Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/fS2bekDzmEjOXujVF3Vw6onz7p0.roa
File:                     fS2bekDzmEjOXujVF3Vw6onz7p0.roa (raw, json)
Hash identifier:          kFgdmooSReC8OLwIXd+ObNQ1HK+sRoq0hVmlxbnSBqc=
Subject key identifier:   7D:2D:9B:7A:40:F3:98:48:CE:5E:E8:D5:17:75:70:EA:89:F3:EE:9D
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       07F2
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/fS2bekDzmEjOXujVF3Vw6onz7p0.roa
Signing time:             Tue 29 Sep 2020 10:06:39 +0000
ROA not before:           Tue 29 Sep 2020 10:06:39 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     1659
IP address blocks:        163.24.0.0/14 maxlen: 14

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2034 (0x7f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 10:06:39 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=7D2D9B7A40F39848CE5EE8D5177570EA89F3EE9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ed:fb:ab:12:49:3d:33:c3:df:b0:ed:61:1e:
                    4f:ef:52:1f:1c:2c:19:4b:a2:d5:18:ee:d3:15:17:
                    e2:9d:12:e3:ef:d0:77:25:ba:55:91:d5:59:8c:be:
                    f8:ec:7d:85:68:78:99:a8:f3:56:8a:eb:bd:1f:47:
                    47:ef:2c:36:2f:06:61:04:a7:bb:19:f1:20:43:9c:
                    36:b6:7a:13:06:ae:d7:ac:32:cc:dc:58:ab:d4:1f:
                    1b:9d:39:e9:28:83:1a:c2:bd:76:43:6f:21:be:b2:
                    5b:e1:f6:8f:35:22:57:b0:44:96:69:1b:97:c9:b3:
                    6a:14:b1:a8:af:f7:44:4f:2d:17:03:cc:63:32:41:
                    d2:de:7e:e4:f9:43:e9:fd:92:91:30:4d:9f:8b:74:
                    26:04:14:c8:ea:d8:85:25:f6:29:2c:e4:56:2d:fa:
                    f9:f0:47:9d:ca:5a:5c:15:fb:5b:9f:0c:17:31:49:
                    2d:58:90:98:31:75:1a:f6:d3:dd:ef:5c:ab:71:8e:
                    3c:95:58:08:8d:07:52:c8:6c:c6:6a:54:2a:86:6f:
                    dc:9b:52:dc:83:b9:ff:00:d6:61:25:9f:9b:ed:2b:
                    37:c2:1c:7b:09:68:54:5f:4c:d0:df:d5:e8:3d:0b:
                    9d:22:a8:e4:64:3f:ed:e5:02:51:01:53:11:c2:ed:
                    54:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2D:9B:7A:40:F3:98:48:CE:5E:E8:D5:17:75:70:EA:89:F3:EE:9D
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/fS2bekDzmEjOXujVF3Vw6onz7p0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.24.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         33:0b:7f:d0:35:9c:65:e6:fd:d6:b3:37:4f:c1:69:00:e3:0a:
         56:01:77:e9:9f:a3:38:ab:7b:b0:ac:c8:92:42:99:a9:5c:ba:
         6d:ce:c3:a6:e2:f5:1e:c6:07:94:b7:12:56:d6:bf:be:fb:cc:
         ff:1d:b1:e4:17:82:37:5b:74:eb:3e:40:70:e6:95:c8:13:76:
         87:b3:0a:db:d9:ff:89:9b:e2:b2:3e:6b:2e:05:a9:00:a8:1d:
         0a:63:c8:6c:f4:3e:72:3a:b3:81:ca:e0:bd:ae:1b:f6:6a:a3:
         f1:3b:f3:c6:0f:3d:8f:31:2f:df:76:9b:4c:27:7b:12:f5:8e:
         f9:20:03:59:5a:f0:42:ba:7c:be:98:33:9a:f1:f2:66:cd:df:
         6f:ce:7e:a0:85:a1:44:08:1e:e9:f5:43:e4:e2:65:41:7a:d0:
         20:e4:06:9e:3b:e0:f1:e9:13:c1:a4:23:26:89:c8:5d:0e:1c:
         6d:4c:4a:7c:ea:b8:81:fe:67:c2:27:20:6d:bb:07:04:24:80:
         95:1d:bd:3c:92:4c:f3:d8:35:69:7e:b2:7c:cb:49:c5:91:75:
         7c:4a:10:11:a7:3d:b5:82:cf:1b:ab:43:cd:e0:c5:2e:47:a3:
         8d:c2:9e:ce:fe:5d:1b:3e:23:55:3b:91:bf:26:4f:6e:f4:64:
         ff:5d:75:58
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICB/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMDA5Mjkx
MDA2MzlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDdEMkQ5QjdBNDBGMzk4
NDhDRTVFRThENTE3NzU3MEVBODlGM0VFOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC27furEkk9M8PfsO1hHk/vUh8cLBlLotUY7tMVF+KdEuPv0Hcl
ulWR1VmMvvjsfYVoeJmo81aK670fR0fvLDYvBmEEp7sZ8SBDnDa2ehMGrtesMszc
WKvUHxudOekogxrCvXZDbyG+slvh9o81IlewRJZpG5fJs2oUsaiv90RPLRcDzGMy
QdLefuT5Q+n9kpEwTZ+LdCYEFMjq2IUl9iks5FYt+vnwR53KWlwV+1ufDBcxSS1Y
kJgxdRr2093vXKtxjjyVWAiNB1LIbMZqVCqGb9ybUtyDuf8A1mEln5vtKzfCHHsJ
aFRfTNDf1eg9C50iqORkP+3lAlEBUxHC7VRjAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUfS2bekDzmEjOXujVF3Vw6onz7p0wHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9mUzJiZWtEem1Fak9YdWpWRjNW
dzZvbno3cDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCoxgw
DQYJKoZIhvcNAQELBQADggEBADMLf9A1nGXm/dazN0/BaQDjClYBd+mfozire7Cs
yJJCmalcum3Ow6bi9R7GB5S3ElbWv777zP8dseQXgjdbdOs+QHDmlcgTdoezCtvZ
/4mb4rI+ay4FqQCoHQpjyGz0PnI6s4HK4L2uG/Zqo/E788YPPY8xL992m0wnexL1
jvkgA1la8EK6fL6YM5rx8mbN32/OfqCFoUQIHun1Q+TiZUF60CDkBp474PHpE8Gk
IyaJyF0OHG1MSnzquIH+Z8InIG27BwQkgJUdvTySTPPYNWl+snzLScWRdXxKEBGn
PbWCzxurQ83gxS5Ho43Cns7+XRs+I1U7kb8mT270ZP9ddVg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org