Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/JfE2-wgVK6l4R5eXZ9bXd-4vgX8.roa
File:                     JfE2-wgVK6l4R5eXZ9bXd-4vgX8.roa (raw, json)
Hash identifier:          AG4YSA9XMxN0MH6Z7mZo4qj1iLZWhz+J6dMqq2ENH7I=
Subject key identifier:   25:F1:36:FB:08:15:2B:A9:78:47:97:97:67:D6:D7:77:EE:2F:81:7F
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       08F7
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/JfE2-wgVK6l4R5eXZ9bXd-4vgX8.roa
Signing time:             Wed 16 Dec 2020 08:58:49 +0000
ROA not before:           Wed 16 Dec 2020 08:58:49 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9916
IP address blocks:        192.83.179.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2295 (0x8f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Dec 16 08:58:49 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=25F136FB08152BA97847979767D6D777EE2F817F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:42:cc:65:04:04:4a:c5:20:16:6f:8e:77:71:
                    79:f6:44:a9:f8:5a:d8:61:2a:0d:ff:d7:a5:f1:5b:
                    ac:e0:37:a9:46:12:d7:78:a8:71:4a:fb:de:79:ee:
                    7d:ff:0a:fc:74:a1:64:87:11:74:95:50:01:1b:28:
                    83:2c:1d:db:d2:88:26:6c:c1:7c:f9:79:ea:8a:94:
                    ea:c9:72:1c:f5:b9:b3:ef:e0:6d:27:76:25:41:3c:
                    e4:39:d2:ae:4f:63:08:5b:e1:9a:f7:b3:f6:31:07:
                    ed:ff:e2:08:0f:fb:8c:f4:3a:c3:13:3c:e6:d6:79:
                    9d:aa:56:47:92:12:ef:ed:b8:8b:61:47:35:e6:6f:
                    00:f8:94:70:0c:0a:3c:cb:cb:07:eb:3d:fa:59:60:
                    fa:0a:26:7b:49:6e:5b:8b:bf:22:0b:f4:cf:a5:14:
                    a9:21:03:f3:91:38:c0:d3:ee:7d:c5:ce:ec:81:c2:
                    b6:cd:78:04:39:b6:63:41:dd:e3:02:e8:56:46:75:
                    a4:d0:e2:75:9b:a7:6b:fc:44:d5:70:0a:26:05:2b:
                    ac:57:f5:20:55:e7:af:ae:b8:3a:24:16:90:2c:6b:
                    1c:a5:f4:c3:50:a8:d1:01:37:df:28:a8:70:6a:1c:
                    91:1a:37:a7:77:73:6e:bb:66:f1:85:0d:31:75:1f:
                    f7:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:F1:36:FB:08:15:2B:A9:78:47:97:97:67:D6:D7:77:EE:2F:81:7F
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/JfE2-wgVK6l4R5eXZ9bXd-4vgX8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.83.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:99:f4:aa:ab:a6:7a:22:2a:91:16:f9:35:dd:1b:80:b5:e9:
         1b:81:b3:87:55:3b:8f:36:86:67:cc:4d:15:ec:3c:bb:3a:21:
         34:51:1b:b5:88:80:ca:f2:8e:dd:2e:6b:e8:42:e3:9e:77:a5:
         20:3e:b2:30:32:a9:2d:8f:b7:70:34:91:d8:74:39:7a:54:93:
         00:42:46:b5:00:4c:c3:41:ce:ce:8c:8b:d4:b3:41:16:cb:a3:
         1f:ef:ab:7a:8c:7d:90:a9:72:23:96:c9:df:4e:cb:bc:fd:dd:
         d0:0c:33:e3:6c:c2:f0:fb:c6:13:97:05:95:b7:78:b7:12:6e:
         85:23:f5:19:f9:a4:90:51:20:ff:51:14:47:16:a1:7a:ae:c9:
         23:13:b5:19:f4:77:09:0d:c9:d1:77:f5:fd:44:60:26:59:f3:
         63:41:8a:c3:95:c5:6d:ef:7c:7d:15:ba:57:cb:d8:03:9f:ad:
         a5:24:b1:75:61:cf:d2:50:b3:27:40:8f:aa:6e:dc:99:ff:49:
         84:39:f6:a5:09:dc:75:ec:ed:8f:46:cb:66:33:67:ab:56:79:
         17:68:e6:68:19:ae:68:56:a1:10:86:a9:36:74:d2:d6:cc:13:
         26:69:a2:62:f9:54:43:d8:75:f4:d6:88:8f:b5:01:19:35:2e:
         a6:41:bb:0d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMDEyMTYw
ODU4NDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI1RjEzNkZCMDgxNTJC
QTk3ODQ3OTc5NzY3RDZENzc3RUUyRjgxN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDQsxlBARKxSAWb453cXn2RKn4WthhKg3/16XxW6zgN6lGEtd4
qHFK+9557n3/Cvx0oWSHEXSVUAEbKIMsHdvSiCZswXz5eeqKlOrJchz1ubPv4G0n
diVBPOQ50q5PYwhb4Zr3s/YxB+3/4ggP+4z0OsMTPObWeZ2qVkeSEu/tuIthRzXm
bwD4lHAMCjzLywfrPfpZYPoKJntJbluLvyIL9M+lFKkhA/OROMDT7n3FzuyBwrbN
eAQ5tmNB3eMC6FZGdaTQ4nWbp2v8RNVwCiYFK6xX9SBV56+uuDokFpAsaxyl9MNQ
qNEBN98oqHBqHJEaN6d3c267ZvGFDTF1H/cnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUJfE2+wgVK6l4R5eXZ9bXd+4vgX8wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9KZkUyLXdnVks2bDRSNWVYWjli
WGQtNHZnWDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwFOz
MA0GCSqGSIb3DQEBCwUAA4IBAQCTmfSqq6Z6IiqRFvk13RuAtekbgbOHVTuPNoZn
zE0V7Dy7OiE0URu1iIDK8o7dLmvoQuOed6UgPrIwMqktj7dwNJHYdDl6VJMAQka1
AEzDQc7OjIvUs0EWy6Mf76t6jH2QqXIjlsnfTsu8/d3QDDPjbMLw+8YTlwWVt3i3
Em6FI/UZ+aSQUSD/URRHFqF6rskjE7UZ9HcJDcnRd/X9RGAmWfNjQYrDlcVt73x9
FbpXy9gDn62lJLF1Yc/SULMnQI+qbtyZ/0mEOfalCdx17O2PRstmM2erVnkXaOZo
Ga5oVqEQhqk2dNLWzBMmaaJi+VRD2HX01oiPtQEZNS6mQbsN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org