Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/bUwulRw88Nwva78rXXsC8p9CYMo.roa
File:                     bUwulRw88Nwva78rXXsC8p9CYMo.roa (raw, json)
Hash identifier:          uIGeQkasRmUpo0xb7OCf62RgcdwooaniMj35sCiW+vA=
Subject key identifier:   6D:4C:2E:95:1C:3C:F0:DC:2F:6B:BF:2B:5D:7B:02:F2:9F:42:60:CA
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       07BF
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/bUwulRw88Nwva78rXXsC8p9CYMo.roa
Signing time:             Tue 29 Sep 2020 10:06:50 +0000
ROA not before:           Tue 29 Sep 2020 10:06:50 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38845
IP address blocks:        140.136.160.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1983 (0x7bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 10:06:50 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=6D4C2E951C3CF0DC2F6BBF2B5D7B02F29F4260CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e6:a0:e5:a5:42:81:83:09:1e:fa:a0:08:e9:
                    05:2d:93:92:7b:90:c0:6d:ff:cd:08:50:87:94:4a:
                    8c:33:f9:21:c2:b0:35:22:36:7e:88:4e:6d:23:4e:
                    35:11:2a:14:de:4b:4c:4a:79:21:25:b2:82:4e:19:
                    c2:08:21:56:a1:15:96:df:47:7d:78:46:32:2f:03:
                    2f:b6:c0:b9:8d:90:bd:56:1d:62:42:00:48:0e:22:
                    34:e4:3e:0e:0a:47:af:70:8f:d0:80:cc:0e:3c:5f:
                    e1:6f:69:9e:01:4d:45:ee:8f:00:b2:48:c7:f3:fa:
                    fa:9e:89:8c:82:18:9a:d1:f1:89:83:04:5f:74:32:
                    17:99:82:cf:bb:67:8d:1b:75:c7:20:69:98:7e:83:
                    53:db:01:75:59:5d:b4:4b:7b:dd:6d:0a:4e:dc:4c:
                    54:0f:98:b4:02:df:1b:6c:86:6b:f9:ec:3d:79:79:
                    6b:13:f9:b4:f3:df:ad:f3:eb:e6:36:a1:d6:87:98:
                    f5:7a:c2:05:9a:e5:ca:cf:cb:b6:51:01:bf:3f:b4:
                    a3:8e:4b:60:8a:95:26:30:b2:08:5b:e8:0d:7f:cd:
                    a0:5d:34:90:0d:0e:3e:92:5e:21:3e:29:4e:3e:26:
                    d5:7e:ba:a9:ab:4a:f0:17:57:7d:6c:f4:6a:8c:55:
                    81:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:4C:2E:95:1C:3C:F0:DC:2F:6B:BF:2B:5D:7B:02:F2:9F:42:60:CA
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/bUwulRw88Nwva78rXXsC8p9CYMo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.136.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:81:b7:23:4f:5e:02:cf:ea:c8:e4:3c:3a:2b:a4:2e:ea:57:
         93:0d:c8:8c:64:e2:36:85:6c:79:76:8e:a2:da:c6:6c:ab:af:
         3e:25:3e:dc:35:9e:9b:b1:a4:71:0c:5c:22:15:24:e2:72:27:
         06:80:e6:01:01:47:10:d6:43:fd:13:73:bf:3c:a2:d5:04:42:
         c5:e4:0c:93:69:dc:31:97:29:99:2d:2d:b3:ab:5f:da:02:13:
         a1:f9:bb:4b:46:91:ae:ae:26:cf:60:ab:ec:c9:4f:cb:9c:3f:
         5c:52:44:26:12:36:64:ae:ec:d4:ce:41:f7:b0:85:ef:cb:f9:
         94:41:45:7a:c4:78:0c:fb:e7:74:62:70:4b:e2:ba:bc:d7:b4:
         f5:00:d1:1a:5a:da:e0:13:c1:71:67:ce:b1:28:10:16:82:74:
         2d:b7:30:46:bf:91:d6:87:77:ab:d8:5b:7e:98:e2:71:ea:88:
         ce:59:15:df:a8:7f:98:f0:af:02:6b:6d:61:9d:16:5b:9d:bf:
         49:64:2b:b4:56:04:d8:28:3c:f5:d5:80:c2:27:e3:b1:0a:31:
         22:45:4b:e4:6a:69:3a:cc:5e:99:d8:6b:f4:6e:31:0f:9c:03:
         22:4b:1b:13:be:43:d8:c2:ed:44:d4:2c:68:21:ce:06:bd:e2:
         b6:8b:e3:82
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB78wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMDA5Mjkx
MDA2NTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZENEMyRTk1MUMzQ0Yw
REMyRjZCQkYyQjVEN0IwMkYyOUY0MjYwQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk5qDlpUKBgwke+qAI6QUtk5J7kMBt/80IUIeUSowz+SHCsDUi
Nn6ITm0jTjURKhTeS0xKeSElsoJOGcIIIVahFZbfR314RjIvAy+2wLmNkL1WHWJC
AEgOIjTkPg4KR69wj9CAzA48X+FvaZ4BTUXujwCySMfz+vqeiYyCGJrR8YmDBF90
MheZgs+7Z40bdccgaZh+g1PbAXVZXbRLe91tCk7cTFQPmLQC3xtshmv57D15eWsT
+bTz363z6+Y2odaHmPV6wgWa5crPy7ZRAb8/tKOOS2CKlSYwsghb6A1/zaBdNJAN
Dj6SXiE+KU4+JtV+uqmrSvAXV31s9GqMVYEtAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUbUwulRw88Nwva78rXXsC8p9CYMowHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9iVXd1bFJ3ODhOd3ZhNzhyWFhz
QzhwOUNZTW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjIig
MA0GCSqGSIb3DQEBCwUAA4IBAQCfgbcjT14Cz+rI5Dw6K6Qu6leTDciMZOI2hWx5
do6i2sZsq68+JT7cNZ6bsaRxDFwiFSTicicGgOYBAUcQ1kP9E3O/PKLVBELF5AyT
adwxlymZLS2zq1/aAhOh+btLRpGuribPYKvsyU/LnD9cUkQmEjZkruzUzkH3sIXv
y/mUQUV6xHgM++d0YnBL4rq817T1ANEaWtrgE8FxZ86xKBAWgnQttzBGv5HWh3er
2Ft+mOJx6ojOWRXfqH+Y8K8Ca21hnRZbnb9JZCu0VgTYKDz11YDCJ+OxCjEiRUvk
amk6zF6Z2Gv0bjEPnAMiSxsTvkPYwu1E1CxoIc4GveK2i+OC
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org