Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/M-N-6MUhqxUxeZ8ZCCtvsLB-cg4.roa
File:                     M-N-6MUhqxUxeZ8ZCCtvsLB-cg4.roa (raw, json)
Hash identifier:          e/wERdFBNQ8KCngdHjkVrj8SUdlr0DbZNz5yUoDmf6Y=
Subject key identifier:   33:E3:7E:E8:C5:21:AB:15:31:79:9F:19:08:2B:6F:B0:B0:7E:72:0E
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0A98
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/M-N-6MUhqxUxeZ8ZCCtvsLB-cg4.roa
Signing time:             Wed 29 Sep 2021 02:41:25 +0000
ROA not before:           Wed 29 Sep 2021 02:41:25 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38847
IP address blocks:        140.120.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2712 (0xa98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 02:41:25 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=33E37EE8C521AB1531799F19082B6FB0B07E720E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:c9:f0:f4:cb:d2:17:d6:7d:bf:56:3b:38:da:
                    3d:ed:6e:bb:b5:84:35:ed:7e:00:59:3d:2a:16:53:
                    c0:23:b9:c6:52:7d:94:3e:78:82:a3:2c:b9:8b:bc:
                    3a:a1:b0:ae:39:32:28:6d:cf:e9:3e:7a:0b:85:d1:
                    c2:1f:12:5a:d1:c9:15:73:a0:d8:8e:9b:98:51:9a:
                    1d:5a:86:16:68:73:45:26:62:f3:65:83:27:30:5e:
                    76:0e:c8:13:c1:95:71:b0:b8:85:35:84:e6:cd:a8:
                    6b:f2:0a:5b:9e:13:98:2f:31:1d:ba:c3:99:f8:be:
                    52:c8:5c:ef:b0:b1:23:bf:4c:f4:70:60:67:56:62:
                    c8:11:64:e2:1c:3c:71:f9:61:6a:76:88:c6:a1:a9:
                    22:2e:e5:90:02:d1:9b:fe:42:6f:64:22:c1:8e:ce:
                    68:79:98:c8:aa:7f:66:90:09:1b:8d:3c:2e:f0:6e:
                    06:75:99:f5:12:7c:c9:ba:fa:0d:11:55:88:33:17:
                    a7:e1:df:cd:51:bb:8f:ef:ed:34:69:b6:05:d8:14:
                    c5:64:5a:33:f2:6d:00:f4:4a:fc:a9:e9:a3:a2:d8:
                    4e:2e:ab:42:f8:de:26:7e:f0:39:4c:43:19:79:10:
                    29:f2:8f:ea:3c:bd:d8:38:54:4f:81:45:65:27:38:
                    c9:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:E3:7E:E8:C5:21:AB:15:31:79:9F:19:08:2B:6F:B0:B0:7E:72:0E
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/M-N-6MUhqxUxeZ8ZCCtvsLB-cg4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.120.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:a6:9f:f3:f8:75:92:6d:5a:9a:bb:d0:4f:30:c8:60:3b:0f:
         13:27:75:0b:df:37:b6:7e:af:09:48:79:ae:35:18:57:d5:6c:
         5c:cd:94:9f:63:b6:ac:77:b1:8b:a3:84:fb:00:40:37:19:7e:
         af:72:cb:36:39:47:fd:63:f5:41:e6:54:e6:c9:31:09:dd:09:
         c9:1b:f9:04:b3:a2:6b:c0:8e:db:bc:89:fe:28:1d:ee:91:df:
         dc:fa:71:9c:5c:d1:50:7b:ba:c7:a4:f3:77:7e:59:f1:43:03:
         7f:7c:a0:ac:15:ce:e4:8d:cd:91:4e:aa:8c:12:89:c5:2c:a5:
         96:cb:e7:7e:95:e8:d8:96:7f:75:e7:68:be:60:d6:05:14:91:
         7e:cc:86:ac:6f:3e:b1:93:ae:5b:ff:da:32:51:53:9f:0c:8c:
         79:db:5e:88:38:8a:58:5f:09:35:90:12:c9:e1:94:f2:ab:f8:
         9b:b4:ba:60:b0:05:15:45:a7:d6:10:e9:2c:f3:ed:60:5b:95:
         34:c8:bf:d8:8a:e2:96:54:08:23:72:13:f1:b7:f4:2d:b6:59:
         d3:cd:4b:ce:db:d5:82:c5:62:ea:06:c8:86:9b:c4:67:85:c7:
         41:05:b9:01:01:18:26:f1:e4:b8:02:80:78:17:06:e3:c9:9a:
         bc:73:33:e6
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDMzRTM3RUU4QzUyMUFC
MTUzMTc5OUYxOTA4MkI2RkIwQjA3RTcyMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVyfD0y9IX1n2/Vjs42j3tbru1hDXtfgBZPSoWU8AjucZSfZQ+
eIKjLLmLvDqhsK45Mihtz+k+eguF0cIfElrRyRVzoNiOm5hRmh1ahhZoc0UmYvNl
gycwXnYOyBPBlXGwuIU1hObNqGvyClueE5gvMR26w5n4vlLIXO+wsSO/TPRwYGdW
YsgRZOIcPHH5YWp2iMahqSIu5ZAC0Zv+Qm9kIsGOzmh5mMiqf2aQCRuNPC7wbgZ1
mfUSfMm6+g0RVYgzF6fh381Ru4/v7TRptgXYFMVkWjPybQD0Svyp6aOi2E4uq0L4
3iZ+8DlMQxl5ECnyj+o8vdg4VE+BRWUnOMkRAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUM+N+6MUhqxUxeZ8ZCCtvsLB+cg4wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9NLU4tNk1VaHF4VXhlWjhaQ0N0
dnNMQi1jZzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHgw
DQYJKoZIhvcNAQELBQADggEBAIGmn/P4dZJtWpq70E8wyGA7DxMndQvfN7Z+rwlI
ea41GFfVbFzNlJ9jtqx3sYujhPsAQDcZfq9yyzY5R/1j9UHmVObJMQndCckb+QSz
omvAjtu8if4oHe6R39z6cZxc0VB7usek83d+WfFDA398oKwVzuSNzZFOqowSicUs
pZbL536V6NiWf3XnaL5g1gUUkX7MhqxvPrGTrlv/2jJRU58MjHnbXog4ilhfCTWQ
EsnhlPKr+Ju0umCwBRVFp9YQ6Szz7WBblTTIv9iK4pZUCCNyE/G39C22WdPNS87b
1YLFYuoGyIabxGeFx0EFuQEBGCbx5LgCgHgXBuPJmrxzM+Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org