Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/uKUPyq6stZnrpl1MK9xNd-sEPNA.roa
File:                     uKUPyq6stZnrpl1MK9xNd-sEPNA.roa (raw, json)
Hash identifier:          DApxbGAEZtVe5Yxr4VzNNWWEURGvGCiIY0br2fSXJPY=
Subject key identifier:   B8:A5:0F:CA:AE:AC:B5:99:EB:A6:5D:4C:2B:DC:4D:77:EB:04:3C:D0
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0AC5
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/uKUPyq6stZnrpl1MK9xNd-sEPNA.roa
Signing time:             Wed 29 Sep 2021 02:41:03 +0000
ROA not before:           Wed 29 Sep 2021 02:41:03 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17716
IP address blocks:        120.96.248.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2757 (0xac5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 29 02:41:03 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=B8A50FCAAEACB599EBA65D4C2BDC4D77EB043CD0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e7:1c:d9:80:34:87:97:9a:9c:5b:bc:a2:67:
                    d4:56:98:02:a2:18:a6:e1:f3:5c:60:c7:60:4a:b9:
                    cf:c7:8f:c9:66:f8:80:90:9c:5c:d5:50:e3:d5:8a:
                    f3:7f:ab:8b:63:51:ae:63:97:07:2e:70:ca:62:bd:
                    aa:84:97:ef:63:26:1d:d5:13:20:4f:9f:0c:ca:9e:
                    6b:f9:a2:4c:89:f8:eb:c5:1a:d7:86:04:72:b7:fd:
                    3a:fa:36:b6:b1:50:c0:88:01:06:d0:c1:a7:c7:de:
                    45:5c:45:a4:93:22:c3:f0:ca:b7:8b:99:55:07:0a:
                    da:5f:aa:76:19:69:61:37:5e:b3:a0:1d:65:e9:ce:
                    0e:64:c9:cb:7f:54:f4:17:a8:dc:f0:a9:bd:ab:0f:
                    5c:af:7f:55:58:53:46:23:93:89:ff:e6:8d:ce:38:
                    5d:eb:98:d7:07:97:f7:9e:81:15:bc:48:18:a4:51:
                    f6:ec:05:1c:5d:23:f9:37:f0:30:2a:f6:99:66:49:
                    cb:e5:e6:c5:4c:5e:69:89:7f:68:50:9c:0d:ef:c9:
                    f6:c7:10:03:2e:f4:af:c3:ad:8d:50:3b:08:2d:6f:
                    1a:8d:50:de:0a:17:af:0e:08:1f:bb:d6:bc:c8:75:
                    fd:76:7c:50:89:72:df:ed:35:3f:e5:35:a3:25:d2:
                    2f:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:A5:0F:CA:AE:AC:B5:99:EB:A6:5D:4C:2B:DC:4D:77:EB:04:3C:D0
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/uKUPyq6stZnrpl1MK9xNd-sEPNA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.96.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:af:ed:a3:f3:60:9c:f2:f8:10:93:59:8a:af:20:ab:2f:42:
         61:04:4a:af:89:c6:1e:37:9f:e3:f1:37:8d:05:4a:47:54:39:
         39:d3:06:86:38:89:ad:c6:61:04:fb:f1:ed:92:75:f9:bc:f1:
         41:d5:55:19:fc:b4:c8:bf:93:f3:6f:2f:84:cd:55:0e:4f:e5:
         f2:95:a7:81:d0:69:bc:ad:23:e5:ff:39:76:34:85:87:a1:ee:
         16:ac:14:9f:a7:8c:bd:a4:30:92:2f:d8:a9:7b:a4:93:71:1f:
         f1:9f:b6:27:8c:8f:7d:54:e3:f4:d5:5f:b5:20:92:7f:c0:ff:
         ac:53:85:38:c2:fd:44:85:eb:ad:e9:e2:51:99:f0:36:44:80:
         53:22:4d:0f:55:a0:24:e2:d5:38:fe:15:40:f5:65:e2:75:5b:
         3a:b6:1f:fa:5b:b4:65:60:1e:2a:ba:bd:83:7a:93:6e:1b:21:
         0c:d3:03:03:55:aa:1a:c1:03:61:3c:a1:92:64:a7:57:21:60:
         93:b7:27:f7:a4:74:50:71:ec:9b:68:1a:98:3d:1a:5c:9a:15:
         0f:53:39:a9:ff:65:d8:ca:9b:08:29:ef:2f:1c:9a:1e:db:73:
         be:68:0e:c1:ac:1d:40:39:e3:54:f2:09:40:8f:9c:f2:36:86:
         cb:e2:71:7c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMTA5Mjkw
MjQxMDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEI4QTUwRkNBQUVBQ0I1
OTlFQkE2NUQ0QzJCREM0RDc3RUIwNDNDRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV5xzZgDSHl5qcW7yiZ9RWmAKiGKbh81xgx2BKuc/Hj8lm+ICQ
nFzVUOPVivN/q4tjUa5jlwcucMpivaqEl+9jJh3VEyBPnwzKnmv5okyJ+OvFGteG
BHK3/Tr6NraxUMCIAQbQwafH3kVcRaSTIsPwyreLmVUHCtpfqnYZaWE3XrOgHWXp
zg5kyct/VPQXqNzwqb2rD1yvf1VYU0Yjk4n/5o3OOF3rmNcHl/eegRW8SBikUfbs
BRxdI/k38DAq9plmScvl5sVMXmmJf2hQnA3vyfbHEAMu9K/DrY1QOwgtbxqNUN4K
F68OCB+71rzIdf12fFCJct/tNT/lNaMl0i8BAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUuKUPyq6stZnrpl1MK9xNd+sEPNAwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC91S1VQeXE2c3RabnJwbDFNSzl4
TmQtc0VQTkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCeGD4
MA0GCSqGSIb3DQEBCwUAA4IBAQBpr+2j82Cc8vgQk1mKryCrL0JhBEqvicYeN5/j
8TeNBUpHVDk50waGOImtxmEE+/HtknX5vPFB1VUZ/LTIv5Pzby+EzVUOT+XylaeB
0Gm8rSPl/zl2NIWHoe4WrBSfp4y9pDCSL9ipe6STcR/xn7YnjI99VOP01V+1IJJ/
wP+sU4U4wv1Eheut6eJRmfA2RIBTIk0PVaAk4tU4/hVA9WXidVs6th/6W7RlYB4q
ur2DepNuGyEM0wMDVaoawQNhPKGSZKdXIWCTtyf3pHRQceybaBqYPRpcmhUPUzmp
/2XYypsIKe8vHJoe23O+aA7BrB1AOeNU8glAj5zyNobL4nF8
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org