Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/g30ZapUuCY3QaDzgclezCFdFj_8.roa
File:                     g30ZapUuCY3QaDzgclezCFdFj_8.roa (raw, json)
Hash identifier:          XTuvDCSakXfpMHEm8BQBYeRxttV0HnXlu5D+kqyB1UE=
Subject key identifier:   83:7D:19:6A:95:2E:09:8D:D0:68:3C:E0:72:57:B3:08:57:45:8F:FF
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       07BB
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/g30ZapUuCY3QaDzgclezCFdFj_8.roa
Signing time:             Tue 29 Sep 2020 10:06:48 +0000
ROA not before:           Tue 29 Sep 2020 10:06:48 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18047
IP address blocks:        140.114.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1979 (0x7bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 10:06:48 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=837D196A952E098DD0683CE07257B30857458FFF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4f:6d:ea:39:b1:af:0e:a4:57:9b:18:de:4f:
                    99:91:4c:4d:24:7d:95:82:46:64:a8:40:3a:8a:b3:
                    7f:d0:a3:12:2e:36:02:14:b7:fb:6f:dd:11:e2:5c:
                    b1:9d:6f:b1:8b:4f:39:8a:f7:69:03:43:b5:db:7a:
                    38:c9:75:82:51:34:86:ee:17:61:0e:70:12:c6:7d:
                    e5:23:40:1f:e9:35:a0:e1:61:d4:49:00:f4:70:2c:
                    c9:d1:71:82:d6:eb:b3:b8:5b:92:28:22:85:80:3c:
                    1f:87:85:12:47:8f:ec:e9:19:11:88:94:c0:e4:85:
                    e9:13:2e:6e:15:c5:b2:8d:73:68:e8:8a:77:b6:5a:
                    99:d1:0a:a8:da:31:91:ad:3f:75:44:55:e1:3c:93:
                    95:d2:6b:19:5b:5d:09:3b:56:41:bf:26:68:29:3c:
                    1e:ae:45:8f:2a:e7:46:3a:62:51:9f:83:eb:06:b0:
                    3f:f9:8a:9e:1a:10:26:e8:9b:52:a9:c1:d4:cf:92:
                    55:64:73:ec:9f:4d:c5:b9:b8:dc:c7:db:ec:6b:0f:
                    0e:e3:1a:96:b8:47:2c:ba:c1:d8:38:c7:7a:2b:8b:
                    ea:41:89:7c:9b:19:04:5a:3a:dc:16:1b:b4:dc:41:
                    94:f3:5b:39:08:21:4b:56:41:80:03:4c:11:5d:71:
                    61:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:7D:19:6A:95:2E:09:8D:D0:68:3C:E0:72:57:B3:08:57:45:8F:FF
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/g30ZapUuCY3QaDzgclezCFdFj_8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.114.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5c:95:50:ed:d9:d5:45:d3:76:84:1f:7e:41:94:71:f9:8e:41:
         2d:d9:78:5e:10:a9:24:00:56:71:ac:48:6d:de:bc:38:4b:50:
         71:21:58:94:08:0d:92:ec:62:81:f8:d4:5d:16:f9:05:f5:24:
         fd:c3:b5:ce:cd:60:1a:b6:13:5b:f4:1f:3a:06:d6:ca:89:98:
         50:78:c1:db:88:67:59:c7:4d:09:5f:a3:c2:bd:91:9f:aa:65:
         ce:47:af:45:9b:43:d5:3a:df:a8:ac:21:cc:eb:7c:9c:c8:99:
         cf:e1:0f:1c:93:61:d3:ef:91:d5:fa:46:2c:8b:55:21:e7:09:
         30:5b:39:16:e9:c2:6c:f0:2e:ed:2f:35:38:7b:70:0e:e2:02:
         b7:d8:02:79:45:89:4b:aa:c2:76:56:09:42:50:d9:f1:20:44:
         db:df:25:90:80:c5:2b:de:bf:5c:8d:62:5b:c4:62:17:c2:43:
         91:7c:a6:47:df:00:10:e0:67:f5:a3:d2:ba:a7:12:c3:4d:8b:
         3e:55:b0:71:b3:69:d0:7d:50:9c:f3:10:97:23:30:42:12:01:
         cf:6c:cf:05:32:2c:f7:10:19:69:02:11:97:a0:f1:e8:38:97:
         63:37:a4:fa:d9:8b:24:6e:9d:a8:f5:28:cb:a3:e8:80:52:45:
         1d:7c:c0:e8
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICB7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMDA5Mjkx
MDA2NDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDgzN0QxOTZBOTUyRTA5
OEREMDY4M0NFMDcyNTdCMzA4NTc0NThGRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqT23qObGvDqRXmxjeT5mRTE0kfZWCRmSoQDqKs3/QoxIuNgIU
t/tv3RHiXLGdb7GLTzmK92kDQ7XbejjJdYJRNIbuF2EOcBLGfeUjQB/pNaDhYdRJ
APRwLMnRcYLW67O4W5IoIoWAPB+HhRJHj+zpGRGIlMDkhekTLm4VxbKNc2joine2
WpnRCqjaMZGtP3VEVeE8k5XSaxlbXQk7VkG/JmgpPB6uRY8q50Y6YlGfg+sGsD/5
ip4aECbom1KpwdTPklVkc+yfTcW5uNzH2+xrDw7jGpa4Ryy6wdg4x3ori+pBiXyb
GQRaOtwWG7TcQZTzWzkIIUtWQYADTBFdcWExAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUg30ZapUuCY3QaDzgclezCFdFj/8wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9nMzBaYXBVdUNZM1FhRHpnY2xl
ekNGZEZqXzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHIw
DQYJKoZIhvcNAQELBQADggEBAFyVUO3Z1UXTdoQffkGUcfmOQS3ZeF4QqSQAVnGs
SG3evDhLUHEhWJQIDZLsYoH41F0W+QX1JP3Dtc7NYBq2E1v0HzoG1sqJmFB4wduI
Z1nHTQlfo8K9kZ+qZc5Hr0WbQ9U636isIczrfJzImc/hDxyTYdPvkdX6RiyLVSHn
CTBbORbpwmzwLu0vNTh7cA7iArfYAnlFiUuqwnZWCUJQ2fEgRNvfJZCAxSvev1yN
YlvEYhfCQ5F8pkffABDgZ/Wj0rqnEsNNiz5VsHGzadB9UJzzEJcjMEISAc9szwUy
LPcQGWkCEZeg8eg4l2M3pPrZiyRunaj1KMuj6IBSRR18wOg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org