Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TSMC/hLkbefs73vdj-qKfnVSWz9qtCfQ.roa
File:                     hLkbefs73vdj-qKfnVSWz9qtCfQ.roa (raw, json)
Hash identifier:          Y1dq3SeJdknSSTyWH48r+JKvyHZ8uX4hZDXyZ/GslrU=
Subject key identifier:   84:B9:1B:79:FB:3B:DE:F7:63:FA:A2:9F:9D:54:96:CF:DA:AD:09:F4
Certificate issuer:       /CN=3A6BE8FAD78E95C4690ED99991FA79DF75F3D337
Certificate serial:       10FD
Authority key identifier: 3A:6B:E8:FA:D7:8E:95:C4:69:0E:D9:99:91:FA:79:DF:75:F3:D3:37
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Omvo-teOlcRpDtmZkfp533Xz0zc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TSMC/hLkbefs73vdj-qKfnVSWz9qtCfQ.roa
Signing time:             Wed 01 Feb 2023 05:30:14 +0000
ROA not before:           Wed 01 Feb 2023 05:30:14 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     23675
IP address blocks:        202.126.64.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4349 (0x10fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3A6BE8FAD78E95C4690ED99991FA79DF75F3D337
        Validity
            Not Before: Feb  1 05:30:14 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=84B91B79FB3BDEF763FAA29F9D5496CFDAAD09F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b1:93:79:02:14:94:f7:16:7f:77:ce:8a:a3:
                    6b:59:46:c8:aa:ad:88:55:f6:cb:2d:a7:4d:75:7f:
                    bf:59:d6:d5:66:a4:9f:cd:70:03:4f:3b:61:09:dc:
                    ad:6a:18:8c:54:40:d2:b1:ab:20:cd:ed:0f:81:cb:
                    d1:96:65:8c:ca:32:72:9b:7d:7e:ab:79:bb:6b:0a:
                    57:f8:19:83:61:96:60:c5:76:3f:b4:c6:36:d5:40:
                    73:7c:94:4e:28:7b:65:83:0b:23:d0:77:ac:df:e1:
                    f1:f9:e3:a5:02:4e:7b:6a:31:de:05:3a:29:2c:a1:
                    85:66:e4:c1:a3:13:15:24:1f:83:9c:ce:c2:04:04:
                    a3:bd:a9:b3:a4:95:2b:97:c3:4b:9c:a9:f2:d0:2a:
                    22:23:c5:57:6f:f0:a0:14:45:ff:7b:fe:52:f1:94:
                    75:c5:7e:74:38:a2:f3:cf:7e:5c:63:ca:1f:77:51:
                    f3:1f:20:8d:e2:eb:5e:d6:a7:93:58:f3:85:c8:7c:
                    f5:14:1d:ea:56:bf:e8:8d:d7:02:57:95:5f:8c:78:
                    f0:6c:be:49:36:16:25:b1:11:a0:83:16:da:9f:28:
                    60:db:ea:36:8f:d0:1d:22:ec:73:62:71:2d:ff:48:
                    6a:fa:5f:bf:51:c0:5e:90:87:f5:44:0c:a1:b4:86:
                    d7:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B9:1B:79:FB:3B:DE:F7:63:FA:A2:9F:9D:54:96:CF:DA:AD:09:F4
            X509v3 Authority Key Identifier:
                keyid:3A:6B:E8:FA:D7:8E:95:C4:69:0E:D9:99:91:FA:79:DF:75:F3:D3:37

