12:39:10 +0000
ROA not before:           Sun 07 Feb 2021 12:39:10 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     1659
IP address blocks:        163.14.0.0/15 maxlen: 15

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2516 (0x9d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Feb  7 12:39:10 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=05CB813178CDE0208DD7ECA1D94C0D9BC1146DD4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:29:c2:46:0c:1f:f3:b1:6e:d4:11:94:e3:3f:
                    9e:e7:d2:f7:f7:df:ca:32:45:e2:a8:77:78:80:49:
                    ca:c0:34:05:85:d9:60:a4:06:02:23:ad:43:8f:28:
                    e6:36:7a:43:ba:8b:13:65:9e:90:4c:5a:29:8d:42:
                    12:5d:80:b7:ac:76:a0:62:69:59:5d:2e:af:95:51:
                    df:04:c1:0b:c9:58:19:d0:4d:68:b2:2f:3e:71:57:
                    11:a1:c4:3f:fa:2f:ff:47:a6:ee:12:4a:9d:d2:9c:
                    af:d0:d3:a5:74:d4:00:ab:53:ef:5f:79:32:80:b4:
                    36:3a:2f:37:b8:52:47:5d:5e:b6:e2:0b:19:d2:79:
                    15:a8:be:86:1f:f3:27:a7:f5:89:c6:f5:df:8f:95:
                    f9:51:d8:a3:91:43:fa:0f:3c:cf:9c:72:da:d5:e6:
                    52:81:ac:37:75:17:91:27:78:7f:ed:16:6a:a4:1e:
                    34:60:b2:40:03:56:3d:38:f9:42:52:5c:a7:20:0e:
                    1d:88:96:a4:a6:6c:a8:ca:0a:f0:e8:f9:86:fb:11:
                    20:2b:c2:0d:d4:e8:74:02:34:17:85:60:16:39:91:
                    60:51:96:cf:2a:e4:ba:05:8d:a5:db:6c:f7:a8:b9:
                    05:49:46:37:9c:3d:ed:f3:a6:9f:66:fd:4b:65:09:
                    10:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:CB:81:31:78:CD:E0:20:8D:D7:EC:A1:D9:4C:0D:9B:C1:14:6D:D4
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/BcuBMXjN4CCN1-yh2UwNm8EUbdQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.14.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         b5:b3:f1:55:1e:f1:64:68:ca:5b:9a:0e:e6:c6:e3:b8:10:19:
         f6:de:0a:65:42:3b:6c:18:36:39:05:5d:11:2a:9f:95:79:e8:
         d7:8f:bb:b2:6c:ed:66:e4:95:5d:4d:1a:9c:b8:72:58:9a:e1:
         4a:2f:5f:d6:3b:2a:03:3a:2d:f1:06:ed:9a:d2:a5:fd:19:0a:
         f8:b8:b8:5a:d4:c2:5e:eb:3d:56:b9:e7:d1:3b:6c:c5:15:51:
         cc:b2:8d:f8:55:90:f7:12:23:47:39:72:05:df:93:f3:c5:66:
         c8:c6:61:8d:0f:6a:c5:87:66:bc:c7:f8:2c:b5:84:68:62:f9:
         f4:3c:9e:41:e1:02:00:52:ad:5d:34:d9:2d:2b:6d:7d:5d:12:
         3b:51:d9:13:3f:76:9f:71:36:d8:41:37:00:34:44:34:e2:39:
         6d:be:bc:15:51:10:6f:c1:ac:37:08:4f:57:6e:f1:83:92:29:
         23:10:4a:24:ac:28:20:6b:d1:94:0a:ed:fb:d8:fe:53:07:27:
         a1:23:39:6f:f2:18:17:04:45:f7:08:2f:a5:f3:7f:0f:a1:ea:
         2b:c5:9d:7e:cf:40:33:4d:76:13:c9:b0:2f:a7:b2:84:58:1e:
         58:eb:bb:1b:fb:fd:23:3b:fc:cf:4b:58:a7:6b:cf:7e:e8:10:
         44:c0:51:4d
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCdQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTAyMDcx
MjM5MTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA1Q0I4MTMxNzhDREUw
MjA4REQ3RUNBMUQ5NEMwRDlCQzExNDZERDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuKcJGDB/zsW7UEZTjP57n0vf338oyReKod3iAScrANAWF2WCk
BgIjrUOPKOY2ekO6ixNlnpBMWimNQhJdgLesdqBiaVldLq+VUd8EwQvJWBnQTWiy
Lz5xVxGhxD/6L/9Hpu4SSp3SnK/Q06V01ACrU+9feTKAtDY6Lze4UkddXrbiCxnS
eRWovoYf8yen9YnG9d+PlflR2KORQ/oPPM+cctrV5lKBrDd1F5EneH/tFmqkHjRg
skADVj04+UJSXKcgDh2IlqSmbKjKCvDo+Yb7ESArwg3U6HQCNBeFYBY5kWBRls8q
5LoFjaXbbPeouQVJRjecPe3zpp9m/UtlCRAjAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUBcuBMXjN4CCN1+yh2UwNm8EUbdQwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9CY3VCTVhqTjRDQ04xLXloMlV3
Tm04RVViZFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBow4w
DQYJKoZIhvcNAQELBQADggEBALWz8VUe8WRoyluaDubG47gQGfbeCmVCO2wYNjkF
XREqn5V56NePu7Js7WbklV1NGpy4clia4UovX9Y7KgM6LfEG7ZrSpf0ZCvi4uFrU
wl7rPVa559E7bMUVUcyyjfhVkPcSI0c5cgXfk/PFZsjGYY0PasWHZrzH+Cy1hGhi
+fQ8nkHhAgBSrV002S0rbX1dEjtR2RM/dp9xNthBNwA0RDTiOW2+vBVREG/BrDcI
T1du8YOSKSMQSiSsKCBr0ZQK7fvY/lMHJ6EjOW/yGBcERfcIL6Xzfw+h6ivFnX7P
QDNNdhPJsC+nsoRYHljruxv7/SM7/M9LWKdrz37oEETAUU0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org