Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/Q5qxqzw8lI9TX5fFGu9TDyo1tg0.roa
File:                     Q5qxqzw8lI9TX5fFGu9TDyo1tg0.roa (raw, json)
Hash identifier:          5PxYdhzjauxVlSkkBsTc7nA+K3ijXGeGTGBOj3xcbhE=
Subject key identifier:   43:9A:B1:AB:3C:3C:94:8F:53:5F:97:C5:1A:EF:53:0F:2A:35:B6:0D
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       07C6
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/Q5qxqzw8lI9TX5fFGu9TDyo1tg0.roa
Signing time:             Tue 29 Sep 2020 10:06:52 +0000
ROA not before:           Tue 29 Sep 2020 10:06:52 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17713
IP address blocks:        140.117.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1990 (0x7c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 10:06:52 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=439AB1AB3C3C948F535F97C51AEF530F2A35B60D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:35:58:8e:6d:ec:6e:7a:b1:ef:a8:12:41:f5:
                    75:1e:d3:44:a2:52:e4:b8:64:df:fa:2f:a3:3c:cf:
                    a6:9d:f5:e2:50:e0:bc:eb:87:88:fa:d7:0b:de:42:
                    a8:e0:ae:95:dd:fa:07:5a:68:22:ca:77:2b:2f:dc:
                    fc:e9:06:af:d0:c6:08:52:6d:3a:3f:58:63:d3:0a:
                    c7:a5:c9:ce:14:e8:a1:20:72:e7:93:de:a4:66:bc:
                    17:2a:0b:d3:d6:a2:a5:d6:cb:ab:e7:83:8e:70:56:
                    83:0c:bb:dd:57:34:0c:34:5f:73:d1:27:0e:44:5a:
                    b8:09:ab:6c:32:7c:49:1e:d7:aa:6f:48:62:19:4f:
                    7c:1c:28:7c:74:6c:ee:0b:5e:de:c7:fb:fc:e7:95:
                    b6:be:b6:7a:43:d0:44:53:29:30:9d:56:ae:8c:75:
                    25:3a:f8:69:83:4b:d0:bb:18:96:ec:51:9e:82:21:
                    57:0a:31:3c:2d:08:e0:59:7e:8c:e2:67:c0:d6:34:
                    b7:a8:aa:25:e6:49:32:2f:7e:1f:db:05:99:7c:11:
                    44:08:2c:8f:c1:76:62:50:76:43:c3:ae:8e:8d:89:
                    00:02:95:2d:25:1e:ac:7c:54:08:e6:5e:8f:1b:df:
                    c8:4a:10:ac:ad:10:31:e4:93:b1:dd:7b:a1:80:9d:
                    10:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:9A:B1:AB:3C:3C:94:8F:53:5F:97:C5:1A:EF:53:0F:2A:35:B6:0D
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/Q5qxqzw8lI9TX5fFGu9TDyo1tg0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.117.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3e:7d:87:78:f4:72:eb:c9:d3:65:40:b5:3a:d6:a8:48:a0:2b:
         de:42:3b:c3:82:00:35:cd:94:72:85:67:a8:73:d3:6e:7e:d3:
         c4:51:2c:f2:32:d8:d0:c4:3c:f6:33:84:c1:d7:46:6b:7a:de:
         f8:68:1b:e7:38:24:98:2c:07:f8:30:db:3a:fd:9b:8f:d9:51:
         ea:7e:e7:fb:94:ad:e3:7f:33:60:d6:4e:84:4f:f4:19:01:c4:
         ea:88:e4:98:e4:03:52:7d:03:95:69:76:32:04:e6:dc:d7:fa:
         6e:92:22:53:dc:5a:3c:ea:6e:c8:f0:1b:99:e5:b9:76:7f:e3:
         77:f4:85:f5:45:20:be:b7:6a:d9:11:ee:b2:33:cb:54:da:b8:
         8f:10:7f:7c:be:ec:51:73:dc:2d:bb:c1:eb:3a:67:15:8e:c2:
         8f:b8:3d:3b:9f:9e:6a:e9:26:0b:04:fe:0e:54:df:66:ca:ad:
         bb:b2:2d:04:7d:c6:7c:b6:60:48:67:a1:65:8b:6d:dd:21:3e:
         b5:07:d2:82:b0:42:6f:c8:ac:d6:cd:66:18:7d:6a:1e:6d:9d:
         cf:54:74:ed:74:0a:ae:25:a6:8c:f5:6b:f7:ab:81:21:bf:c3:
         36:93:a0:0f:12:d8:ed:e8:1a:bd:08:dc:b8:5b:12:85:cb:fd:
         fb:48:3b:3e
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICB8YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMDA5Mjkx
MDA2NTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQzOUFCMUFCM0MzQzk0
OEY1MzVGOTdDNTFBRUY1MzBGMkEzNUI2MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5NViObexuerHvqBJB9XUe00SiUuS4ZN/6L6M8z6ad9eJQ4Lzr
h4j61wveQqjgrpXd+gdaaCLKdysv3PzpBq/QxghSbTo/WGPTCselyc4U6KEgcueT
3qRmvBcqC9PWoqXWy6vng45wVoMMu91XNAw0X3PRJw5EWrgJq2wyfEke16pvSGIZ
T3wcKHx0bO4LXt7H+/znlba+tnpD0ERTKTCdVq6MdSU6+GmDS9C7GJbsUZ6CIVcK
MTwtCOBZfoziZ8DWNLeoqiXmSTIvfh/bBZl8EUQILI/BdmJQdkPDro6NiQAClS0l
Hqx8VAjmXo8b38hKEKytEDHkk7Hde6GAnRA1AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUQ5qxqzw8lI9TX5fFGu9TDyo1tg0wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9RNXF4cXp3OGxJOVRYNWZGR3U5
VER5bzF0ZzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHUw
DQYJKoZIhvcNAQELBQADggEBAD59h3j0cuvJ02VAtTrWqEigK95CO8OCADXNlHKF
Z6hz025+08RRLPIy2NDEPPYzhMHXRmt63vhoG+c4JJgsB/gw2zr9m4/ZUep+5/uU
reN/M2DWToRP9BkBxOqI5JjkA1J9A5VpdjIE5tzX+m6SIlPcWjzqbsjwG5nluXZ/
43f0hfVFIL63atkR7rIzy1TauI8Qf3y+7FFz3C27wes6ZxWOwo+4PTufnmrpJgsE
/g5U32bKrbuyLQR9xny2YEhnoWWLbd0hPrUH0oKwQm/IrNbNZhh9ah5tnc9UdO10
Cq4lpoz1a/ergSG/wzaToA8S2O3oGr0I3LhbEoXL/ftIOz4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org