Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/gPtfUKQHe4xzRx3tTIEUT7KVpJs.roa
File:                     gPtfUKQHe4xzRx3tTIEUT7KVpJs.roa (raw, json)
Hash identifier:          xaBzr5PDkQnJkKMPVzIOiRWRvlT+yTMcfhVW1usbWNA=
Subject key identifier:   80:FB:5F:50:A4:07:7B:8C:73:47:1D:ED:4C:81:14:4F:B2:95:A4:9B
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       07C4
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/gPtfUKQHe4xzRx3tTIEUT7KVpJs.roa
Signing time:             Tue 29 Sep 2020 10:06:51 +0000
ROA not before:           Tue 29 Sep 2020 10:06:51 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17716
IP address blocks:        140.112.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1988 (0x7c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 10:06:51 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=80FB5F50A4077B8C73471DED4C81144FB295A49B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e4:75:95:48:8d:f9:fe:47:15:e8:7b:87:99:
                    ab:92:a7:89:bc:f4:fb:2f:18:06:13:41:19:14:ca:
                    c6:43:04:31:a8:99:11:f6:92:41:1e:65:a5:dd:0e:
                    48:19:ce:dc:22:7e:64:bb:81:d5:b6:75:dc:f7:b1:
                    de:d1:dc:c6:e0:bc:c7:4f:61:4c:2a:9f:87:19:ae:
                    04:10:67:d8:9d:bc:42:20:fa:f4:69:e1:67:f3:54:
                    ce:ad:d8:1b:71:b6:4f:39:94:43:ab:45:26:ce:0c:
                    78:d1:df:02:a5:99:a4:c8:17:ba:2c:19:2e:7f:53:
                    7b:6b:4e:a8:09:00:43:9b:e3:7f:73:ad:57:88:e8:
                    0f:55:07:ff:4c:fb:f8:1c:db:af:bf:37:db:0f:c8:
                    06:a4:d3:3f:ea:05:3a:22:17:47:d9:6b:1b:59:f8:
                    7b:ba:1a:ef:c2:75:e4:55:ca:31:b5:f2:cf:9b:22:
                    4d:db:6c:65:7a:c4:ee:b5:c7:1c:3c:ca:d1:11:7c:
                    1d:e0:a1:77:c2:31:9d:c4:cf:95:ff:ff:ae:97:6d:
                    96:22:40:be:57:56:c7:1a:ca:32:44:ba:f3:a1:64:
                    bf:b1:39:50:92:8f:4a:7f:e9:df:ab:a0:20:0f:5a:
                    69:00:5a:04:f8:9e:e1:6d:b7:bd:a5:b5:a1:05:8a:
                    37:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:FB:5F:50:A4:07:7B:8C:73:47:1D:ED:4C:81:14:4F:B2:95:A4:9B
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/gPtfUKQHe4xzRx3tTIEUT7KVpJs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.112.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         31:f4:89:56:e7:a2:6f:6b:7a:d9:f6:04:12:61:3e:7d:65:3a:
         b2:af:83:b6:e0:e3:d4:ea:fe:1d:48:01:30:f7:03:23:65:51:
         90:21:38:eb:2e:b6:2d:62:ba:c4:2e:92:51:44:e9:f0:8a:94:
         5a:2c:ed:25:2f:24:df:dd:ec:c6:ea:c3:9d:6a:e9:51:35:7d:
         23:1e:d7:8f:ee:4d:70:10:98:85:4c:91:9c:aa:55:b7:01:c8:
         f4:d3:f3:62:41:51:39:b4:1b:b4:6d:ec:a4:b3:e1:ae:9c:ac:
         91:40:4a:6a:0a:2f:36:23:ce:3f:cf:d9:c4:99:96:9a:9f:ff:
         6a:0b:28:26:99:18:1d:02:08:42:c6:53:b8:03:6c:2e:85:65:
         ae:5c:3d:ca:56:dc:88:65:f9:10:5e:a7:98:2c:10:fc:34:59:
         27:17:58:16:27:7c:86:a7:a1:9a:01:7d:d5:cc:e9:fb:64:ff:
         84:cd:b0:17:c4:12:0d:51:a5:23:55:ed:3e:2b:80:4a:80:cd:
         65:f4:1a:cb:5c:1e:8a:a8:63:d7:de:27:90:4c:4e:0f:71:a0:
         8b:00:a3:c3:46:53:f7:44:7c:df:8a:1c:c9:b1:e3:26:3b:36:
         22:f5:62:d7:ff:15:90:04:8c:9c:8e:99:36:eb:55:06:b8:c9:
         dc:c6:fb:14
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICB8QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMDA5Mjkx
MDA2NTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDgwRkI1RjUwQTQwNzdC
OEM3MzQ3MURFRDRDODExNDRGQjI5NUE0OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDf5HWVSI35/kcV6HuHmauSp4m89PsvGAYTQRkUysZDBDGomRH2
kkEeZaXdDkgZztwifmS7gdW2ddz3sd7R3MbgvMdPYUwqn4cZrgQQZ9idvEIg+vRp
4WfzVM6t2Btxtk85lEOrRSbODHjR3wKlmaTIF7osGS5/U3trTqgJAEOb439zrVeI
6A9VB/9M+/gc26+/N9sPyAak0z/qBToiF0fZaxtZ+Hu6Gu/CdeRVyjG18s+bIk3b
bGV6xO61xxw8ytERfB3goXfCMZ3Ez5X//66XbZYiQL5XVscayjJEuvOhZL+xOVCS
j0p/6d+roCAPWmkAWgT4nuFtt72ltaEFijf3AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUgPtfUKQHe4xzRx3tTIEUT7KVpJswHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9nUHRmVUtRSGU0eHpSeDN0VElF
VVQ3S1ZwSnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHAw
DQYJKoZIhvcNAQELBQADggEBADH0iVbnom9retn2BBJhPn1lOrKvg7bg49Tq/h1I
ATD3AyNlUZAhOOsuti1iusQuklFE6fCKlFos7SUvJN/d7Mbqw51q6VE1fSMe14/u
TXAQmIVMkZyqVbcByPTT82JBUTm0G7Rt7KSz4a6crJFASmoKLzYjzj/P2cSZlpqf
/2oLKCaZGB0CCELGU7gDbC6FZa5cPcpW3Ihl+RBep5gsEPw0WScXWBYnfIanoZoB
fdXM6ftk/4TNsBfEEg1RpSNV7T4rgEqAzWX0GstcHoqoY9feJ5BMTg9xoIsAo8NG
U/dEfN+KHMmx4yY7NiL1Ytf/FZAEjJyOmTbrVQa4ydzG+xQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org