Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/z4VilU0rtc6aN_YTaMEZikY9nN0.roa
File:                     z4VilU0rtc6aN_YTaMEZikY9nN0.roa (raw, json)
Hash identifier:          P32k+52z+kYgf4TdiKMv+ceg1pAtTADZlquwU2qHBUs=
Subject key identifier:   CF:85:62:95:4D:2B:B5:CE:9A:37:F6:13:68:C1:19:8A:46:3D:9C:DD
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0A87
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/z4VilU0rtc6aN_YTaMEZikY9nN0.roa
Signing time:             Wed 29 Sep 2021 02:41:20 +0000
ROA not before:           Wed 29 Sep 2021 02:41:20 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9916
IP address blocks:        140.129.52.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2695 (0xa87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep 29 02:41:20 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=CF8562954D2BB5CE9A37F61368C1198A463D9CDD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5d:de:42:07:c1:75:94:24:4d:6c:70:52:75:
                    23:c1:41:8a:2e:2f:ed:fd:c6:62:f6:87:83:71:fa:
                    3b:af:60:9e:c8:ba:a2:a9:67:b0:fd:c2:4e:a2:ba:
                    32:95:ac:de:3a:de:95:32:2f:75:02:60:ca:d5:1f:
                    f2:5a:1b:b9:bd:5f:8f:d4:f6:ce:a2:17:9b:2f:f7:
                    f3:bd:5f:87:81:6f:69:ee:fa:db:14:8c:bb:4d:fe:
                    21:a3:98:d8:eb:2f:63:9e:66:3f:0f:cf:29:9b:32:
                    19:01:ab:5d:40:ab:e9:d8:b3:75:09:7c:c8:95:94:
                    4a:9b:f8:52:61:dc:0a:31:db:8c:ea:22:7f:0e:37:
                    a5:f6:64:0b:28:3f:f8:cf:c9:f7:53:cb:b1:67:a4:
                    b5:a4:d1:3e:c6:d3:5e:82:2d:04:bf:29:40:a5:b7:
                    f2:94:4c:6d:62:4c:f5:91:70:52:86:fc:fc:c5:20:
                    a1:77:56:43:a2:c4:c7:4a:58:78:cb:b7:17:f1:89:
                    9f:35:30:22:d4:dc:f6:98:1b:9d:92:02:b4:52:80:
                    a5:a0:29:51:df:e0:42:7a:25:e9:de:8d:e7:e2:64:
                    26:9d:f2:0b:33:d0:e4:88:01:02:21:b8:bd:88:85:
                    07:dc:ae:41:7b:95:1a:ba:04:7d:58:50:b5:a5:83:
                    e8:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:85:62:95:4D:2B:B5:CE:9A:37:F6:13:68:C1:19:8A:46:3D:9C:DD
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/z4VilU0rtc6aN_YTaMEZikY9nN0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.129.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:e6:14:9a:a9:e9:51:42:d0:a9:9a:31:36:08:e9:ee:70:8a:
         1f:88:34:d4:20:ea:17:09:e2:24:24:cc:03:48:73:94:93:99:
         1b:e1:65:d0:91:f5:ee:eb:74:0e:0c:04:f6:0f:eb:8c:c1:23:
         e1:ed:f0:d6:6b:e0:7c:54:d6:3a:98:6a:0c:9c:00:0d:7e:00:
         74:fc:ec:e8:33:03:a7:84:48:66:1c:95:b8:b7:50:6a:8f:aa:
         c8:0d:b5:20:f3:d0:8b:ba:b4:bc:3c:82:4e:e1:5a:6d:90:27:
         ef:fa:44:42:c1:25:36:0e:e1:e8:34:67:f6:06:08:5d:63:eb:
         03:7d:4d:f7:b1:d2:26:c7:1d:c2:68:d1:86:9a:d1:7e:fe:a5:
         84:4f:63:cb:2f:09:70:c5:93:d9:54:ee:0a:b1:19:e3:26:f7:
         f0:a5:28:c5:6d:80:f8:98:47:93:44:62:20:03:83:12:8f:8c:
         99:9f:8b:29:b4:cc:fa:22:1c:dc:2d:3b:9e:d1:9c:5c:47:a9:
         56:2d:f0:fa:b0:1d:f6:05:8b:75:ff:6f:d5:ae:e5:60:1d:0c:
         ea:d4:e0:39:c8:71:da:0b:1d:be:1a:01:8b:f7:c5:10:3d:d8:
         57:e1:ad:23:d7:88:b1:6c:d9:2c:47:f9:3c:28:32:7a:ed:0f:
         c7:c7:9d:a3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCocwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMTA5Mjkw
MjQxMjBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENGODU2Mjk1NEQyQkI1
Q0U5QTM3RjYxMzY4QzExOThBNDYzRDlDREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWXd5CB8F1lCRNbHBSdSPBQYouL+39xmL2h4Nx+juvYJ7IuqKp
Z7D9wk6iujKVrN463pUyL3UCYMrVH/JaG7m9X4/U9s6iF5sv9/O9X4eBb2nu+tsU
jLtN/iGjmNjrL2OeZj8PzymbMhkBq11Aq+nYs3UJfMiVlEqb+FJh3Aox24zqIn8O
N6X2ZAsoP/jPyfdTy7FnpLWk0T7G016CLQS/KUClt/KUTG1iTPWRcFKG/PzFIKF3
VkOixMdKWHjLtxfxiZ81MCLU3PaYG52SArRSgKWgKVHf4EJ6JenejefiZCad8gsz
0OSIAQIhuL2IhQfcrkF7lRq6BH1YULWlg+ivAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUz4VilU0rtc6aN/YTaMEZikY9nN0wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC96NFZpbFUwcnRjNmFOX1lUYU1F
WmlrWTluTjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjIE0
MA0GCSqGSIb3DQEBCwUAA4IBAQA55hSaqelRQtCpmjE2COnucIofiDTUIOoXCeIk
JMwDSHOUk5kb4WXQkfXu63QODAT2D+uMwSPh7fDWa+B8VNY6mGoMnAANfgB0/Ozo
MwOnhEhmHJW4t1Bqj6rIDbUg89CLurS8PIJO4VptkCfv+kRCwSU2DuHoNGf2Bghd
Y+sDfU33sdImxx3CaNGGmtF+/qWET2PLLwlwxZPZVO4KsRnjJvfwpSjFbYD4mEeT
RGIgA4MSj4yZn4sptMz6IhzcLTue0ZxcR6lWLfD6sB32BYt1/2/VruVgHQzq1OA5
yHHaCx2+GgGL98UQPdhX4a0j14ixbNksR/k8KDJ67Q/Hx52j
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org