Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/cTFZrZIcVGTOJJdtQKT33V6CXiY.roa
File:                     cTFZrZIcVGTOJJdtQKT33V6CXiY.roa (raw, json)
Hash identifier:          aPOeERM5vYjMU4OinksN5FQgZVFiJlGThmoCXWPyLyY=
Subject key identifier:   71:31:59:AD:92:1C:54:64:CE:24:97:6D:40:A4:F7:DD:5E:82:5E:26
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0925
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/cTFZrZIcVGTOJJdtQKT33V6CXiY.roa
Signing time:             Wed 16 Dec 2020 08:53:59 +0000
ROA not before:           Wed 16 Dec 2020 08:53:59 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9916
IP address blocks:        120.126.32.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2341 (0x925)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Dec 16 08:53:59 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=713159AD921C5464CE24976D40A4F7DD5E825E26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:ed:5e:77:bc:59:34:cc:f2:24:48:62:da:69:
                    cc:1b:99:a3:9f:80:16:37:9a:52:21:59:94:72:b7:
                    27:c6:28:08:4d:ab:c3:0d:6d:a6:c5:93:f0:87:20:
                    5f:28:50:cf:c1:ea:61:df:09:a5:ad:21:78:4c:f2:
                    0f:d1:23:22:c4:cf:07:21:ee:c0:01:45:fd:9c:be:
                    a1:18:87:ef:0e:32:6c:55:d7:cd:b5:2a:dc:f3:c7:
                    4c:42:8d:9f:59:9c:46:85:72:3f:c0:cd:a4:e3:f7:
                    e4:1e:65:94:ab:f0:be:a0:50:34:4d:77:39:e3:1d:
                    96:bb:33:8a:45:ca:4c:7d:8e:f8:25:92:f7:31:b5:
                    cb:18:80:60:bb:69:7c:55:4f:81:90:d6:49:41:48:
                    17:56:4e:b1:07:6f:e4:46:e8:83:92:5a:5b:fb:b9:
                    a3:7f:70:bd:3c:e1:33:ae:5e:fc:f1:bf:d7:c6:98:
                    8d:e8:6b:45:ab:cb:66:47:a0:09:ce:39:ff:d1:f3:
                    dc:ad:df:9b:cb:d8:18:e0:49:3d:58:ee:69:7a:3d:
                    5b:62:ef:17:43:a2:b9:8c:0a:4a:2b:06:a1:91:07:
                    21:09:76:38:88:55:14:1c:85:49:a1:b8:64:f6:0d:
                    fd:d9:78:1b:d4:e2:36:b1:b2:cd:ef:a3:04:93:f5:
                    bc:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:31:59:AD:92:1C:54:64:CE:24:97:6D:40:A4:F7:DD:5E:82:5E:26
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/cTFZrZIcVGTOJJdtQKT33V6CXiY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.126.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6f:40:13:60:4c:1c:f4:36:6a:22:23:dc:bb:dc:3e:af:90:59:
         66:f6:ae:92:88:90:fc:45:46:04:d8:84:54:78:fe:22:5d:6b:
         ed:d5:53:61:97:1a:e4:a4:6c:16:79:3b:e2:3d:41:17:2a:72:
         6f:b0:18:b7:32:f3:a8:e8:43:ad:2d:ad:7b:80:e5:19:6a:0d:
         4f:bd:68:0f:6f:fa:10:d1:f8:90:c4:09:73:ef:fe:67:07:d5:
         f3:44:80:ec:e7:32:98:02:b8:03:cc:87:e5:6b:e4:9c:27:30:
         fc:db:b6:a2:7d:40:e0:73:ba:de:a1:6e:fe:e5:58:a7:71:5c:
         85:4a:bc:44:34:e5:a2:5c:94:ac:1f:83:50:ff:86:27:ba:19:
         3c:d8:8e:cc:2a:38:fc:bf:4e:ad:d2:2e:a3:1e:c8:0a:96:8d:
         d1:bf:06:bc:b2:2a:b2:f8:3e:62:5d:85:7f:17:35:3f:a9:db:
         07:cc:91:0c:65:a6:4e:46:73:fa:1d:ce:a9:06:72:16:43:ac:
         db:31:40:17:26:cd:63:31:aa:59:67:c8:3b:0d:04:9e:9a:20:
         3e:a0:63:dc:ff:c3:be:c2:45:85:39:d1:f9:71:bc:a5:c1:bc:
         15:4a:66:92:ac:ce:75:e3:96:4d:44:84:05:c5:42:46:e2:07:
         e5:c2:12:d3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCSUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMDEyMTYw
ODUzNTlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDcxMzE1OUFEOTIxQzU0
NjRDRTI0OTc2RDQwQTRGN0RENUU4MjVFMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDu7V53vFk0zPIkSGLaacwbmaOfgBY3mlIhWZRytyfGKAhNq8MN
babFk/CHIF8oUM/B6mHfCaWtIXhM8g/RIyLEzwch7sABRf2cvqEYh+8OMmxV1821
Ktzzx0xCjZ9ZnEaFcj/AzaTj9+QeZZSr8L6gUDRNdznjHZa7M4pFykx9jvglkvcx
tcsYgGC7aXxVT4GQ1klBSBdWTrEHb+RG6IOSWlv7uaN/cL084TOuXvzxv9fGmI3o
a0Wry2ZHoAnOOf/R89yt35vL2BjgST1Y7ml6PVti7xdDormMCkorBqGRByEJdjiI
VRQchUmhuGT2Df3ZeBvU4jaxss3vowST9bwhAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUcTFZrZIcVGTOJJdtQKT33V6CXiYwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9jVEZaclpJY1ZHVE9KSmR0UUtU
MzNWNkNYaVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFeH4g
MA0GCSqGSIb3DQEBCwUAA4IBAQBvQBNgTBz0NmoiI9y73D6vkFlm9q6SiJD8RUYE
2IRUeP4iXWvt1VNhlxrkpGwWeTviPUEXKnJvsBi3MvOo6EOtLa17gOUZag1PvWgP
b/oQ0fiQxAlz7/5nB9XzRIDs5zKYArgDzIfla+ScJzD827aifUDgc7reoW7+5Vin
cVyFSrxENOWiXJSsH4NQ/4Ynuhk82I7MKjj8v06t0i6jHsgKlo3Rvwa8siqy+D5i
XYV/FzU/qdsHzJEMZaZORnP6Hc6pBnIWQ6zbMUAXJs1jMapZZ8g7DQSemiA+oGPc
/8O+wkWFOdH5cbylwbwVSmaSrM5145ZNRIQFxUJG4gflwhLT
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org