Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/PxwkMD4KAFyGZ6tvaUbx2fBExac.roa
File:                     PxwkMD4KAFyGZ6tvaUbx2fBExac.roa (raw, json)
Hash identifier:          ulWntlD9krXoic+YIYU7lSEmPCs60c+fG/45H6XNDVY=
Subject key identifier:   3F:1C:24:30:3E:0A:00:5C:86:67:AB:6F:69:46:F1:D9:F0:44:C5:A7
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0BD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/PxwkMD4KAFyGZ6tvaUbx2fBExac.roa
Signing time:             Thu 15 Sep 2022 02:41:22 +0000
ROA not before:           Thu 15 Sep 2022 02:41:22 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     1659
IP address blocks:        210.59.0.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3032 (0xbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 15 02:41:22 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=3F1C24303E0A005C8667AB6F6946F1D9F044C5A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4f:37:8b:28:a6:61:0e:d8:34:94:da:2b:b3:
                    3d:57:8f:24:9f:69:be:0b:57:38:04:4f:14:0b:28:
                    e1:84:7a:74:08:06:2d:cb:bc:ce:48:dd:c4:6f:f0:
                    d4:21:9e:74:4b:66:ad:42:91:77:92:4e:63:39:91:
                    7e:02:94:f1:60:d0:28:fb:e8:b8:37:ea:46:ae:46:
                    8b:fe:eb:f4:5c:a5:bb:33:23:38:78:66:55:99:47:
                    4d:c2:b2:78:c4:48:aa:eb:a8:d8:9c:d7:b4:64:c0:
                    59:4e:a8:6b:ba:d4:51:64:34:7c:73:09:47:a6:30:
                    09:43:8a:4c:65:73:69:8f:9d:80:e4:2d:4a:c4:f1:
                    04:4e:e5:dd:ef:7e:f1:a8:38:ce:13:f9:61:6a:3d:
                    46:f3:e7:3e:c6:87:22:03:39:a5:c4:e4:9e:44:38:
                    20:db:d2:8c:f8:60:d0:97:77:c7:45:f8:f5:a9:7a:
                    ce:d8:a4:78:33:06:2b:37:91:19:ee:9a:35:cd:1a:
                    5e:61:30:cd:8f:fc:18:9e:25:39:36:db:27:2a:f3:
                    8f:a6:38:e3:02:aa:fe:99:a8:fe:d1:25:cc:f9:1c:
                    d7:8d:98:4a:5e:36:68:54:6a:d6:01:d2:6e:ed:0e:
                    6f:96:2b:fa:cc:e4:23:d9:7e:84:e7:ac:49:21:ca:
                    61:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:1C:24:30:3E:0A:00:5C:86:67:AB:6F:69:46:F1:D9:F0:44:C5:A7
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/PxwkMD4KAFyGZ6tvaUbx2fBExac.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.59.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         3c:17:f6:e4:5e:42:52:0e:03:f1:b4:39:bf:3c:fb:bd:94:f5:
         94:38:ae:19:6c:59:59:dc:9b:d5:a9:be:d7:fa:26:65:b9:b1:
         50:f9:d6:92:9a:67:4c:d5:9f:bd:88:eb:ce:49:fb:a7:82:08:
         9b:ab:39:d5:31:f3:bd:28:93:0f:fc:57:42:ae:3d:05:ff:a6:
         b5:3c:ae:57:9f:b2:5a:19:91:bf:86:ab:8e:20:f0:e9:06:89:
         48:02:b3:b3:2b:90:4a:6b:b3:25:ac:23:d4:8a:47:d4:d6:ad:
         b6:50:74:c3:e5:32:cb:eb:6d:da:45:08:7e:83:18:a4:79:16:
         b9:22:6d:e3:09:42:f1:d2:8f:df:ab:9a:6c:fc:36:78:e1:c4:
         23:35:db:b0:64:77:11:ee:78:ba:d4:b7:3b:d3:5e:51:08:5d:
         3f:89:ab:cc:5c:73:a1:12:d4:06:74:94:0e:b7:eb:d5:ac:d0:
         1d:61:32:51:0a:fc:d7:39:d2:a1:c2:da:01:af:25:3f:f4:a3:
         a2:45:7e:02:d4:d9:f3:56:c8:b7:7e:a9:74:e3:88:bb:28:dc:
         18:0c:b1:dd:c6:f1:c0:47:19:85:ec:65:31:48:6c:8a:a6:29:
         be:ed:74:84:c2:3e:8b:94:03:b9:e5:7f:b9:a2:bc:e5:3a:20:
         98:54:55:e6
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMjA5MTUw
MjQxMjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNGMUMyNDMwM0UwQTAw
NUM4NjY3QUI2RjY5NDZGMUQ5RjA0NEM1QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6TzeLKKZhDtg0lNorsz1XjySfab4LVzgETxQLKOGEenQIBi3L
vM5I3cRv8NQhnnRLZq1CkXeSTmM5kX4ClPFg0Cj76Lg36kauRov+6/RcpbszIzh4
ZlWZR03CsnjESKrrqNic17RkwFlOqGu61FFkNHxzCUemMAlDikxlc2mPnYDkLUrE
8QRO5d3vfvGoOM4T+WFqPUbz5z7GhyIDOaXE5J5EOCDb0oz4YNCXd8dF+PWpes7Y
pHgzBis3kRnumjXNGl5hMM2P/BieJTk22ycq84+mOOMCqv6ZqP7RJcz5HNeNmEpe
NmhUatYB0m7tDm+WK/rM5CPZfoTnrEkhymG1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUPxwkMD4KAFyGZ6tvaUbx2fBExacwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9QeHdrTUQ0S0FGeUdaNnR2YVVi
eDJmQkV4YWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH0jsA
MA0GCSqGSIb3DQEBCwUAA4IBAQA8F/bkXkJSDgPxtDm/PPu9lPWUOK4ZbFlZ3JvV
qb7X+iZlubFQ+daSmmdM1Z+9iOvOSfunggibqznVMfO9KJMP/FdCrj0F/6a1PK5X
n7JaGZG/hquOIPDpBolIArOzK5BKa7MlrCPUikfU1q22UHTD5TLL623aRQh+gxik
eRa5Im3jCULx0o/fq5ps/DZ44cQjNduwZHcR7ni61Lc7015RCF0/iavMXHOhEtQG
dJQOt+vVrNAdYTJRCvzXOdKhwtoBryU/9KOiRX4C1NnzVsi3fql044i7KNwYDLHd
xvHARxmF7GUxSGyKpim+7XSEwj6LlAO55X+5orzlOiCYVFXm
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org