Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/n6ElM4ClC8YQwn5KVvD03k-yx9I.roa
File:                     n6ElM4ClC8YQwn5KVvD03k-yx9I.roa (raw, json)
Hash identifier:          1h1rJMb8QWTNA1gGlx17H1/fZucIWYVt+WsFZeJL15Q=
Subject key identifier:   9F:A1:25:33:80:A5:0B:C6:10:C2:7E:4A:56:F0:F4:DE:4F:B2:C7:D2
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0A8A
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/n6ElM4ClC8YQwn5KVvD03k-yx9I.roa
Signing time:             Wed 29 Sep 2021 02:41:21 +0000
ROA not before:           Wed 29 Sep 2021 02:41:21 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     1659
IP address blocks:        192.83.192.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2698 (0xa8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 02:41:21 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=9FA1253380A50BC610C27E4A56F0F4DE4FB2C7D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:78:1a:bb:84:f2:f7:3b:8e:f3:fc:b8:bd:4c:
                    66:97:3d:e8:cc:19:f1:0c:a0:89:dd:5b:5d:b1:25:
                    d2:92:fd:8e:b8:b6:82:63:c1:e9:6f:2a:73:d9:9a:
                    3f:36:60:a4:18:5e:7c:44:5c:26:95:f4:a7:c3:4e:
                    1c:3e:26:72:8d:7b:da:c5:6e:9a:f2:e4:7f:b6:9f:
                    50:67:df:f9:c3:bb:5a:fc:56:24:0f:cf:7b:0c:2e:
                    4d:96:57:6a:28:fc:78:e1:2d:9b:e0:d0:08:fa:62:
                    78:f9:bd:8c:3c:d4:b7:78:1f:26:00:a0:6f:2e:28:
                    69:af:1e:47:d4:65:6a:f1:e3:45:39:c1:3f:9c:2b:
                    f2:24:16:be:74:88:72:b1:39:be:7f:43:65:0e:a1:
                    29:0d:d0:25:58:5a:fe:8a:c3:33:9f:e2:b2:7a:6f:
                    0d:f2:b8:e6:e0:0b:4c:ae:07:b4:e2:ea:81:b3:63:
                    63:67:fc:a2:a3:53:dc:ce:55:41:a5:61:37:ed:b8:
                    59:d0:e1:a5:a1:25:6b:34:f1:35:aa:33:e3:08:93:
                    c2:76:52:43:d9:f7:22:3b:ab:17:33:5d:ee:6b:71:
                    12:50:2d:48:3d:e4:97:8b:db:d1:1b:e4:5d:e3:7e:
                    78:12:23:ce:af:56:bd:97:b0:62:46:3f:88:d3:30:
                    a5:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:A1:25:33:80:A5:0B:C6:10:C2:7E:4A:56:F0:F4:DE:4F:B2:C7:D2
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/n6ElM4ClC8YQwn5KVvD03k-yx9I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.83.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:ff:26:0f:22:b1:d2:44:b5:12:fc:58:76:1e:fb:6e:10:78:
         90:8f:fe:8e:71:95:d7:39:b5:2f:ff:ea:f8:1f:0a:b9:51:9d:
         58:87:9f:3c:83:1d:e5:36:e5:dc:7e:c1:e6:02:66:88:74:c2:
         e0:a8:70:60:c0:5f:0f:c7:10:09:c8:6e:35:88:76:39:d7:92:
         8b:c3:0e:a9:e9:1f:2e:d6:90:c8:41:77:8c:e8:4f:9d:c0:e9:
         e1:98:93:e1:c5:00:bc:22:f6:b3:69:1e:d8:21:85:08:3d:d0:
         cd:56:d1:8c:94:25:5c:0d:1c:85:2e:c5:f5:d2:70:26:bf:57:
         e5:dd:4f:fb:4b:bc:52:00:82:49:8b:f1:c3:ed:30:c5:34:36:
         04:77:ae:40:46:b7:59:e1:42:25:32:a3:ff:9c:0b:2f:e2:ed:
         17:7f:42:1f:6f:89:6c:66:02:76:ef:35:93:20:1c:4c:2f:64:
         c3:06:67:14:89:f0:46:f1:46:d6:1f:7d:55:a1:61:75:06:c1:
         2c:11:41:3c:2c:28:c1:0b:d5:a3:04:9b:e4:7a:80:05:a9:08:
         30:ef:ad:66:81:ec:69:2d:9f:5c:a0:e3:32:dc:67:eb:3d:99:
         4f:33:e2:16:2f:fa:86:51:57:d2:57:0c:65:20:62:85:bf:08:
         39:f1:ba:63
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlGQTEyNTMzODBBNTBC
QzYxMEMyN0U0QTU2RjBGNERFNEZCMkM3RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3eBq7hPL3O47z/Li9TGaXPejMGfEMoIndW12xJdKS/Y64toJj
welvKnPZmj82YKQYXnxEXCaV9KfDThw+JnKNe9rFbpry5H+2n1Bn3/nDu1r8ViQP
z3sMLk2WV2oo/HjhLZvg0Aj6Ynj5vYw81Ld4HyYAoG8uKGmvHkfUZWrx40U5wT+c
K/IkFr50iHKxOb5/Q2UOoSkN0CVYWv6KwzOf4rJ6bw3yuObgC0yuB7Ti6oGzY2Nn
/KKjU9zOVUGlYTftuFnQ4aWhJWs08TWqM+MIk8J2UkPZ9yI7qxczXe5rcRJQLUg9
5JeL29Eb5F3jfngSI86vVr2XsGJGP4jTMKURAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUn6ElM4ClC8YQwn5KVvD03k+yx9IwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9uNkVsTTRDbEM4WVF3bjVLVnZE
MDNrLXl4OUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwFPA
MA0GCSqGSIb3DQEBCwUAA4IBAQAt/yYPIrHSRLUS/Fh2HvtuEHiQj/6OcZXXObUv
/+r4Hwq5UZ1Yh588gx3lNuXcfsHmAmaIdMLgqHBgwF8PxxAJyG41iHY515KLww6p
6R8u1pDIQXeM6E+dwOnhmJPhxQC8IvazaR7YIYUIPdDNVtGMlCVcDRyFLsX10nAm
v1fl3U/7S7xSAIJJi/HD7TDFNDYEd65ARrdZ4UIlMqP/nAsv4u0Xf0Ifb4lsZgJ2
7zWTIBxML2TDBmcUifBG8UbWH31VoWF1BsEsEUE8LCjBC9WjBJvkeoAFqQgw761m
gexpLZ9coOMy3GfrPZlPM+IWL/qGUVfSVwxlIGKFvwg58bpj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org