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TSMC/Omvo-teOlcRpDtmZkfp533Xz0zc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Omvo-teOlcRpDtmZkfp533Xz0zc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TSMC/hLkbefs73vdj-qKfnVSWz9qtCfQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.126.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a8:c3:56:1b:52:a0:d2:06:e1:ff:35:68:62:74:b7:1c:6c:35:
         d2:e9:10:c1:a8:5a:b4:a7:de:bf:85:5c:32:d2:e2:5c:85:78:
         a7:d1:43:b4:52:8b:74:9b:29:06:34:41:22:03:69:b8:97:74:
         51:1f:63:2a:1e:e6:42:d9:12:c2:01:8d:0e:48:f3:8e:61:4b:
         7a:53:3f:7f:f0:61:ad:05:50:3b:a8:fc:ec:6f:66:30:07:34:
         99:7f:a1:fb:2f:5d:ae:12:32:51:41:5a:3d:00:7c:c6:45:fa:
         75:e3:a1:10:08:a4:95:78:77:35:43:79:8d:40:49:86:60:89:
         e9:7a:73:4f:66:50:29:ab:59:2f:0e:29:a6:c0:eb:08:5e:eb:
         d3:62:06:96:93:e5:43:33:35:d7:68:57:87:24:5d:46:54:60:
         bd:8c:67:a0:ed:ff:77:ff:5a:ab:b0:d6:b0:fc:87:f4:4a:b6:
         5e:24:99:81:aa:d6:52:d0:ec:af:ca:d8:71:30:f7:79:02:44:
         e0:09:b6:f1:20:46:42:f1:7a:f7:a2:e0:ab:21:43:f1:d0:c4:
         be:6e:d4:af:98:e5:a9:76:34:a2:72:a6:66:71:7d:da:7b:72:
         84:f7:73:66:36:77:4c:28:e2:fb:bf:b3:2a:73:fc:d4:4d:14:
         71:9b:da:24
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0E2
QkU4RkFENzhFOTVDNDY5MEVEOTk5OTFGQTc5REY3NUYzRDMzNzAeFw0yMzAyMDEw
NTMwMTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg0QjkxQjc5RkIzQkRF
Rjc2M0ZBQTI5RjlENTQ5NkNGREFBRDA5RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4sZN5AhSU9xZ/d86Ko2tZRsiqrYhV9sstp011f79Z1tVmpJ/N
cANPO2EJ3K1qGIxUQNKxqyDN7Q+By9GWZYzKMnKbfX6rebtrClf4GYNhlmDFdj+0
xjbVQHN8lE4oe2WDCyPQd6zf4fH546UCTntqMd4FOiksoYVm5MGjExUkH4OczsIE
BKO9qbOklSuXw0ucqfLQKiIjxVdv8KAURf97/lLxlHXFfnQ4ovPPflxjyh93UfMf
II3i617Wp5NY84XIfPUUHepWv+iN1wJXlV+MePBsvkk2FiWxEaCDFtqfKGDb6jaP
0B0i7HNicS3/SGr6X79RwF6Qh/VEDKG0htdBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhLkbefs73vdj+qKfnVSWz9qtCfQwHwYDVR0jBBgwFoAUOmvo+teOlcRpDtmZ
kfp533Xz0zcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFNNQy9P
bXZvLXRlT2xjUnBEdG1aa2ZwNTMzWHowemMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L09tdm8tdGVPbGNScER0bVprZnA1MzNYejB6Yy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RTTUMvaExrYmVmczczdmRqLXFLZm5WU1d6
OXF0Q2ZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMp+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAqMNWG1Kg0gbh/zVoYnS3HGw10ukQwahatKfev4Vc
MtLiXIV4p9FDtFKLdJspBjRBIgNpuJd0UR9jKh7mQtkSwgGNDkjzjmFLelM/f/Bh
rQVQO6j87G9mMAc0mX+h+y9drhIyUUFaPQB8xkX6deOhEAiklXh3NUN5jUBJhmCJ
6XpzT2ZQKatZLw4ppsDrCF7r02IGlpPlQzM112hXhyRdRlRgvYxnoO3/d/9aq7DW
sPyH9Eq2XiSZgarWUtDsr8rYcTD3eQJE4Am28SBGQvF696LgqyFD8dDEvm7Ur5jl
qXY0onKmZnF92ntyhPdzZjZ3TCji+7+zKnP81E0UcZvaJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-fra.rpki-client.org