Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/QU4KKiXU4Zwz2vyhc8NLtnl4YEA.roa
File:                     QU4KKiXU4Zwz2vyhc8NLtnl4YEA.roa (raw, json)
Hash identifier:          /f+LlxN0IeDPYFrkdFkFG91Cn23WAj/QP7RfG4wP1E8=
Subject key identifier:   41:4E:0A:2A:25:D4:E1:9C:33:DA:FC:A1:73:C3:4B:B6:79:78:60:40
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0AD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/QU4KKiXU4Zwz2vyhc8NLtnl4YEA.roa
Signing time:             Wed 29 Sep 2021 02:41:10 +0000
ROA not before:           Wed 29 Sep 2021 02:41:10 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131150
IP address blocks:        163.32.140.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2776 (0xad8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 02:41:10 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=414E0A2A25D4E19C33DAFCA173C34BB679786040
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:62:c3:ad:b8:c6:72:16:e6:24:5d:a1:7a:d7:
                    0a:e8:5c:b1:9a:77:d1:c7:1e:ad:5f:f6:a9:39:4d:
                    e6:de:9f:84:fc:b1:08:6e:40:a9:1b:47:cc:f3:86:
                    2e:4d:c0:f6:1b:7b:1c:84:9c:68:5b:64:51:46:a5:
                    60:e9:c4:36:2f:06:66:b1:ba:93:06:74:cf:e8:5b:
                    0e:68:30:3d:63:8e:74:16:9c:77:42:40:89:bb:4c:
                    80:bd:6a:93:31:93:85:2d:11:24:8c:20:c6:45:40:
                    2a:04:cb:ce:7b:80:79:d0:24:95:8e:83:55:80:d6:
                    26:70:2c:29:50:24:1d:08:3c:02:c5:a4:c6:91:f2:
                    80:99:ce:83:c3:87:1a:a8:55:37:e3:1d:a6:8d:0f:
                    22:e8:90:8a:c3:29:1a:ee:7c:b5:b9:b3:fe:4e:10:
                    4e:7e:47:8a:c5:48:82:b9:4f:6c:65:38:f9:07:44:
                    ea:50:c3:ee:14:3c:95:9a:60:83:c9:e1:05:58:3d:
                    9d:ba:7f:a5:d9:55:75:9b:82:79:f6:d9:89:bb:a3:
                    38:39:22:2a:74:14:1f:b4:b5:ce:1c:07:8d:38:f9:
                    82:3b:77:0a:e4:41:cb:af:ce:ac:5e:d3:5d:a2:0d:
                    3f:d1:e3:bc:65:b2:d9:89:22:41:77:e4:71:ea:3c:
                    bc:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:4E:0A:2A:25:D4:E1:9C:33:DA:FC:A1:73:C3:4B:B6:79:78:60:40
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/QU4KKiXU4Zwz2vyhc8NLtnl4YEA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.32.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         81:05:fd:0a:6c:07:6f:7d:6e:65:bd:7d:0a:6a:f2:92:e9:ee:
         cb:6f:58:ee:4b:00:5e:8d:b3:1a:10:92:e3:09:35:af:f1:36:
         c4:2e:89:4d:b4:9a:e5:5a:30:f9:34:84:b9:78:75:04:dd:ea:
         e3:bc:32:9a:42:1b:a5:c9:91:3b:e2:44:af:97:70:56:8b:df:
         d4:76:69:f7:d8:17:4f:df:ed:b2:e9:39:82:b7:4d:42:99:a8:
         58:d6:21:92:1a:15:eb:04:85:48:1a:d0:04:1a:25:81:46:5d:
         87:0e:89:eb:19:6e:de:f8:b7:29:d0:83:37:54:ed:1d:e3:95:
         91:b9:06:cf:03:d7:84:64:3d:e8:22:8b:87:ed:5d:ea:9d:8e:
         09:3f:e6:44:1b:fa:3d:ca:25:92:47:e0:f4:dc:d5:cd:0f:e2:
         a2:80:cd:bf:60:d6:d2:f0:11:3c:b1:d0:04:b6:1d:5f:72:5f:
         c5:e5:d6:a9:33:02:69:c2:95:c2:c1:0a:d2:62:1a:1e:4d:10:
         d2:7f:26:8d:ad:ad:e1:2a:2b:dd:6b:2d:16:62:94:dd:25:22:
         f3:7b:a3:d0:a9:90:c2:66:b6:d7:53:d1:05:d7:67:8f:2d:52:
         c0:9d:47:36:a4:5c:30:d1:61:27:18:c7:9f:f7:b8:d5:05:56:
         3b:78:c7:31
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCtgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTA5Mjkw
MjQxMTBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQxNEUwQTJBMjVENEUx
OUMzM0RBRkNBMTczQzM0QkI2Nzk3ODYwNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrYsOtuMZyFuYkXaF61wroXLGad9HHHq1f9qk5Teben4T8sQhu
QKkbR8zzhi5NwPYbexyEnGhbZFFGpWDpxDYvBmaxupMGdM/oWw5oMD1jjnQWnHdC
QIm7TIC9apMxk4UtESSMIMZFQCoEy857gHnQJJWOg1WA1iZwLClQJB0IPALFpMaR
8oCZzoPDhxqoVTfjHaaNDyLokIrDKRrufLW5s/5OEE5+R4rFSIK5T2xlOPkHROpQ
w+4UPJWaYIPJ4QVYPZ26f6XZVXWbgnn22Ym7ozg5Iip0FB+0tc4cB404+YI7dwrk
Qcuvzqxe012iDT/R47xlstmJIkF35HHqPLzZAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUQU4KKiXU4Zwz2vyhc8NLtnl4YEAwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9RVTRLS2lYVTRad3oydnloYzhO
THRubDRZRUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoyCM
MA0GCSqGSIb3DQEBCwUAA4IBAQCBBf0KbAdvfW5lvX0KavKS6e7Lb1juSwBejbMa
EJLjCTWv8TbELolNtJrlWjD5NIS5eHUE3erjvDKaQhulyZE74kSvl3BWi9/Udmn3
2BdP3+2y6TmCt01CmahY1iGSGhXrBIVIGtAEGiWBRl2HDonrGW7e+Lcp0IM3VO0d
45WRuQbPA9eEZD3oIouH7V3qnY4JP+ZEG/o9yiWSR+D03NXND+KigM2/YNbS8BE8
sdAEth1fcl/F5dapMwJpwpXCwQrSYhoeTRDSfyaNra3hKivday0WYpTdJSLze6PQ
qZDCZrbXU9EF12ePLVLAnUc2pFww0WEnGMef97jVBVY7eMcx
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org