Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/yKYVaTbwETeKtuNkVz6TgKfocLY.roa
File:                     yKYVaTbwETeKtuNkVz6TgKfocLY.roa (raw, json)
Hash identifier:          Uku2s0utNVzbB+BJVAnCvRIt+YxEWw8URkyXj71O9Fk=
Subject key identifier:   C8:A6:15:69:36:F0:11:37:8A:B6:E3:64:57:3E:93:80:A7:E8:70:B6
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0BD8
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/yKYVaTbwETeKtuNkVz6TgKfocLY.roa
Signing time:             Thu 15 Sep 2022 02:41:07 +0000
ROA not before:           Thu 15 Sep 2022 02:41:07 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9916
IP address blocks:        120.126.96.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3032 (0xbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep 15 02:41:07 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C8A6156936F011378AB6E364573E9380A7E870B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ac:3b:ff:8c:13:5b:6a:11:7f:6d:8b:64:5d:
                    85:2b:21:16:55:c5:26:75:ab:a0:93:85:c0:ac:0b:
                    9e:25:b1:9c:e4:98:bb:43:44:cd:b3:57:8f:3c:72:
                    05:9a:e8:9a:e2:eb:0a:1d:45:af:02:83:c0:3b:ad:
                    d0:df:21:ed:95:cc:e2:b0:46:a0:1a:63:cd:26:0c:
                    68:74:5a:a8:25:4b:fe:01:12:39:56:84:12:76:b3:
                    4a:1c:4c:85:ca:14:2c:2d:bb:9b:ca:40:fe:d4:d9:
                    c8:cb:31:33:69:53:fd:07:3f:75:66:64:c5:11:49:
                    a8:cb:05:1f:ba:e5:d2:4c:e5:e5:7e:4d:e4:f9:b8:
                    1c:31:6b:85:ab:20:93:d0:e9:4a:68:1f:e0:19:c2:
                    40:1e:ee:aa:74:7b:78:a1:10:91:4d:45:7f:f2:87:
                    c3:ec:72:2a:f6:fd:c2:b9:2c:e4:fa:99:3e:54:3d:
                    95:98:4a:0a:a6:09:f7:7f:01:37:d4:d6:e2:9c:f2:
                    53:15:28:81:7d:a8:59:d2:17:86:91:64:7d:3d:29:
                    18:04:75:5f:12:b7:bd:34:43:69:63:19:47:8f:62:
                    b9:73:0a:58:4d:60:92:6a:06:c6:95:28:e4:d9:77:
                    21:02:84:09:a6:4b:b6:3e:c8:af:18:c2:95:d9:b6:
                    4e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:A6:15:69:36:F0:11:37:8A:B6:E3:64:57:3E:93:80:A7:E8:70:B6
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/yKYVaTbwETeKtuNkVz6TgKfocLY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.126.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a1:62:cc:36:78:b8:90:65:af:21:d1:49:95:be:c5:cf:89:4e:
         91:9f:16:8b:e0:d5:5e:8c:61:27:9b:c9:bc:61:c4:37:28:16:
         8a:85:95:96:35:42:60:72:8a:46:4a:c5:75:a4:6e:bd:3e:11:
         83:d1:42:02:2d:c1:37:7e:f6:ee:80:94:dc:03:db:69:f8:fe:
         dd:cf:0c:96:0e:65:cd:4f:bf:a6:8e:5a:d5:d1:54:cc:fb:2e:
         91:7c:09:02:ee:ad:d6:6e:6b:c1:7d:c0:3a:ef:28:c0:8d:6f:
         49:80:2a:a6:f0:00:3c:70:58:53:b6:af:43:12:8e:d1:cd:29:
         41:b4:ea:14:3a:c1:d3:06:35:bb:d1:ae:31:d5:2f:49:29:33:
         f1:54:ac:12:62:c6:28:eb:71:79:72:65:ff:16:d7:20:fa:de:
         4c:02:62:c7:45:56:d9:d2:57:7e:fe:a6:31:81:b9:74:43:6c:
         1d:1a:90:3d:50:c0:37:dc:02:76:d8:6d:f8:2b:9b:9c:b2:49:
         0b:ac:64:5c:e0:f5:30:c4:87:06:86:ad:ff:41:96:28:49:bf:
         ec:21:1a:64:44:08:eb:e5:45:1b:f7:7e:fb:39:29:4e:65:51:
         f3:d1:f3:5d:70:fa:5e:8e:6c:fd:ce:8e:82:5d:fc:4e:80:ba:
         27:61:35:1d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMjA5MTUw
MjQxMDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM4QTYxNTY5MzZGMDEx
Mzc4QUI2RTM2NDU3M0U5MzgwQTdFODcwQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4rDv/jBNbahF/bYtkXYUrIRZVxSZ1q6CThcCsC54lsZzkmLtD
RM2zV488cgWa6Jri6wodRa8Cg8A7rdDfIe2VzOKwRqAaY80mDGh0WqglS/4BEjlW
hBJ2s0ocTIXKFCwtu5vKQP7U2cjLMTNpU/0HP3VmZMURSajLBR+65dJM5eV+TeT5
uBwxa4WrIJPQ6UpoH+AZwkAe7qp0e3ihEJFNRX/yh8Pscir2/cK5LOT6mT5UPZWY
SgqmCfd/ATfU1uKc8lMVKIF9qFnSF4aRZH09KRgEdV8St700Q2ljGUePYrlzClhN
YJJqBsaVKOTZdyEChAmmS7Y+yK8YwpXZtk7fAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUyKYVaTbwETeKtuNkVz6TgKfocLYwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC95S1lWYVRid0VUZUt0dU5rVno2
VGdLZm9jTFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEeH5g
MA0GCSqGSIb3DQEBCwUAA4IBAQChYsw2eLiQZa8h0UmVvsXPiU6RnxaL4NVejGEn
m8m8YcQ3KBaKhZWWNUJgcopGSsV1pG69PhGD0UICLcE3fvbugJTcA9tp+P7dzwyW
DmXNT7+mjlrV0VTM+y6RfAkC7q3WbmvBfcA67yjAjW9JgCqm8AA8cFhTtq9DEo7R
zSlBtOoUOsHTBjW70a4x1S9JKTPxVKwSYsYo63F5cmX/Ftcg+t5MAmLHRVbZ0ld+
/qYxgbl0Q2wdGpA9UMA33AJ22G34K5ucskkLrGRc4PUwxIcGhq3/QZYoSb/sIRpk
RAjr5UUb9377OSlOZVHz0fNdcPpejmz9zo6CXfxOgLonYTUd
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org