Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/PENpUuoFejtzGsy0zmjH5JbYZso.roa
File:                     PENpUuoFejtzGsy0zmjH5JbYZso.roa (raw, json)
Hash identifier:          fGJG9X/Cvyee/uJXHgovQVsDQVbbG7Df/MSVO8s+zPY=
Subject key identifier:   3C:43:69:52:EA:05:7A:3B:73:1A:CC:B4:CE:68:C7:E4:96:D8:66:CA
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0BD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/PENpUuoFejtzGsy0zmjH5JbYZso.roa
Signing time:             Thu 15 Sep 2022 02:41:21 +0000
ROA not before:           Thu 15 Sep 2022 02:41:21 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131150
IP address blocks:        120.119.254.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3032 (0xbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 15 02:41:21 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=3C436952EA057A3B731ACCB4CE68C7E496D866CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:0f:04:e3:e3:aa:5a:72:70:c6:72:53:73:bc:
                    24:33:ed:5e:ff:27:eb:22:79:22:84:3a:5d:94:6a:
                    15:f1:c6:a5:3d:fc:ce:69:26:4d:27:ab:7d:9c:32:
                    bd:cf:89:34:d2:84:af:9a:e3:0f:33:ea:a8:99:a2:
                    cb:88:6c:96:14:a4:46:19:b3:b1:9e:0d:30:42:f5:
                    50:e4:76:d1:a6:4c:85:9d:08:3a:8f:a3:07:19:93:
                    87:c3:50:8f:a8:63:cc:e1:88:f5:1e:0f:da:46:2a:
                    97:d4:9b:c2:bc:d2:45:cb:16:29:18:19:e5:44:b1:
                    6a:53:52:9c:70:75:1b:ad:9b:e5:d8:f0:41:46:23:
                    c9:4b:1f:a2:97:4b:39:ec:c9:21:4c:44:2c:f8:63:
                    1d:ee:fd:62:3c:4a:36:64:15:91:0f:6e:36:cd:6a:
                    31:d3:cb:1d:70:39:92:77:a7:e4:ce:eb:68:78:27:
                    93:6c:50:a8:fa:f3:10:85:33:43:82:fe:5d:cb:cf:
                    9e:0f:cc:0d:74:78:c7:b4:d1:8e:4c:06:54:1d:9d:
                    28:04:ca:46:2f:46:18:c1:fd:08:e0:f9:77:e1:9b:
                    81:08:7c:19:00:78:ba:14:7c:3e:40:4d:23:ed:25:
                    d3:18:37:64:79:b7:9f:a2:b6:45:ff:a8:fd:1c:80:
                    49:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:43:69:52:EA:05:7A:3B:73:1A:CC:B4:CE:68:C7:E4:96:D8:66:CA
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/PENpUuoFejtzGsy0zmjH5JbYZso.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.119.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:8f:91:78:f2:a5:0d:ed:00:da:7a:a1:4e:13:27:61:cd:d1:
         e9:7f:a2:ea:f0:be:3e:4f:9e:9d:90:e5:3c:39:bb:11:b0:3e:
         e4:9c:3d:af:1c:5e:60:70:16:b8:5e:09:88:7b:4a:1a:b5:82:
         1c:bc:cc:f1:33:8a:d3:6e:60:1a:25:e2:9f:4e:5d:b5:9f:d8:
         ce:6e:49:ee:50:ec:b8:fa:e2:82:b5:db:69:9c:fb:de:95:7c:
         55:95:eb:de:18:4e:93:d1:c4:a0:95:06:cb:77:5e:06:98:04:
         ec:05:01:62:8d:20:2b:75:00:14:cb:de:f8:b9:16:85:f3:36:
         98:cf:e7:24:b9:f9:2e:a6:f0:b2:f3:fd:e7:b7:e3:3e:70:77:
         50:71:d3:30:53:b2:16:a7:c2:3f:f8:64:54:5a:ba:e3:3e:44:
         ab:ca:fc:b5:bf:66:e7:df:c5:a4:b1:52:f5:33:ab:42:82:a4:
         6e:38:98:fd:f3:6f:c1:35:b8:b6:e8:52:32:4a:15:92:0f:39:
         1a:53:e8:ec:fb:ba:f6:9e:22:bc:52:25:7b:66:d2:fb:be:91:
         71:54:8d:6a:9e:93:72:7f:b3:f6:08:d6:9e:58:c1:0b:6e:1b:
         6d:dc:65:e5:3a:0c:9c:b5:31:0f:b0:40:f5:99:7f:ee:2b:ee:
         71:8d:0f:e1
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMjA5MTUw
MjQxMjFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNDNDM2OTUyRUEwNTdB
M0I3MzFBQ0NCNENFNjhDN0U0OTZEODY2Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNDwTj46pacnDGclNzvCQz7V7/J+sieSKEOl2UahXxxqU9/M5p
Jk0nq32cMr3PiTTShK+a4w8z6qiZosuIbJYUpEYZs7GeDTBC9VDkdtGmTIWdCDqP
owcZk4fDUI+oY8zhiPUeD9pGKpfUm8K80kXLFikYGeVEsWpTUpxwdRutm+XY8EFG
I8lLH6KXSznsySFMRCz4Yx3u/WI8SjZkFZEPbjbNajHTyx1wOZJ3p+TO62h4J5Ns
UKj68xCFM0OC/l3Lz54PzA10eMe00Y5MBlQdnSgEykYvRhjB/Qjg+Xfhm4EIfBkA
eLoUfD5ATSPtJdMYN2R5t5+itkX/qP0cgEnXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUPENpUuoFejtzGsy0zmjH5JbYZsowHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9QRU5wVXVvRmVqdHpHc3kwem1q
SDVKYllac28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBeHf+
MA0GCSqGSIb3DQEBCwUAA4IBAQBGj5F48qUN7QDaeqFOEydhzdHpf6Lq8L4+T56d
kOU8ObsRsD7knD2vHF5gcBa4XgmIe0oatYIcvMzxM4rTbmAaJeKfTl21n9jObknu
UOy4+uKCtdtpnPvelXxVleveGE6T0cSglQbLd14GmATsBQFijSArdQAUy974uRaF
8zaYz+ckufkupvCy8/3nt+M+cHdQcdMwU7IWp8I/+GRUWrrjPkSryvy1v2bn38Wk
sVL1M6tCgqRuOJj982/BNbi26FIyShWSDzkaU+js+7r2niK8UiV7ZtL7vpFxVI1q
npNyf7P2CNaeWMELbhtt3GXlOgyctTEPsED1mX/uK+5xjQ/h
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org