Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TINP/RC6lpCf_oR1kmC1qazILxKFdsIs.roa
File:                     RC6lpCf_oR1kmC1qazILxKFdsIs.roa (raw, json)
Hash identifier:          g3jGrzgsvcQ7shXEO/3W8DdY9TqC94SJRtvSMka3mGM=
Subject key identifier:   44:2E:A5:A4:27:FF:A1:1D:64:98:2D:6A:6B:32:0B:C4:A1:5D:B0:8B
Certificate issuer:       /CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
Certificate serial:       08CF
Authority key identifier: E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/RC6lpCf_oR1kmC1qazILxKFdsIs.roa
Signing time:             Sun 07 Feb 2021 05:45:18 +0000
ROA not before:           Sun 07 Feb 2021 05:45:18 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18049
IP address blocks:        116.118.128.0/18 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2255 (0x8cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
        Validity
            Not Before: Feb  7 05:45:18 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=442EA5A427FFA11D64982D6A6B320BC4A15DB08B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4f:68:9e:2d:20:c2:f0:08:c7:07:e1:2c:ad:
                    1d:6b:96:ea:5c:eb:85:89:b0:72:ef:30:e5:10:6e:
                    5e:1f:09:3f:e9:c4:b0:4b:d6:cb:ad:62:10:74:62:
                    6e:11:36:59:b6:81:3c:89:b6:38:59:b2:da:a2:a5:
                    b5:d8:83:e4:ef:e3:b7:e4:1b:52:08:cc:3b:25:bf:
                    48:8d:37:33:63:52:97:9d:e6:97:17:e5:56:ad:ea:
                    df:18:8e:6c:a0:65:af:b4:08:65:de:95:f5:c3:41:
                    44:41:e9:f7:01:84:1a:a5:68:54:ed:15:59:12:00:
                    7e:7c:cc:73:e4:f8:8b:10:dd:ee:17:29:6c:4f:2b:
                    9b:89:54:da:7a:3b:79:af:e0:ba:74:e5:28:73:6f:
                    54:a5:0a:b2:86:19:eb:7c:31:55:5a:da:7a:12:94:
                    86:51:48:5f:fa:89:ca:dd:a6:c1:9b:8a:50:99:05:
                    cb:7a:3c:24:f3:1d:45:41:0a:fc:de:07:95:a8:cd:
                    a4:ae:75:1c:66:97:93:5d:ed:2d:45:ec:6b:1c:5f:
                    e5:4f:2a:44:ff:63:9e:4b:76:09:db:13:e4:d1:3e:
                    1f:7f:14:d5:0d:8e:96:63:fb:af:b6:1c:0e:5f:6e:
                    84:b9:5f:28:c8:be:4b:ac:f4:6c:21:74:cf:8e:68:
                    c9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:2E:A5:A4:27:FF:A1:1D:64:98:2D:6A:6B:32:0B:C4:A1:5D:B0:8B
            X509v3 Authority Key Identifier:
                keyid:E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/4CWCsCflcDjqAKPoSE1V3uouGio.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/RC6lpCf_oR1kmC1qazILxKFdsIs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.118.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a4:1c:d9:af:2f:22:a4:f0:84:20:66:75:5a:4e:8c:43:fb:ae:
         00:31:bd:e4:cb:12:3e:ec:aa:b4:2b:37:48:0b:b6:d0:22:07:
         3b:6e:60:f3:61:a9:90:5c:65:32:3b:04:0b:d4:58:d6:42:81:
         d4:0f:82:a0:a3:d6:1f:3a:2a:ae:c8:4b:ad:ff:bf:9f:fd:b5:
         27:22:54:9b:c6:0f:57:90:b4:d4:5e:ab:f1:55:95:ef:db:db:
         a3:33:dd:8c:44:92:34:c5:c5:2d:27:a6:b3:f5:56:5a:25:5a:
         a4:45:a5:a4:b8:0a:81:84:0c:dc:1c:f6:26:32:af:05:11:ed:
         81:d2:85:5a:05:93:b3:7d:6f:18:29:3f:67:02:a7:5b:15:df:
         2e:e0:0d:e4:af:c2:77:f3:8b:a9:4d:39:ca:75:f5:85:b5:9d:
         5b:d8:c8:82:8b:5d:8b:4c:7a:33:c2:ff:9c:61:61:49:93:2a:
         ab:5a:de:13:48:7d:74:5f:41:ac:22:c6:c9:2a:b7:c5:20:77:
         08:e7:96:3f:dc:0f:6a:d5:78:31:7a:3e:03:65:02:8a:c3:c3:
         7d:aa:bc:9e:31:b1:81:0e:69:14:ce:ac:7b:a4:91:25:04:30:
         47:a0:62:6b:d0:6a:0d:6b:f7:4f:14:1d:5a:7a:8b:d6:96:51:
         e5:6b:4f:dd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTAy
NTgyQjAyN0U1NzAzOEVBMDBBM0U4NDg0RDU1REVFQTJFMUEyQTAeFw0yMTAyMDcw
NTQ1MThaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQ0MkVBNUE0MjdGRkEx
MUQ2NDk4MkQ2QTZCMzIwQkM0QTE1REIwOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClT2ieLSDC8AjHB+EsrR1rlupc64WJsHLvMOUQbl4fCT/pxLBL
1sutYhB0Ym4RNlm2gTyJtjhZstqipbXYg+Tv47fkG1IIzDslv0iNNzNjUped5pcX
5Vat6t8YjmygZa+0CGXelfXDQURB6fcBhBqlaFTtFVkSAH58zHPk+IsQ3e4XKWxP
K5uJVNp6O3mv4Lp05Shzb1SlCrKGGet8MVVa2noSlIZRSF/6icrdpsGbilCZBct6
PCTzHUVBCvzeB5WozaSudRxml5Nd7S1F7GscX+VPKkT/Y55LdgnbE+TRPh9/FNUN
jpZj+6+2HA5fboS5XyjIvkus9GwhdM+OaMkNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQURC6lpCf/oR1kmC1qazILxKFdsIswHwYDVR0jBBgwFoAU4CWCsCflcDjqAKPo
SE1V3uouGiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElOUC80
Q1dDc0NmbGNEanFBS1BvU0UxVjN1b3VHaW8uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzRDV0NzQ2ZsY0RqcUFLUG9TRTFWM3VvdUdpby5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJTlAvUkM2bHBDZl9vUjFrbUMxcWF6SUx4
S0Zkc0lzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnR2gDAN
BgkqhkiG9w0BAQsFAAOCAQEApBzZry8ipPCEIGZ1Wk6MQ/uuADG95MsSPuyqtCs3
SAu20CIHO25g82GpkFxlMjsEC9RY1kKB1A+CoKPWHzoqrshLrf+/n/21JyJUm8YP
V5C01F6r8VWV79vbozPdjESSNMXFLSems/VWWiVapEWlpLgKgYQM3Bz2JjKvBRHt
gdKFWgWTs31vGCk/ZwKnWxXfLuAN5K/Cd/OLqU05ynX1hbWdW9jIgotdi0x6M8L/
nGFhSZMqq1reE0h9dF9BrCLGySq3xSB3COeWP9wPatV4MXo+A2UCisPDfaq8njGx
gQ5pFM6se6SRJQQwR6Bia9BqDWv3TxQdWnqL1pZR5WtP3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:22 2024 by rpki-client on console-ams.rpki-client.org