Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/CpDXYkMoaF0bAXYZ3sSeAk6XRe4.roa
File:                     CpDXYkMoaF0bAXYZ3sSeAk6XRe4.roa (raw, json)
Hash identifier:          Bu3cW/dZIyTTqys2/9VzmHFgLbIwcWDNt7WTDiRZblE=
Subject key identifier:   0A:90:D7:62:43:28:68:5D:1B:01:76:19:DE:C4:9E:02:4E:97:45:EE
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       08F9
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CpDXYkMoaF0bAXYZ3sSeAk6XRe4.roa
Signing time:             Wed 16 Dec 2020 08:59:06 +0000
ROA not before:           Wed 16 Dec 2020 08:59:06 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9916
IP address blocks:        192.83.180.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2297 (0x8f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Dec 16 08:59:06 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=0A90D7624328685D1B017619DEC49E024E9745EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b5:01:c2:85:64:94:3a:75:9d:d3:ff:a8:48:
                    0a:fd:44:e5:80:1b:98:2d:2f:c8:98:a5:28:6d:e1:
                    e7:3d:31:6e:c5:7a:d8:23:de:1f:eb:6d:0c:ee:fe:
                    84:35:8d:89:e1:43:fc:3c:7e:d2:5d:7d:32:37:6a:
                    69:51:12:a6:83:98:75:7f:87:8b:4b:d7:41:d2:75:
                    bd:51:7b:31:2b:7e:b3:d7:01:f1:10:50:06:00:76:
                    31:7e:1c:04:39:3e:42:26:c4:b7:57:91:3c:6c:1d:
                    b7:ab:5b:72:06:c3:ec:2c:95:49:c2:cc:6e:0b:f6:
                    53:cb:ce:2c:ef:cb:35:a8:1b:35:3b:98:f9:be:2f:
                    7c:ce:19:66:a9:7a:79:c8:f3:81:c9:a0:5f:e2:77:
                    de:d9:f4:35:36:03:5c:5f:31:bb:79:73:25:0e:c1:
                    f4:66:b4:07:3e:21:de:0a:86:a1:eb:d0:db:6e:f7:
                    a9:85:15:2a:f7:0d:25:63:15:05:2c:27:2d:b3:cf:
                    8a:d5:40:3c:14:cb:98:9a:89:10:de:71:9c:ba:97:
                    26:bd:f1:84:f6:20:60:3b:ee:8a:9a:2c:67:3b:7c:
                    0a:0f:78:b8:b1:b2:c4:5e:b5:dc:66:54:3d:26:c9:
                    96:f3:82:ed:f0:b4:ec:a6:d7:91:a1:63:a3:c9:4e:
                    bd:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:90:D7:62:43:28:68:5D:1B:01:76:19:DE:C4:9E:02:4E:97:45:EE
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CpDXYkMoaF0bAXYZ3sSeAk6XRe4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.83.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:36:6c:de:57:73:e7:23:c8:1f:b7:c7:e5:e8:4b:6f:a3:16:
         43:59:a6:cd:15:53:fd:6b:b6:73:9e:3b:b2:40:90:c8:6f:46:
         7d:b9:65:3c:17:7c:20:c2:e0:b4:a2:96:d3:63:05:a8:32:69:
         d1:b8:58:57:f6:9c:33:3c:80:5a:b8:7f:5b:a2:c0:79:4e:9a:
         43:17:d5:10:3f:69:7e:74:cf:36:be:69:00:a6:6d:4a:0b:da:
         35:41:13:bc:9b:67:a7:60:31:59:c4:89:ad:a4:6f:0d:49:13:
         00:90:b0:c3:97:50:cd:b6:36:01:2d:50:98:55:98:5f:49:7f:
         0d:33:b2:a0:ee:61:e6:12:2a:05:2b:61:e7:c2:bd:1f:34:b0:
         cf:72:a4:aa:37:81:fc:ac:69:e0:cd:79:5b:28:17:b7:ba:02:
         33:5c:b1:4c:ae:3d:88:a2:a2:f2:95:30:19:82:f0:e8:e7:e8:
         9d:fc:83:49:ff:f2:56:cf:ac:5c:06:2b:a5:10:07:ba:27:6b:
         52:cc:d5:3c:d7:82:2e:fe:01:5d:d3:33:18:42:3c:05:1d:7f:
         77:6e:e1:eb:60:ca:85:24:ec:19:8c:6c:95:6c:8c:c0:af:85:
         cb:66:b0:fc:83:1d:41:76:0f:14:12:0c:0c:80:a9:56:05:87:
         cd:1d:03:63
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMDEyMTYw
ODU5MDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBBOTBENzYyNDMyODY4
NUQxQjAxNzYxOURFQzQ5RTAyNEU5NzQ1RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAtQHChWSUOnWd0/+oSAr9ROWAG5gtL8iYpSht4ec9MW7Fetgj
3h/rbQzu/oQ1jYnhQ/w8ftJdfTI3amlREqaDmHV/h4tL10HSdb1RezErfrPXAfEQ
UAYAdjF+HAQ5PkImxLdXkTxsHberW3IGw+wslUnCzG4L9lPLzizvyzWoGzU7mPm+
L3zOGWapennI84HJoF/id97Z9DU2A1xfMbt5cyUOwfRmtAc+Id4KhqHr0Ntu96mF
FSr3DSVjFQUsJy2zz4rVQDwUy5iaiRDecZy6lya98YT2IGA77oqaLGc7fAoPeLix
ssRetdxmVD0myZbzgu3wtOym15GhY6PJTr2pAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUCpDXYkMoaF0bAXYZ3sSeAk6XRe4wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9DcERYWWtNb2FGMGJBWFlaM3NT
ZUFrNlhSZTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwFO0
MA0GCSqGSIb3DQEBCwUAA4IBAQByNmzeV3PnI8gft8fl6EtvoxZDWabNFVP9a7Zz
njuyQJDIb0Z9uWU8F3wgwuC0opbTYwWoMmnRuFhX9pwzPIBauH9bosB5TppDF9UQ
P2l+dM82vmkApm1KC9o1QRO8m2enYDFZxImtpG8NSRMAkLDDl1DNtjYBLVCYVZhf
SX8NM7Kg7mHmEioFK2Hnwr0fNLDPcqSqN4H8rGngzXlbKBe3ugIzXLFMrj2IoqLy
lTAZgvDo5+id/INJ//JWz6xcBiulEAe6J2tSzNU814Iu/gFd0zMYQjwFHX93buHr
YMqFJOwZjGyVbIzAr4XLZrD8gx1Bdg8UEgwMgKlWBYfNHQNj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org