Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/XnCcWGEzg1L8HSwQsqnUTMQbKnM.roa
File:                     XnCcWGEzg1L8HSwQsqnUTMQbKnM.roa (raw, json)
Hash identifier:          ep8gciD9Wrn5Ty3+1E1DMbAzwu1oGZKKunXu2xv9H4k=
Subject key identifier:   5E:70:9C:58:61:33:83:52:FC:1D:2C:10:B2:A9:D4:4C:C4:1B:2A:73
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0A9F
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/XnCcWGEzg1L8HSwQsqnUTMQbKnM.roa
Signing time:             Wed 29 Sep 2021 02:41:27 +0000
ROA not before:           Wed 29 Sep 2021 02:41:27 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     1659
IP address blocks:        192.83.176.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2719 (0xa9f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 02:41:27 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=5E709C5861338352FC1D2C10B2A9D44CC41B2A73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:93:41:43:fc:5e:37:bb:f8:d7:63:76:7d:6c:
                    28:fc:22:75:53:b5:30:e8:d7:9d:f7:8f:2f:f9:77:
                    b3:4a:6c:a5:ff:9a:cf:40:e5:45:50:f6:34:32:a3:
                    4b:e3:68:6a:ad:21:47:36:44:93:f2:02:8e:23:7e:
                    5e:9f:77:6e:51:53:cf:c6:7c:d7:70:a9:ac:a6:25:
                    3d:41:ba:68:23:52:f7:ad:f6:bf:b6:3d:10:80:00:
                    92:da:6c:a6:6d:0c:36:57:8a:09:e6:e9:c1:3b:ba:
                    46:2b:b3:8f:2d:eb:91:5b:bd:fb:34:7e:c1:a0:4b:
                    86:71:24:4f:47:76:b2:d7:e3:2e:a7:04:4a:a2:6d:
                    b2:cd:f5:67:6c:d2:48:78:2a:e5:81:d0:79:04:3b:
                    40:08:a3:98:84:a0:1f:aa:59:81:ab:b6:e2:d8:1a:
                    3c:0a:de:09:00:f7:07:1a:98:85:c8:d2:72:3d:8f:
                    9e:32:3b:83:61:0e:d4:aa:04:f6:24:6e:ff:6d:52:
                    77:26:3a:05:5f:b6:2b:b4:e2:d6:35:66:15:84:a5:
                    6e:cc:9d:0e:cc:79:29:41:d9:8e:3b:b6:ad:cb:4b:
                    b2:f8:2e:34:f6:87:53:86:a4:59:73:da:81:96:08:
                    1c:2d:c0:a0:fc:36:30:d5:8e:b8:f2:c2:f8:5c:c2:
                    4b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:70:9C:58:61:33:83:52:FC:1D:2C:10:B2:A9:D4:4C:C4:1B:2A:73
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/XnCcWGEzg1L8HSwQsqnUTMQbKnM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.83.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6b:bf:86:31:9c:1e:81:10:2a:3b:96:af:07:ca:06:cf:78:24:
         ee:07:aa:a8:38:bb:2b:fa:23:8f:14:35:82:6f:72:fe:9c:c0:
         96:00:36:1e:60:51:cc:4b:6a:9a:94:9b:f4:b3:d6:b2:20:e7:
         d9:3f:70:a9:59:9d:38:1a:81:0e:19:18:53:ba:75:4a:0f:e9:
         2e:61:68:8e:f6:b5:79:e1:07:9a:c1:86:85:6f:18:48:f7:74:
         3b:73:f3:f6:55:29:80:d7:83:c1:aa:a7:38:c1:e1:36:55:3b:
         ef:37:c6:ec:ad:e9:2b:fb:dc:22:63:38:e3:e2:04:a2:ee:00:
         1d:ae:ca:b2:fd:c5:3c:a7:a2:10:92:7a:32:61:7f:5b:48:14:
         b0:06:19:18:2e:32:f5:96:a7:28:45:0d:02:3e:89:42:3e:72:
         0b:7d:62:08:b9:70:9b:1a:49:a4:45:cd:6d:5d:ea:2f:61:c2:
         0b:4e:58:74:71:15:e6:04:d8:91:ba:d4:96:45:8a:fe:6b:53:
         2b:07:01:29:10:2d:03:23:88:91:c6:4f:99:b7:c6:ee:80:cd:
         6a:8f:b1:6d:1e:5d:71:ee:0c:59:31:6e:1d:a1:ec:d4:e1:f7:
         59:d4:5f:c2:e3:2d:a1:d6:2d:64:6e:fd:8d:e8:43:78:84:b4:
         2d:62:3f:8c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCp8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDVFNzA5QzU4NjEzMzgz
NTJGQzFEMkMxMEIyQTlENDRDQzQxQjJBNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYk0FD/F43u/jXY3Z9bCj8InVTtTDo1533jy/5d7NKbKX/ms9A
5UVQ9jQyo0vjaGqtIUc2RJPyAo4jfl6fd25RU8/GfNdwqaymJT1BumgjUvet9r+2
PRCAAJLabKZtDDZXignm6cE7ukYrs48t65Fbvfs0fsGgS4ZxJE9HdrLX4y6nBEqi
bbLN9Wds0kh4KuWB0HkEO0AIo5iEoB+qWYGrtuLYGjwK3gkA9wcamIXI0nI9j54y
O4NhDtSqBPYkbv9tUncmOgVftiu04tY1ZhWEpW7MnQ7MeSlB2Y47tq3LS7L4LjT2
h1OGpFlz2oGWCBwtwKD8NjDVjrjywvhcwkvfAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUXnCcWGEzg1L8HSwQsqnUTMQbKnMwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9YbkNjV0dFemcxTDhIU3dRc3Fu
VVRNUWJLbk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwFOw
MA0GCSqGSIb3DQEBCwUAA4IBAQBrv4YxnB6BECo7lq8HygbPeCTuB6qoOLsr+iOP
FDWCb3L+nMCWADYeYFHMS2qalJv0s9ayIOfZP3CpWZ04GoEOGRhTunVKD+kuYWiO
9rV54QeawYaFbxhI93Q7c/P2VSmA14PBqqc4weE2VTvvN8bsrekr+9wiYzjj4gSi
7gAdrsqy/cU8p6IQknoyYX9bSBSwBhkYLjL1lqcoRQ0CPolCPnILfWIIuXCbGkmk
Rc1tXeovYcILTlh0cRXmBNiRutSWRYr+a1MrBwEpEC0DI4iRxk+Zt8bugM1qj7Ft
Hl1x7gxZMW4doezU4fdZ1F/C4y2h1i1kbv2N6EN4hLQtYj+M
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org