Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/CE1blsxOdKI6OeK2WwKsrF2MpSA.roa
File:                     CE1blsxOdKI6OeK2WwKsrF2MpSA.roa (raw, json)
Hash identifier:          aMpclLVYIG4ThC0OtGg3E1nUDesQQjdXE61vS07Y5w8=
Subject key identifier:   08:4D:5B:96:CC:4E:74:A2:3A:39:E2:B6:5B:02:AC:AC:5D:8C:A5:20
Certificate issuer:       /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Certificate serial:       0782
Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/CE1blsxOdKI6OeK2WwKsrF2MpSA.roa
Signing time:             Tue 29 Sep 2020 09:59:58 +0000
ROA not before:           Tue 29 Sep 2020 09:59:58 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131596
IP address blocks:        210.202.56.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1922 (0x782)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
        Validity
            Not Before: Sep 29 09:59:58 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=084D5B96CC4E74A23A39E2B65B02ACAC5D8CA520
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:6a:b9:38:85:85:b8:b7:fe:eb:68:d7:14:10:
                    59:90:0c:aa:f2:fa:6b:09:64:01:9a:26:a2:2f:db:
                    1d:c8:2a:4b:d3:e6:9b:a7:9b:f4:7b:a1:33:d7:75:
                    81:f2:c4:3a:7c:bc:01:df:ed:0e:67:0c:c3:8f:1d:
                    21:0d:74:32:ad:ff:69:c6:ed:34:e2:aa:db:b3:24:
                    3c:e1:a3:2b:73:8f:06:88:b5:02:8b:89:63:20:e9:
                    53:41:24:8e:bb:d0:e8:f1:fa:ff:20:6e:a1:86:e5:
                    55:1a:1a:41:6e:f9:9d:ba:dc:fb:9e:68:a4:5b:c4:
                    92:75:32:74:26:79:ba:8a:6f:0b:d9:4e:dc:80:18:
                    11:8c:93:d3:96:32:bd:ef:45:6a:d8:28:7d:be:e3:
                    58:17:e5:69:9f:ac:b2:8e:c2:ed:40:97:b6:f8:13:
                    04:4a:94:fc:13:54:8f:1f:73:8a:3a:d4:6a:b2:d1:
                    56:fd:a1:6b:92:b7:7d:71:46:5e:49:19:ff:c7:a6:
                    e3:05:a1:2c:1f:d4:05:d8:29:fd:20:41:f6:d9:53:
                    4b:0b:af:3f:2b:36:53:72:e9:75:6d:74:b6:23:ab:
                    0f:11:55:47:ee:f5:1e:c3:d0:9e:2c:93:aa:e3:1c:
                    c2:4e:8e:95:0a:fb:4b:ff:b4:ab:22:e9:0f:35:ae:
                    71:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:4D:5B:96:CC:4E:74:A2:3A:39:E2:B6:5B:02:AC:AC:5D:8C:A5:20
            X509v3 Authority Key Identifier:
                keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/CE1blsxOdKI6OeK2WwKsrF2MpSA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.202.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6e:69:d2:03:2c:f2:48:9e:00:62:5a:a7:d0:23:dd:ed:39:c6:
         e1:27:e3:dd:5e:ce:db:0d:4a:c0:54:9a:11:d3:f5:e5:9b:35:
         6e:33:33:37:26:c3:0b:71:de:0b:30:20:3f:2a:12:1f:35:47:
         b8:cb:ee:17:24:03:ec:5f:49:26:a5:cc:56:99:1a:23:b6:df:
         e8:ef:a4:a2:0f:9b:81:24:ef:3d:a6:ad:4a:09:a4:31:97:12:
         b1:f1:3e:23:03:cf:c3:c1:9d:a5:7f:b5:83:22:26:71:90:1e:
         ba:2e:e7:f3:ee:ae:76:3d:83:3c:f9:d3:d4:16:1c:73:b4:79:
         b9:c5:89:aa:9e:b1:48:5f:eb:cd:43:70:d6:50:87:97:23:bb:
         7b:d7:e7:0b:96:09:ba:80:59:28:0a:9b:38:eb:9b:31:b5:91:
         82:3c:25:10:36:c3:b8:3d:fa:c6:ca:36:0c:8c:50:06:37:28:
         2c:53:7d:30:77:ca:ba:ca:c5:8b:d5:f1:b1:c3:d8:b0:c4:9d:
         f1:ce:e1:7d:80:28:4d:c6:db:3b:ab:7f:76:9b:51:e1:91:ea:
         dc:56:a0:69:0e:a4:34:d1:33:e2:d9:2b:4c:18:b7:c7:ce:71:
         4b:18:fc:41:3d:27:ac:19:8e:7b:5b:c0:9d:da:00:99:29:f5:
         4c:9e:93:2e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICB4IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy
NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yMDA5Mjkw
OTU5NThaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA4NEQ1Qjk2Q0M0RTc0
QTIzQTM5RTJCNjVCMDJBQ0FDNUQ4Q0E1MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2ark4hYW4t/7raNcUEFmQDKry+msJZAGaJqIv2x3IKkvT5pun
m/R7oTPXdYHyxDp8vAHf7Q5nDMOPHSENdDKt/2nG7TTiqtuzJDzhoytzjwaItQKL
iWMg6VNBJI670Ojx+v8gbqGG5VUaGkFu+Z263PueaKRbxJJ1MnQmebqKbwvZTtyA
GBGMk9OWMr3vRWrYKH2+41gX5WmfrLKOwu1Al7b4EwRKlPwTVI8fc4o61Gqy0Vb9
oWuSt31xRl5JGf/HpuMFoSwf1AXYKf0gQfbZU0sLrz8rNlNy6XVtdLYjqw8RVUfu
9R7D0J4sk6rjHMJOjpUK+0v/tKsi6Q81rnH/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUCE1blsxOdKI6OeK2WwKsrF2MpSAwHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO
McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v
Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9DRTFibHN4T2RLSTZPZUsyV3dL
c3JGMk1wU0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD0so4
MA0GCSqGSIb3DQEBCwUAA4IBAQBuadIDLPJIngBiWqfQI93tOcbhJ+PdXs7bDUrA
VJoR0/XlmzVuMzM3JsMLcd4LMCA/KhIfNUe4y+4XJAPsX0kmpcxWmRojtt/o76Si
D5uBJO89pq1KCaQxlxKx8T4jA8/DwZ2lf7WDIiZxkB66Lufz7q52PYM8+dPUFhxz
tHm5xYmqnrFIX+vNQ3DWUIeXI7t71+cLlgm6gFkoCps465sxtZGCPCUQNsO4PfrG
yjYMjFAGNygsU30wd8q6ysWL1fGxw9iwxJ3xzuF9gChNxts7q392m1HhkercVqBp
DqQ00TPi2StMGLfHznFLGPxBPSesGY57W8Cd2gCZKfVMnpMu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org