Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/HT5fDrHR85orBlOep1sCJ8swDwc.roa
File:                     HT5fDrHR85orBlOep1sCJ8swDwc.roa (raw, json)
Hash identifier:          aE8ca2FM5FW9l0xruB0PQkMpyVa5YyIaGxpy6MiBHaM=
Subject key identifier:   1D:3E:5F:0E:B1:D1:F3:9A:2B:06:53:9E:A7:5B:02:27:CB:30:0F:07
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0BD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/HT5fDrHR85orBlOep1sCJ8swDwc.roa
Signing time:             Thu 15 Sep 2022 02:41:11 +0000
ROA not before:           Thu 15 Sep 2022 02:41:11 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18185
IP address blocks:        120.117.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3032 (0xbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 15 02:41:11 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=1D3E5F0EB1D1F39A2B06539EA75B0227CB300F07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7c:2e:11:4c:57:61:8a:c9:9a:05:43:9c:f9:
                    16:5c:f1:5c:2b:20:9f:35:ce:55:41:03:f4:b0:77:
                    68:d6:5f:a6:71:f2:ba:d0:ca:2b:21:a5:a7:98:33:
                    29:0c:56:c0:51:53:d6:6c:4a:a0:3c:5a:e4:31:51:
                    ee:8c:c0:de:5a:cc:ea:42:d8:16:99:d3:53:51:86:
                    17:b1:f4:a5:e2:3b:53:52:02:74:1f:e5:ad:28:7d:
                    f5:14:1d:4b:37:74:5c:19:d9:35:a2:0c:96:57:f4:
                    eb:24:2a:be:4a:4a:5f:74:e3:03:0a:23:d9:00:8d:
                    0a:15:a7:2c:86:c2:f0:31:59:49:ff:d5:bb:49:59:
                    d4:d5:e5:ef:50:44:c8:dc:ca:4d:52:a5:d8:0a:82:
                    24:97:98:38:81:51:23:cb:08:96:71:f1:33:c5:27:
                    8c:01:ca:94:fd:62:07:09:bc:c3:7c:00:39:b6:48:
                    11:8b:58:38:4d:a6:39:de:60:2e:1f:d0:37:dc:9f:
                    79:ab:6e:c4:7e:04:ac:de:9c:44:ec:4d:dd:c6:6e:
                    9a:ad:3d:7e:a6:47:d9:82:5e:5a:d4:72:59:cd:1f:
                    3f:c7:0d:03:0d:86:da:c5:11:47:5c:12:20:92:0b:
                    d3:d9:06:71:8a:66:c2:61:28:d1:da:a1:10:45:3e:
                    3d:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:3E:5F:0E:B1:D1:F3:9A:2B:06:53:9E:A7:5B:02:27:CB:30:0F:07
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/HT5fDrHR85orBlOep1sCJ8swDwc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.117.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:8b:30:60:3e:5a:ae:3d:f5:1c:d4:d4:b2:fc:67:b7:43:a3:
         97:bd:e8:6e:ab:06:f7:7b:01:ea:cb:52:fa:84:ae:68:e1:8d:
         46:22:e3:d5:be:4e:c4:e1:3f:a6:46:c1:fa:36:93:5f:be:c8:
         91:3e:57:e2:5d:c8:87:85:4a:e2:27:74:ba:98:21:d0:5a:0e:
         c7:08:89:f7:e8:05:bd:5d:76:1e:76:50:f2:a8:3f:8c:7d:de:
         c9:24:d2:45:99:97:eb:9b:a0:4a:19:5c:93:0f:0d:7b:c3:9c:
         18:bc:12:c2:90:40:f2:27:66:6c:0e:ea:3d:fb:68:40:87:9c:
         3f:1d:fe:62:6d:cb:c7:bb:d5:0d:31:6c:3d:44:4d:8e:bd:e0:
         c2:cd:1e:73:7d:e7:54:f1:9d:ea:90:f1:1b:db:de:08:f6:8f:
         e5:18:13:2e:39:0e:ff:af:c6:34:37:c4:f6:4e:20:bc:97:0b:
         48:d6:9b:14:ea:07:be:6d:a6:a1:cb:11:47:8f:60:4a:62:ee:
         b1:4b:fc:52:0b:60:29:87:f7:79:56:60:a5:68:28:53:75:74:
         3e:02:de:1a:1e:a0:31:31:65:ad:68:69:3c:2c:f9:bf:24:90:
         67:23:15:57:b2:b8:87:7e:db:68:42:e6:50:c4:d1:b0:23:be:
         c6:db:68:ac
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMjA5MTUw
MjQxMTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFEM0U1RjBFQjFEMUYz
OUEyQjA2NTM5RUE3NUIwMjI3Q0IzMDBGMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGfC4RTFdhismaBUOc+RZc8VwrIJ81zlVBA/Swd2jWX6Zx8rrQ
yishpaeYMykMVsBRU9ZsSqA8WuQxUe6MwN5azOpC2BaZ01NRhhex9KXiO1NSAnQf
5a0offUUHUs3dFwZ2TWiDJZX9OskKr5KSl904wMKI9kAjQoVpyyGwvAxWUn/1btJ
WdTV5e9QRMjcyk1SpdgKgiSXmDiBUSPLCJZx8TPFJ4wBypT9YgcJvMN8ADm2SBGL
WDhNpjneYC4f0Dfcn3mrbsR+BKzenETsTd3GbpqtPX6mR9mCXlrUclnNHz/HDQMN
htrFEUdcEiCSC9PZBnGKZsJhKNHaoRBFPj1PAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHT5fDrHR85orBlOep1sCJ8swDwcwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9IVDVmRHJIUjg1b3JCbE9lcDFz
Q0o4c3dEd2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeHUB
MA0GCSqGSIb3DQEBCwUAA4IBAQBVizBgPlquPfUc1NSy/Ge3Q6OXvehuqwb3ewHq
y1L6hK5o4Y1GIuPVvk7E4T+mRsH6NpNfvsiRPlfiXciHhUriJ3S6mCHQWg7HCIn3
6AW9XXYedlDyqD+Mfd7JJNJFmZfrm6BKGVyTDw17w5wYvBLCkEDyJ2ZsDuo9+2hA
h5w/Hf5ibcvHu9UNMWw9RE2OveDCzR5zfedU8Z3qkPEb294I9o/lGBMuOQ7/r8Y0
N8T2TiC8lwtI1psU6ge+baahyxFHj2BKYu6xS/xSC2Aph/d5VmClaChTdXQ+At4a
HqAxMWWtaGk8LPm/JJBnIxVXsriHfttoQuZQxNGwI77G22is
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org