Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/g1vhtm4cIu4s84BCOGr51HoUr0I.roa
File:                     g1vhtm4cIu4s84BCOGr51HoUr0I.roa (raw, json)
Hash identifier:          XMLFD6ifPDQhEkEmMUDZuYrOKrs5BrbH2yJHTl0+6tY=
Subject key identifier:   83:5B:E1:B6:6E:1C:22:EE:2C:F3:80:42:38:6A:F9:D4:7A:14:AF:42
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0AEB
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/g1vhtm4cIu4s84BCOGr51HoUr0I.roa
Signing time:             Wed 29 Sep 2021 02:41:16 +0000
ROA not before:           Wed 29 Sep 2021 02:41:16 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     1659
IP address blocks:        210.243.0.0/18 maxlen: 18

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2795 (0xaeb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 02:41:16 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=835BE1B66E1C22EE2CF38042386AF9D47A14AF42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:f5:7c:02:8b:dc:a7:47:ff:a4:c3:33:07:b9:
                    98:e4:a0:3a:92:3b:65:67:4d:e0:0e:61:c3:01:1f:
                    36:02:f0:ac:a6:9b:3e:31:af:fc:47:71:f0:4b:78:
                    4a:8d:50:b8:80:e4:dd:13:65:cb:d3:a8:50:af:d8:
                    4f:2c:da:85:35:bc:21:a3:02:60:71:b7:ae:b6:44:
                    37:48:5b:3f:e8:65:14:d8:23:3d:78:59:d1:23:5e:
                    e0:2c:3f:14:b9:93:7c:79:73:18:66:d5:73:e3:14:
                    9e:ba:e1:a8:1c:4f:47:3c:27:8e:cc:c0:7d:3c:73:
                    4e:d7:ea:c6:68:cc:af:b2:9f:1d:d1:f2:31:a9:24:
                    ea:76:42:5e:fb:b7:fb:85:6a:52:d3:93:24:ee:5e:
                    c2:d5:8e:9f:98:61:9a:2a:c6:fd:ef:9f:4a:b4:84:
                    90:34:f7:24:09:9f:a5:d2:82:f8:dd:98:53:c4:dc:
                    42:ee:c9:1c:28:06:c2:78:fc:1c:d7:56:cb:26:12:
                    35:03:e5:50:25:60:30:59:eb:af:69:fc:90:c4:63:
                    7f:3a:7e:e4:9e:e9:ee:24:b9:8f:d3:f8:ab:29:3a:
                    90:1f:f3:b5:04:7a:8c:b8:fe:c0:9e:40:37:06:e5:
                    ce:93:d9:50:12:ed:1f:2c:ba:12:16:4b:35:45:21:
                    c1:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:5B:E1:B6:6E:1C:22:EE:2C:F3:80:42:38:6A:F9:D4:7A:14:AF:42
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/g1vhtm4cIu4s84BCOGr51HoUr0I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.243.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b0:76:e8:09:c3:07:48:bd:3a:7c:c1:21:1c:21:3f:ff:f4:7c:
         2d:ec:c7:bc:10:57:a8:79:2e:53:10:0c:90:29:a8:86:12:50:
         35:b2:33:e5:89:f7:97:ba:bc:bf:78:cb:51:f2:fb:a1:73:3c:
         3b:30:63:3c:30:63:46:78:14:24:d6:61:ac:0c:c0:f7:90:01:
         db:b1:58:d1:74:b0:11:da:60:4a:0e:2b:33:dd:03:36:45:f2:
         b2:d5:ce:4b:20:f1:b8:0b:0c:7c:e0:e4:b7:73:dc:b3:a2:26:
         31:2b:64:64:0e:9d:2a:8d:b4:75:d5:c9:0a:8a:e2:b8:f0:f6:
         81:e4:0b:fc:14:c0:cf:ee:48:61:b4:38:de:3c:cf:41:7c:7b:
         32:45:88:e0:da:a3:0b:74:b4:d5:4b:ad:1e:d8:f8:9e:ba:bf:
         2f:4a:92:a3:84:d4:4b:ab:69:91:c3:99:d8:e0:4e:53:97:1d:
         bb:a2:ff:21:1b:5e:72:77:c3:5c:88:ba:40:b0:e6:3e:b7:f4:
         aa:22:12:50:3a:51:e2:f1:15:58:23:37:1c:a2:0f:16:fc:17:
         2b:47:55:61:b9:31:d8:f1:5b:54:7f:6e:eb:9f:00:27:ca:c8:
         7d:a1:a1:72:94:f3:d1:15:64:17:e4:d8:d2:ed:d6:53:a8:74:
         b6:63:23:3b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTA5Mjkw
MjQxMTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDgzNUJFMUI2NkUxQzIy
RUUyQ0YzODA0MjM4NkFGOUQ0N0ExNEFGNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX9XwCi9ynR/+kwzMHuZjkoDqSO2VnTeAOYcMBHzYC8Kymmz4x
r/xHcfBLeEqNULiA5N0TZcvTqFCv2E8s2oU1vCGjAmBxt662RDdIWz/oZRTYIz14
WdEjXuAsPxS5k3x5cxhm1XPjFJ664agcT0c8J47MwH08c07X6sZozK+ynx3R8jGp
JOp2Ql77t/uFalLTkyTuXsLVjp+YYZoqxv3vn0q0hJA09yQJn6XSgvjdmFPE3ELu
yRwoBsJ4/BzXVssmEjUD5VAlYDBZ669p/JDEY386fuSe6e4kuY/T+KspOpAf87UE
eoy4/sCeQDcG5c6T2VAS7R8suhIWSzVFIcFtAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUg1vhtm4cIu4s84BCOGr51HoUr0IwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9nMXZodG00Y0l1NHM4NEJDT0dy
NTFIb1VyMEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG0vMA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwdugJwwdIvTp8wSEcIT//9Hwt7Me8EFeoeS5T
EAyQKaiGElA1sjPlifeXury/eMtR8vuhczw7MGM8MGNGeBQk1mGsDMD3kAHbsVjR
dLAR2mBKDisz3QM2RfKy1c5LIPG4Cwx84OS3c9yzoiYxK2RkDp0qjbR11ckKiuK4
8PaB5Av8FMDP7khhtDjePM9BfHsyRYjg2qMLdLTVS60e2Pieur8vSpKjhNRLq2mR
w5nY4E5Tlx27ov8hG15yd8NciLpAsOY+t/SqIhJQOlHi8RVYIzccog8W/BcrR1Vh
uTHY8VtUf27rnwAnysh9oaFylPPRFWQX5NjS7dZTqHS2YyM7
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org