Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/ijebFfOvRrZlwwL36LW5x0f5iCw.roa
File:                     ijebFfOvRrZlwwL36LW5x0f5iCw.roa (raw, json)
Hash identifier:          6YBogPOVVGjk3ZhvgfZQxry2cut1rgCJCiKabIXIB7E=
Subject key identifier:   8A:37:9B:15:F3:AF:46:B6:65:C3:02:F7:E8:B5:B9:C7:47:F9:88:2C
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0B8A
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/ijebFfOvRrZlwwL36LW5x0f5iCw.roa
Signing time:             Thu 15 Sep 2022 02:41:16 +0000
ROA not before:           Thu 15 Sep 2022 02:41:16 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     1659
IP address blocks:        192.83.192.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2954 (0xb8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 15 02:41:16 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=8A379B15F3AF46B665C302F7E8B5B9C747F9882C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:da:6d:29:6b:de:08:d6:3c:81:bc:86:b4:9e:
                    df:87:e5:35:81:84:6b:98:fa:b3:1f:f5:80:df:2d:
                    52:63:4b:21:94:a8:dc:cc:86:90:11:d4:cf:9d:fe:
                    7d:83:da:2c:40:ae:19:4a:c8:5b:29:a6:6e:70:5d:
                    b3:22:10:88:a8:29:ae:5c:5e:2b:9c:06:b6:4e:c2:
                    5d:0b:35:77:56:f4:26:33:51:e1:08:ff:97:8e:41:
                    8d:f5:c9:5b:d6:b2:39:40:66:67:b8:ea:ee:66:9e:
                    9d:92:88:72:6b:83:e4:ed:1a:32:d3:b2:bf:9b:46:
                    51:c9:b7:f5:40:41:74:9d:4d:85:14:75:a0:f9:eb:
                    28:d0:c9:fb:db:8c:0c:52:5c:be:c9:11:3e:d9:37:
                    9d:e6:14:da:1f:0e:61:cb:7f:fd:2c:a2:e4:d8:9d:
                    3e:8a:6a:b4:6e:0f:56:ce:7c:55:1e:bd:5a:a5:ad:
                    92:4f:99:42:f2:3b:3a:b6:0c:d5:9c:b1:25:cd:9e:
                    e9:96:b2:8f:f2:ca:83:fc:7e:4c:34:82:3f:71:93:
                    d2:22:90:2b:56:0f:d8:ae:57:6a:97:fc:a4:ab:4f:
                    9e:c6:8f:e9:8f:c6:ab:c7:ca:41:54:a6:b1:53:78:
                    4d:78:1c:62:1f:c4:b2:a8:c7:b4:f2:a8:00:ad:e7:
                    43:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:37:9B:15:F3:AF:46:B6:65:C3:02:F7:E8:B5:B9:C7:47:F9:88:2C
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/ijebFfOvRrZlwwL36LW5x0f5iCw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.83.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         73:0a:aa:a7:f6:39:dd:f9:90:f7:50:3e:5b:93:c3:21:11:28:
         6d:d9:f8:04:92:2d:04:8f:b0:95:24:2d:51:6d:28:ab:22:e8:
         d0:4a:0d:15:d0:98:7d:cf:0d:b4:4f:d4:55:01:66:34:66:b1:
         77:f0:d9:8c:e5:04:a4:20:8c:02:5b:10:46:8c:61:c2:40:34:
         1e:25:1e:b8:c4:71:99:01:d0:30:3f:bf:8a:23:78:c1:a2:fc:
         81:ab:38:e4:db:b3:40:9e:bd:97:c8:eb:f8:6f:04:aa:18:a6:
         87:bf:f0:41:c7:31:28:d4:89:a6:8e:49:02:bc:d7:91:67:6e:
         ee:70:84:97:40:30:ca:13:f0:e0:f6:b3:9f:15:07:75:70:1c:
         e0:62:dc:ec:d2:ed:37:d1:41:7a:3c:ca:75:46:6c:a3:b6:cd:
         9c:4f:0d:58:e2:7f:e4:07:68:2f:1d:d3:6a:c2:a3:68:f4:bf:
         8e:5d:a3:31:fd:9c:ac:b9:98:1b:1d:2b:07:6a:e3:bb:d6:7c:
         b6:e7:fd:de:2f:ff:e0:fc:1f:ff:51:2b:09:71:be:d1:c5:40:
         7a:fa:c8:32:44:44:35:d5:11:d3:67:53:ba:15:a9:e5:cb:a7:
         d8:e4:23:e6:02:27:17:cd:dc:a9:fe:b7:c5:14:09:a3:ce:36:
         e8:cd:6e:ac
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMjA5MTUw
MjQxMTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDhBMzc5QjE1RjNBRjQ2
QjY2NUMzMDJGN0U4QjVCOUM3NDdGOTg4MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ2m0pa94I1jyBvIa0nt+H5TWBhGuY+rMf9YDfLVJjSyGUqNzM
hpAR1M+d/n2D2ixArhlKyFsppm5wXbMiEIioKa5cXiucBrZOwl0LNXdW9CYzUeEI
/5eOQY31yVvWsjlAZme46u5mnp2SiHJrg+TtGjLTsr+bRlHJt/VAQXSdTYUUdaD5
6yjQyfvbjAxSXL7JET7ZN53mFNofDmHLf/0souTYnT6KarRuD1bOfFUevVqlrZJP
mULyOzq2DNWcsSXNnumWso/yyoP8fkw0gj9xk9IikCtWD9iuV2qX/KSrT57Gj+mP
xqvHykFUprFTeE14HGIfxLKox7TyqACt50OpAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUijebFfOvRrZlwwL36LW5x0f5iCwwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9pamViRmZPdlJyWmx3d0wzNkxX
NXgwZjVpQ3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwFPA
MA0GCSqGSIb3DQEBCwUAA4IBAQBzCqqn9jnd+ZD3UD5bk8MhESht2fgEki0Ej7CV
JC1RbSirIujQSg0V0Jh9zw20T9RVAWY0ZrF38NmM5QSkIIwCWxBGjGHCQDQeJR64
xHGZAdAwP7+KI3jBovyBqzjk27NAnr2XyOv4bwSqGKaHv/BBxzEo1ImmjkkCvNeR
Z27ucISXQDDKE/Dg9rOfFQd1cBzgYtzs0u030UF6PMp1Rmyjts2cTw1Y4n/kB2gv
HdNqwqNo9L+OXaMx/ZysuZgbHSsHauO71ny25/3eL//g/B//USsJcb7RxUB6+sgy
REQ11RHTZ1O6Fanly6fY5CPmAicXzdyp/rfFFAmjzjbozW6s
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org