Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/VDRghzdT9DgSjUEYNi8km1wrDOU.roa
File:                     VDRghzdT9DgSjUEYNi8km1wrDOU.roa (raw, json)
Hash identifier:          V8/BPwrGKljH+VMnEL8k5hwXYk4CPvzS+6Rh8Sw5aow=
Subject key identifier:   54:34:60:87:37:53:F4:38:12:8D:41:18:36:2F:24:9B:5C:2B:0C:E5
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0AC6
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/VDRghzdT9DgSjUEYNi8km1wrDOU.roa
Signing time:             Wed 29 Sep 2021 02:41:03 +0000
ROA not before:           Wed 29 Sep 2021 02:41:03 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     18185
IP address blocks:        120.117.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2758 (0xac6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 02:41:03 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=543460873753F438128D4118362F249B5C2B0CE5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:0b:9c:3b:5e:4b:5e:aa:75:ff:2f:f6:62:34:
                    8b:a0:90:75:1d:ad:f6:1e:a3:db:d1:1f:bf:2a:b7:
                    d0:2a:c8:91:a9:8e:af:9a:1f:99:6d:57:ec:20:aa:
                    fa:91:97:0f:18:9a:75:07:0d:6c:6f:e9:e8:20:4f:
                    a7:2d:eb:bf:40:72:e7:0c:12:a2:1c:be:a1:40:5f:
                    f7:30:a5:b7:49:6e:4a:e7:73:e1:3f:e2:42:dd:ca:
                    2b:90:cc:fd:77:87:e2:09:f9:61:cc:b2:89:b1:ca:
                    79:d6:9f:4e:45:76:9b:54:e2:25:d1:16:13:65:65:
                    b1:71:74:28:97:97:0b:ab:dd:d2:0d:0d:f4:8c:d2:
                    0d:ce:b6:db:e2:8b:7b:1c:36:90:5e:69:f7:0c:76:
                    28:cb:7f:b4:6a:d1:7a:1e:f0:1f:77:03:49:14:e0:
                    22:87:4c:f7:ff:5b:88:57:d7:9a:c6:e8:c6:b2:34:
                    76:55:c1:ef:ab:96:10:fa:3b:c2:4a:68:3f:49:41:
                    ac:3a:81:50:4c:ac:17:6e:b1:21:21:ce:a5:dd:e1:
                    9d:b4:80:2d:f4:88:f2:b1:e8:68:34:0e:af:ff:32:
                    fc:98:40:76:c0:9e:ad:2c:23:8e:37:bc:a2:4f:62:
                    d2:c2:0a:68:7c:e7:59:b8:ee:66:35:1f:df:b0:6e:
                    4f:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:34:60:87:37:53:F4:38:12:8D:41:18:36:2F:24:9B:5C:2B:0C:E5
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/VDRghzdT9DgSjUEYNi8km1wrDOU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.117.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:bb:74:f1:03:e3:7d:2d:28:dd:03:48:38:37:d4:bc:c1:c5:
         72:cd:86:fc:8c:30:1e:d6:c5:93:6e:28:bd:9a:fb:25:17:3f:
         38:9e:22:9f:80:43:39:6b:13:0f:2c:e4:9c:4b:e5:af:5b:08:
         1e:a7:f7:9f:82:6d:6c:68:15:9b:98:8b:2c:5c:89:4e:2e:50:
         5c:ca:f7:e5:2b:48:fd:0c:30:08:88:45:eb:11:3e:bf:49:53:
         03:78:67:65:8d:79:d9:d0:e4:a7:35:84:7f:2b:b5:09:1b:3c:
         cf:7e:d5:35:4e:78:b8:e3:ac:7b:a4:9b:b9:d7:5c:de:53:39:
         02:36:aa:e5:ac:2c:cc:e9:e9:a7:a1:53:c9:b1:7b:32:2a:8e:
         1b:aa:95:06:d9:d7:37:35:0f:11:f8:b7:fe:d9:fa:02:97:8b:
         c3:d9:ad:be:6a:12:65:47:6e:96:1b:3c:94:08:f1:84:f0:31:
         82:9d:c3:6b:1b:82:20:64:d1:60:db:05:6b:56:e8:16:bd:f0:
         72:f4:52:da:bc:61:64:06:10:65:00:2c:dc:5f:8b:04:fd:c7:
         a4:89:be:5e:ab:a7:7e:43:af:04:b4:0f:b3:c7:62:28:ed:e6:
         56:4b:9a:ea:51:e5:16:a8:20:1d:34:01:13:a0:10:7d:e3:38:
         a0:ab:71:77
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTA5Mjkw
MjQxMDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDU0MzQ2MDg3Mzc1M0Y0
MzgxMjhENDExODM2MkYyNDlCNUMyQjBDRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPC5w7XkteqnX/L/ZiNIugkHUdrfYeo9vRH78qt9AqyJGpjq+a
H5ltV+wgqvqRlw8YmnUHDWxv6eggT6ct679AcucMEqIcvqFAX/cwpbdJbkrnc+E/
4kLdyiuQzP13h+IJ+WHMsomxynnWn05FdptU4iXRFhNlZbFxdCiXlwur3dINDfSM
0g3Ottvii3scNpBeafcMdijLf7Rq0Xoe8B93A0kU4CKHTPf/W4hX15rG6MayNHZV
we+rlhD6O8JKaD9JQaw6gVBMrBdusSEhzqXd4Z20gC30iPKx6Gg0Dq//MvyYQHbA
nq0sI443vKJPYtLCCmh851m47mY1H9+wbk/NAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUVDRghzdT9DgSjUEYNi8km1wrDOUwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9WRFJnaHpkVDlEZ1NqVUVZTmk4
a20xd3JET1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeHUB
MA0GCSqGSIb3DQEBCwUAA4IBAQC3u3TxA+N9LSjdA0g4N9S8wcVyzYb8jDAe1sWT
bii9mvslFz84niKfgEM5axMPLOScS+WvWwgep/efgm1saBWbmIssXIlOLlBcyvfl
K0j9DDAIiEXrET6/SVMDeGdljXnZ0OSnNYR/K7UJGzzPftU1Tni446x7pJu511ze
UzkCNqrlrCzM6emnoVPJsXsyKo4bqpUG2dc3NQ8R+Lf+2foCl4vD2a2+ahJlR26W
GzyUCPGE8DGCncNrG4IgZNFg2wVrVugWvfBy9FLavGFkBhBlACzcX4sE/cekib5e
q6d+Q68EtA+zx2Io7eZWS5rqUeUWqCAdNAEToBB94zigq3F3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org