Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/ItGkk8aOZw0Hke_xVY8gqru1gEw.roa
File:                     ItGkk8aOZw0Hke_xVY8gqru1gEw.roa (raw, json)
Hash identifier:          ORoeYnC5q+LTwXshCHi625IXh7Ct01w+gN7IaIKj5Ik=
Subject key identifier:   22:D1:A4:93:C6:8E:67:0D:07:91:EF:F1:55:8F:20:AA:BB:B5:80:4C
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0B8A
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/ItGkk8aOZw0Hke_xVY8gqru1gEw.roa
Signing time:             Thu 15 Sep 2022 02:41:20 +0000
ROA not before:           Thu 15 Sep 2022 02:41:20 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9916
IP address blocks:        140.129.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2954 (0xb8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 15 02:41:20 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=22D1A493C68E670D0791EFF1558F20AABBB5804C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:62:f4:01:b6:d4:b8:2e:54:ed:20:13:cd:ba:
                    fa:4b:82:c3:ad:f0:31:1e:6b:1f:62:3e:6c:f7:93:
                    d6:78:12:2e:cb:e6:ee:98:42:ac:65:a5:9d:40:a7:
                    5a:93:35:da:c8:9a:be:6a:4c:fc:eb:18:77:1b:db:
                    71:23:96:ed:0f:26:08:af:b4:32:54:fb:1e:82:e6:
                    fd:50:2b:c0:c2:e4:8f:ef:28:8c:62:bc:ba:d8:b3:
                    3b:dc:f7:67:cf:18:be:eb:3c:6f:ba:c6:d1:23:4e:
                    67:c7:ce:de:70:b1:f5:7d:46:29:ed:4e:c7:eb:1d:
                    fb:c7:7a:fa:a9:c3:6f:73:da:99:95:f7:d7:79:ba:
                    71:dd:73:38:f9:6a:f1:14:9b:76:3e:d1:e3:6c:b1:
                    9f:46:2c:d5:cd:2f:35:3f:bd:59:b9:47:f5:78:9d:
                    53:9a:4a:6b:57:08:b7:fe:c3:e5:84:2d:9f:c7:1f:
                    30:b8:51:8a:64:9b:dd:1a:14:35:e6:54:77:71:f7:
                    e4:1d:c0:7c:11:4b:90:d3:5a:82:fa:02:70:e3:9f:
                    cf:21:a1:1b:ae:0f:85:cb:8e:7a:1f:60:e6:85:6d:
                    d6:59:be:c1:01:be:f9:ce:97:58:b4:a1:b5:c7:e6:
                    d8:23:68:a1:43:8a:b2:d9:f6:e9:67:e0:43:8a:00:
                    5c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D1:A4:93:C6:8E:67:0D:07:91:EF:F1:55:8F:20:AA:BB:B5:80:4C
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/ItGkk8aOZw0Hke_xVY8gqru1gEw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.129.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:89:63:c7:83:64:d4:08:e9:8d:56:fc:6d:dd:57:5d:8b:6f:
         3f:44:2e:57:26:52:5f:de:22:14:c3:a6:67:9a:e7:dd:8f:d1:
         5e:7c:59:1f:c5:4e:5b:fe:c2:a8:33:2f:e1:8d:7c:33:7e:a5:
         5a:f8:26:d7:dc:82:2a:56:25:a3:f7:b8:8f:00:5a:b7:ef:fb:
         e9:82:ca:1c:c4:15:b8:4c:ec:c9:94:61:a2:00:6d:83:b9:8a:
         13:1b:10:f9:1d:14:f0:c3:2c:69:b8:cc:e5:74:8e:60:b3:a0:
         56:cd:61:46:73:c8:04:43:d4:f2:98:cb:75:30:6e:a2:32:57:
         de:52:f0:73:15:4e:6f:35:37:c7:6e:28:ae:d5:d6:a9:3d:48:
         65:ab:eb:e5:a3:a5:ae:6f:2b:3a:08:8a:7d:25:94:e9:84:7c:
         7b:6e:74:87:e9:6f:84:f1:0f:60:ce:67:74:1a:f1:3d:f0:a5:
         3d:d5:eb:de:68:a7:a8:09:ed:a1:73:b6:3a:38:30:83:89:5c:
         e9:58:a8:2c:b3:30:81:41:2e:ef:e7:fe:da:c5:10:2c:df:20:
         66:ee:7b:25:70:05:a0:0c:3b:af:43:bf:c9:d4:fb:e1:60:56:
         b7:c2:5b:8b:68:63:8c:a0:ac:89:30:d3:81:32:5a:d2:2c:3a:
         93:1c:b0:0c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMjA5MTUw
MjQxMjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIyRDFBNDkzQzY4RTY3
MEQwNzkxRUZGMTU1OEYyMEFBQkJCNTgwNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoYvQBttS4LlTtIBPNuvpLgsOt8DEeax9iPmz3k9Z4Ei7L5u6Y
QqxlpZ1Ap1qTNdrImr5qTPzrGHcb23Ejlu0PJgivtDJU+x6C5v1QK8DC5I/vKIxi
vLrYszvc92fPGL7rPG+6xtEjTmfHzt5wsfV9RintTsfrHfvHevqpw29z2pmV99d5
unHdczj5avEUm3Y+0eNssZ9GLNXNLzU/vVm5R/V4nVOaSmtXCLf+w+WELZ/HHzC4
UYpkm90aFDXmVHdx9+QdwHwRS5DTWoL6AnDjn88hoRuuD4XLjnofYOaFbdZZvsEB
vvnOl1i0obXH5tgjaKFDirLZ9uln4EOKAFyvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUItGkk8aOZw0Hke/xVY8gqru1gEwwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9JdEdrazhhT1p3MEhrZV94Vlk4
Z3FydTFnRXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjIEz
MA0GCSqGSIb3DQEBCwUAA4IBAQBliWPHg2TUCOmNVvxt3Vddi28/RC5XJlJf3iIU
w6Znmufdj9FefFkfxU5b/sKoMy/hjXwzfqVa+CbX3IIqViWj97iPAFq37/vpgsoc
xBW4TOzJlGGiAG2DuYoTGxD5HRTwwyxpuMzldI5gs6BWzWFGc8gEQ9TymMt1MG6i
MlfeUvBzFU5vNTfHbiiu1dapPUhlq+vlo6Wubys6CIp9JZTphHx7bnSH6W+E8Q9g
zmd0GvE98KU91eveaKeoCe2hc7Y6ODCDiVzpWKgsszCBQS7v5/7axRAs3yBm7nsl
cAWgDDuvQ7/J1PvhYFa3wluLaGOMoKyJMNOBMlrSLDqTHLAM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org