Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/HDlOlIqh4zkM2scNsisWpa5QIUw.roa
File:                     HDlOlIqh4zkM2scNsisWpa5QIUw.roa (raw, json)
Hash identifier:          XnXq+Xf8AQCHYgdyj0W4aHGAJdZMpMLkIlfywAgzeZg=
Subject key identifier:   1C:39:4E:94:8A:A1:E3:39:0C:DA:C7:0D:B2:2B:16:A5:AE:50:21:4C
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       09B0
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/HDlOlIqh4zkM2scNsisWpa5QIUw.roa
Signing time:             Sun 07 Feb 2021 12:38:26 +0000
ROA not before:           Sun 07 Feb 2021 12:38:26 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18185
IP address blocks:        120.117.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2480 (0x9b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Feb  7 12:38:26 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=1C394E948AA1E3390CDAC70DB22B16A5AE50214C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:5c:fc:ac:4e:6b:60:cf:64:eb:25:19:bf:3c:
                    16:a2:0b:73:77:46:42:a0:ad:e6:d9:ba:f2:2e:5b:
                    30:cc:07:1c:cf:dc:b2:84:bc:33:4a:39:0d:00:00:
                    eb:c7:f7:b3:03:47:a2:41:45:32:af:b3:ec:bf:5b:
                    6c:03:c8:34:3d:5b:a6:fe:1e:e5:9e:3f:2c:6a:9e:
                    72:48:96:a1:b1:db:a7:91:ef:f2:17:f0:ba:2b:62:
                    13:b3:46:30:9f:47:5f:53:d2:c9:9f:72:c9:be:61:
                    93:47:19:51:d0:33:a3:4f:29:03:d5:9b:1d:c2:b0:
                    53:3b:d4:05:bf:30:88:10:2d:87:84:9b:79:0c:98:
                    7d:e2:a7:97:5b:3f:aa:97:40:3c:f8:78:a2:8b:08:
                    58:8e:f3:f8:32:95:c6:f5:82:cb:52:8d:1b:21:de:
                    e7:49:02:e5:92:7a:41:d0:2b:83:95:21:8d:87:69:
                    1e:44:49:dc:71:5d:d0:a6:08:ff:dd:21:3d:f6:a3:
                    b4:18:fc:a4:24:8f:bc:59:0d:0e:4f:4b:b7:94:07:
                    4d:af:c7:61:a7:64:50:a8:98:ea:0d:7a:cf:74:ba:
                    2b:f1:65:c0:26:89:50:4a:fe:cb:a4:c8:b8:45:07:
                    71:9d:5d:52:4b:35:e1:cc:f9:4a:fb:0e:5c:53:a2:
                    94:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:39:4E:94:8A:A1:E3:39:0C:DA:C7:0D:B2:2B:16:A5:AE:50:21:4C
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/HDlOlIqh4zkM2scNsisWpa5QIUw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.117.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:75:d0:06:22:d0:49:dd:45:fb:ed:ab:13:9a:90:d4:f3:c6:
         34:c3:ca:a2:ef:56:86:79:2f:37:01:35:bd:60:fb:07:b2:39:
         72:5b:47:24:8b:b1:3e:4f:50:4f:da:db:8d:16:8e:d8:81:b7:
         9e:56:6d:b9:09:37:61:e1:35:8c:53:d9:07:b3:95:da:94:57:
         7b:80:c1:06:87:87:b3:6d:79:56:0e:a1:e9:9d:0a:04:d7:07:
         f1:f5:73:28:a4:13:56:01:02:e0:8a:3b:18:c5:12:06:42:ae:
         38:b2:10:6d:5d:8f:44:70:c6:92:2a:d8:a2:00:25:81:90:da:
         ea:a1:7e:ae:cb:ab:f8:48:f3:d3:2d:ab:b2:58:85:c0:98:ec:
         f5:bc:bf:8e:0f:75:ea:5f:34:2d:0d:27:92:26:46:ca:14:c4:
         5a:a2:06:f4:22:12:62:1b:dc:f3:5d:9b:e8:0d:fe:6c:69:77:
         89:d6:6d:10:fe:4b:d6:39:d8:34:18:11:67:9c:e0:8b:9c:99:
         cf:45:10:ce:93:ca:ef:60:a7:aa:08:d8:b8:d9:f6:f7:46:80:
         4c:e3:41:d1:91:80:3b:b9:87:bc:ea:60:be:90:69:6a:60:b5:
         2e:e7:6d:a4:07:69:93:c4:74:d3:7e:03:23:ff:6e:c9:67:97:
         16:1c:73:44
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTAyMDcx
MjM4MjZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFDMzk0RTk0OEFBMUUz
MzkwQ0RBQzcwREIyMkIxNkE1QUU1MDIxNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSXPysTmtgz2TrJRm/PBaiC3N3RkKgrebZuvIuWzDMBxzP3LKE
vDNKOQ0AAOvH97MDR6JBRTKvs+y/W2wDyDQ9W6b+HuWePyxqnnJIlqGx26eR7/IX
8LorYhOzRjCfR19T0smfcsm+YZNHGVHQM6NPKQPVmx3CsFM71AW/MIgQLYeEm3kM
mH3ip5dbP6qXQDz4eKKLCFiO8/gylcb1gstSjRsh3udJAuWSekHQK4OVIY2HaR5E
SdxxXdCmCP/dIT32o7QY/KQkj7xZDQ5PS7eUB02vx2GnZFComOoNes90uivxZcAm
iVBK/sukyLhFB3GdXVJLNeHM+Ur7DlxTopRhAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHDlOlIqh4zkM2scNsisWpa5QIUwwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9IRGxPbElxaDR6a00yc2NOc2lz
V3BhNVFJVXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeHUB
MA0GCSqGSIb3DQEBCwUAA4IBAQB0ddAGItBJ3UX77asTmpDU88Y0w8qi71aGeS83
ATW9YPsHsjlyW0cki7E+T1BP2tuNFo7YgbeeVm25CTdh4TWMU9kHs5XalFd7gMEG
h4ezbXlWDqHpnQoE1wfx9XMopBNWAQLgijsYxRIGQq44shBtXY9EcMaSKtiiACWB
kNrqoX6uy6v4SPPTLauyWIXAmOz1vL+OD3XqXzQtDSeSJkbKFMRaogb0IhJiG9zz
XZvoDf5saXeJ1m0Q/kvWOdg0GBFnnOCLnJnPRRDOk8rvYKeqCNi42fb3RoBM40HR
kYA7uYe86mC+kGlqYLUu522kB2mTxHTTfgMj/27JZ5cWHHNE
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org