Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/pAYmBzja9dBXinf7d7U9wmSuZew.roa
File:                     pAYmBzja9dBXinf7d7U9wmSuZew.roa (raw, json)
Hash identifier:          nEC/kuB+7+o6J/K2L0xd0vPaEq8lhyOnPsL56t1GYgU=
Subject key identifier:   A4:06:26:07:38:DA:F5:D0:57:8A:77:FB:77:B5:3D:C2:64:AE:65:EC
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0A90
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/pAYmBzja9dBXinf7d7U9wmSuZew.roa
Signing time:             Wed 29 Sep 2021 02:41:22 +0000
ROA not before:           Wed 29 Sep 2021 02:41:22 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     1659
IP address blocks:        192.192.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2704 (0xa90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 02:41:22 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=A406260738DAF5D0578A77FB77B53DC264AE65EC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fc:9a:65:c6:95:d5:9e:17:05:55:eb:b1:41:
                    56:9f:20:ee:9d:1d:e5:11:76:2c:a4:c1:b2:ef:21:
                    90:33:af:c7:9a:0e:e3:36:f9:38:e2:d9:37:10:bf:
                    16:4c:68:91:4b:e6:b9:10:91:62:b2:08:18:4c:91:
                    0c:66:05:c4:aa:5b:7e:c9:c3:ad:eb:00:c4:cd:18:
                    a1:bd:ab:8c:c0:c3:b6:18:5b:f3:1e:79:12:30:b1:
                    29:ea:94:5c:4f:e9:f6:ac:c1:15:c2:2e:44:0d:1e:
                    3d:7f:56:15:32:96:cd:a9:dc:b0:87:16:0f:a3:ae:
                    84:c3:9f:93:c0:a7:d3:2d:e9:f8:c4:a0:95:5b:40:
                    24:e3:d1:9f:59:8c:c1:af:14:70:ea:ae:db:43:13:
                    41:a2:a9:a4:7c:33:38:1e:af:84:f0:e3:62:48:4f:
                    79:04:56:79:58:8a:76:4f:69:cb:74:c4:24:63:ac:
                    0f:0d:b9:e5:e2:6b:38:61:eb:c9:e2:fa:45:21:c7:
                    00:a3:8a:e3:84:7f:db:a5:32:07:73:9e:fc:41:5a:
                    a1:a0:df:30:9d:0c:76:9d:92:d4:0c:2b:95:e9:ce:
                    2f:12:90:e9:ba:45:af:6d:dd:96:49:36:80:1b:36:
                    7d:af:62:b2:82:09:23:da:e1:ab:52:dd:f9:a0:a6:
                    28:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:06:26:07:38:DA:F5:D0:57:8A:77:FB:77:B5:3D:C2:64:AE:65:EC
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/pAYmBzja9dBXinf7d7U9wmSuZew.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.192.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2c:f7:e1:0c:7a:25:f9:45:de:c8:df:86:81:9f:f2:cb:a4:57:
         da:0e:24:47:c5:d2:1a:7f:97:8a:9d:df:86:9a:2b:fe:d8:91:
         ab:a2:55:69:21:1c:18:26:28:50:7f:a3:de:f8:bd:d3:fe:11:
         6a:5b:90:ae:f0:4b:7b:1c:7d:a5:38:7b:d8:4a:24:f8:b6:2b:
         fa:5b:4a:bd:ae:a2:74:b4:e6:df:63:f3:c5:a4:27:8f:2d:bf:
         62:0f:f3:3b:09:06:95:a9:3c:62:79:c2:64:7b:09:4a:30:56:
         21:e3:cb:bb:2b:de:53:4f:95:a9:c7:0a:38:0c:22:70:8c:97:
         7b:e2:30:90:7e:38:62:c8:27:b8:0d:29:66:a2:58:7a:83:ff:
         03:bc:52:e4:46:a0:3f:1a:16:ca:52:3b:ac:73:c2:14:c8:2e:
         e7:e2:f0:60:e0:3a:8a:93:6e:08:19:fc:cf:84:76:17:bd:72:
         5c:a5:51:5d:86:27:d5:f0:a1:8c:aa:1f:cf:ce:39:01:c8:27:
         93:33:8a:1a:d9:84:10:fa:9f:b7:30:3b:ca:f7:95:bf:04:22:
         e9:c2:7e:72:28:8f:f7:07:84:51:73:f2:7a:53:1b:d2:d5:77:
         1d:f0:0b:b2:3e:c7:44:0a:d6:7f:b6:28:10:e8:8e:ee:4f:c7:
         12:79:1d:2c
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEE0MDYyNjA3MzhEQUY1
RDA1NzhBNzdGQjc3QjUzREMyNjRBRTY1RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0/JplxpXVnhcFVeuxQVafIO6dHeURdiykwbLvIZAzr8eaDuM2
+Tji2TcQvxZMaJFL5rkQkWKyCBhMkQxmBcSqW37Jw63rAMTNGKG9q4zAw7YYW/Me
eRIwsSnqlFxP6faswRXCLkQNHj1/VhUyls2p3LCHFg+jroTDn5PAp9Mt6fjEoJVb
QCTj0Z9ZjMGvFHDqrttDE0GiqaR8Mzger4Tw42JIT3kEVnlYinZPact0xCRjrA8N
ueXiazhh68ni+kUhxwCjiuOEf9ulMgdznvxBWqGg3zCdDHadktQMK5Xpzi8SkOm6
Ra9t3ZZJNoAbNn2vYrKCCSPa4atS3fmgpigzAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUpAYmBzja9dBXinf7d7U9wmSuZewwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9wQVltQnpqYTlkQlhpbmY3ZDdV
OXdtU3VaZXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAwMAw
DQYJKoZIhvcNAQELBQADggEBACz34Qx6JflF3sjfhoGf8sukV9oOJEfF0hp/l4qd
34aaK/7YkauiVWkhHBgmKFB/o974vdP+EWpbkK7wS3scfaU4e9hKJPi2K/pbSr2u
onS05t9j88WkJ48tv2IP8zsJBpWpPGJ5wmR7CUowViHjy7sr3lNPlanHCjgMInCM
l3viMJB+OGLIJ7gNKWaiWHqD/wO8UuRGoD8aFspSO6xzwhTILufi8GDgOoqTbggZ
/M+Edhe9clylUV2GJ9XwoYyqH8/OOQHIJ5MzihrZhBD6n7cwO8r3lb8EIunCfnIo
j/cHhFFz8npTG9LVdx3wC7I+x0QK1n+2KBDoju5PxxJ5HSw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org