Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/WkCCsGMbzAsgqWfIyxqANYc4DnY.roa
File:                     WkCCsGMbzAsgqWfIyxqANYc4DnY.roa (raw, json)
Hash identifier:          B8m84WPqoAiRuod2GfsD5bcMI7lLu9EPwaG6LDIHIqE=
Subject key identifier:   5A:40:82:B0:63:1B:CC:0B:20:A9:67:C8:CB:1A:80:35:87:38:0E:76
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0BD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/WkCCsGMbzAsgqWfIyxqANYc4DnY.roa
Signing time:             Thu 15 Sep 2022 02:41:07 +0000
ROA not before:           Thu 15 Sep 2022 02:41:07 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38844
IP address blocks:        210.60.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3032 (0xbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 15 02:41:07 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=5A4082B0631BCC0B20A967C8CB1A803587380E76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:80:3b:71:70:11:70:ff:65:26:28:7f:ea:a4:
                    72:ea:82:14:2e:cc:1c:d2:0e:4f:f6:10:e2:3c:c0:
                    43:f6:b1:61:3a:e4:76:14:79:b8:27:f4:00:be:44:
                    ef:74:be:1f:6a:16:83:30:dd:9b:c6:aa:36:b4:0b:
                    6e:63:ea:de:e5:d2:2a:96:9a:ef:f6:c6:8d:d7:33:
                    e3:6a:e4:2f:0a:e4:3f:92:06:78:17:58:d6:3b:87:
                    61:c6:bf:18:30:ca:3a:e0:9c:06:7a:32:dc:43:11:
                    4a:3a:04:52:07:75:49:e0:d0:cf:5e:ce:9a:81:55:
                    27:dd:4a:ad:48:e3:e8:f2:6e:fd:e2:72:f9:85:82:
                    22:69:3d:26:d5:b4:ea:98:b0:17:e9:35:8d:31:fe:
                    ed:a0:65:cd:01:9c:95:1f:59:00:21:ee:27:06:8e:
                    dd:90:ba:87:68:63:2a:bd:35:c6:ae:6f:70:d4:84:
                    fb:44:5c:07:ee:62:67:0c:37:1d:37:fe:41:8a:e2:
                    b0:dc:f5:3e:70:64:0a:7e:bd:4f:3c:14:fa:5b:92:
                    9e:10:f1:1e:d0:f2:7b:a1:22:c7:ec:51:1b:1b:9c:
                    a1:45:22:eb:23:9c:a1:74:80:e5:08:fd:ef:90:59:
                    12:b3:82:d7:3f:de:70:7b:b4:06:76:8f:b6:98:d6:
                    4c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:40:82:B0:63:1B:CC:0B:20:A9:67:C8:CB:1A:80:35:87:38:0E:76
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/WkCCsGMbzAsgqWfIyxqANYc4DnY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.60.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:cb:51:91:fe:87:bf:52:69:2e:e2:c3:18:dc:f3:b3:c3:75:
         9b:33:94:eb:f2:11:63:1a:f1:ca:b0:ff:24:8a:8f:21:57:0e:
         c2:ef:ac:98:b1:2b:f1:11:b8:70:1b:d9:4c:ad:33:ce:14:ab:
         28:8b:9c:3b:38:ef:14:61:ab:46:f8:4c:50:aa:66:ba:a4:b0:
         13:f5:f0:bd:f8:18:1f:6c:37:57:25:cd:19:91:21:09:6c:c6:
         8c:e2:da:0f:40:ce:e8:65:0b:13:c4:d6:f0:dc:11:df:dd:3f:
         e0:0b:28:a9:25:48:e0:9b:39:d0:8e:a7:85:dc:05:82:c5:01:
         12:97:63:f1:a9:c1:cc:6c:3a:46:e4:f5:49:d5:5c:2a:a5:85:
         37:4a:20:46:10:32:44:b3:34:1c:30:70:ac:ba:96:8e:20:07:
         53:98:49:40:bb:38:78:87:80:3c:38:7d:75:94:7e:00:8f:6a:
         d3:36:f3:6d:cd:b3:85:5b:d0:b4:a2:17:d9:8e:0e:b8:24:34:
         01:2c:2d:35:97:a9:6b:74:c0:c3:b4:60:8f:2f:fa:53:40:ad:
         18:71:7f:46:5e:76:bd:3c:ac:e6:52:4c:16:94:6e:67:4a:32:
         47:0d:fc:b8:9a:30:a9:83:03:63:9e:6c:cd:98:0f:e1:80:fd:
         3f:ab:a6:7f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMjA5MTUw
MjQxMDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVBNDA4MkIwNjMxQkND
MEIyMEE5NjdDOENCMUE4MDM1ODczODBFNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsgDtxcBFw/2UmKH/qpHLqghQuzBzSDk/2EOI8wEP2sWE65HYU
ebgn9AC+RO90vh9qFoMw3ZvGqja0C25j6t7l0iqWmu/2xo3XM+Nq5C8K5D+SBngX
WNY7h2HGvxgwyjrgnAZ6MtxDEUo6BFIHdUng0M9ezpqBVSfdSq1I4+jybv3icvmF
giJpPSbVtOqYsBfpNY0x/u2gZc0BnJUfWQAh7icGjt2QuodoYyq9Ncaub3DUhPtE
XAfuYmcMNx03/kGK4rDc9T5wZAp+vU88FPpbkp4Q8R7Q8nuhIsfsURsbnKFFIusj
nKF0gOUI/e+QWRKzgtc/3nB7tAZ2j7aY1kyzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUWkCCsGMbzAsgqWfIyxqANYc4DnYwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9Xa0NDc0dNYnpBc2dxV2ZJeXhx
QU5ZYzREblkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0jyW
MA0GCSqGSIb3DQEBCwUAA4IBAQA1y1GR/oe/Umku4sMY3POzw3WbM5Tr8hFjGvHK
sP8kio8hVw7C76yYsSvxEbhwG9lMrTPOFKsoi5w7OO8UYatG+ExQqma6pLAT9fC9
+BgfbDdXJc0ZkSEJbMaM4toPQM7oZQsTxNbw3BHf3T/gCyipJUjgmznQjqeF3AWC
xQESl2PxqcHMbDpG5PVJ1VwqpYU3SiBGEDJEszQcMHCsupaOIAdTmElAuzh4h4A8
OH11lH4Aj2rTNvNtzbOFW9C0ohfZjg64JDQBLC01l6lrdMDDtGCPL/pTQK0YcX9G
Xna9PKzmUkwWlG5nSjJHDfy4mjCpgwNjnmzNmA/hgP0/q6Z/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org