Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3LhePZZAsffMJQOaRwXbc1uUA74.roa
File:                     3LhePZZAsffMJQOaRwXbc1uUA74.roa (raw, json)
Hash identifier:          4shjgMZ+IsNm0yaKs/hhMTFS9V202seWOgi0jx1LmK8=
Subject key identifier:   DC:B8:5E:3D:96:40:B1:F7:CC:25:03:9A:47:05:DB:73:5B:94:03:BE
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA2
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3LhePZZAsffMJQOaRwXbc1uUA74.roa
Signing time:             Thu 15 Sep 2022 02:53:36 +0000
ROA not before:           Thu 15 Sep 2022 02:53:36 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        106.1.215.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8098 (0x1fa2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:53:36 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=DCB85E3D9640B1F7CC25039A4705DB735B9403BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:fc:80:0d:95:3d:1c:8b:d0:ca:cc:24:8d:a4:
                    d1:02:5a:a3:0e:e7:60:e2:7b:62:b3:8c:2b:77:92:
                    3f:e1:cb:b8:21:c4:69:96:f0:62:a2:46:4f:8a:d2:
                    95:00:27:4c:7e:ab:94:f4:a2:43:16:80:08:5a:55:
                    a0:d4:74:57:0a:3a:18:6b:ec:54:41:2e:09:ed:ba:
                    2c:aa:5d:7b:8b:4d:63:ed:d1:c9:3c:5b:7a:1e:8c:
                    6d:10:df:cb:3d:a3:4e:7d:af:fb:f3:aa:fb:ea:e0:
                    67:cd:f4:f8:21:db:d7:93:26:cd:df:5a:24:60:83:
                    3c:49:79:6a:4d:93:04:89:90:49:63:f2:0c:d8:55:
                    f5:7c:2d:4d:19:1a:f2:88:ec:d3:6b:3d:7c:e5:0e:
                    8b:ed:92:75:06:08:e6:08:bb:ab:4b:47:9a:81:5b:
                    f4:cf:c7:e4:f5:cd:3a:71:36:b1:bb:0d:c6:89:b1:
                    04:a2:10:ed:68:2d:df:6a:ca:0a:5f:af:0d:53:61:
                    a9:47:f3:98:7e:d7:ab:ba:1f:f6:39:f2:90:27:ad:
                    bb:9c:bc:03:2f:6c:05:01:30:fd:f9:05:8d:f2:9c:
                    0a:c2:4b:92:e2:07:5a:35:6b:ae:a0:33:ac:32:af:
                    64:c8:53:33:fb:dd:83:26:d4:3e:e7:f9:04:bc:6f:
                    d0:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:B8:5E:3D:96:40:B1:F7:CC:25:03:9A:47:05:DB:73:5B:94:03:BE
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3LhePZZAsffMJQOaRwXbc1uUA74.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.1.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:90:db:c9:a2:86:40:98:b6:10:9a:24:dd:3f:1d:a7:ee:3c:
         f0:fb:65:6b:e6:22:7b:e0:c8:13:ff:49:19:f9:4c:61:2b:19:
         59:4a:b6:fe:ca:aa:08:11:65:fa:70:e8:6b:55:dc:8d:ce:c5:
         79:0a:8f:79:df:21:8e:02:f6:24:f0:81:8c:3f:2b:ce:30:e8:
         67:57:bc:08:da:cf:7f:c4:66:43:98:1d:03:0c:0d:08:69:a3:
         a0:25:eb:08:a8:d1:2c:54:d1:d2:b5:d2:63:d7:85:6d:a8:f2:
         9e:27:19:1b:d0:9f:8d:18:dd:b7:3e:0a:f7:7c:43:97:c9:0d:
         f9:b5:92:8c:7d:96:ef:a8:3e:21:41:24:79:eb:9d:57:1d:b9:
         36:7a:ab:d3:25:ed:cc:29:1e:c3:37:e7:4e:25:20:64:7a:e2:
         7f:7a:1b:0b:38:4a:dd:21:55:48:47:9a:23:76:83:51:8a:38:
         01:d0:23:3f:de:6e:0f:01:c5:ad:64:f7:59:ab:3f:55:0b:18:
         0b:ff:0a:50:92:8a:f4:4f:0d:f8:fc:ab:d2:d8:db:85:0c:e6:
         91:a6:6f:a1:0a:e3:f2:4f:a6:0c:0e:f2:18:b1:81:a7:d5:3e:
         10:e6:03:9b:a9:ed:54:48:03:0d:7f:9f:5f:46:d3:03:45:27:
         80:67:fb:3d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjUzMzZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERDQjg1RTNEOTY0MEIx
RjdDQzI1MDM5QTQ3MDVEQjczNUI5NDAzQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ/IANlT0ci9DKzCSNpNECWqMO52Die2KzjCt3kj/hy7ghxGmW
8GKiRk+K0pUAJ0x+q5T0okMWgAhaVaDUdFcKOhhr7FRBLgntuiyqXXuLTWPt0ck8
W3oejG0Q38s9o059r/vzqvvq4GfN9Pgh29eTJs3fWiRggzxJeWpNkwSJkElj8gzY
VfV8LU0ZGvKI7NNrPXzlDovtknUGCOYIu6tLR5qBW/TPx+T1zTpxNrG7DcaJsQSi
EO1oLd9qygpfrw1TYalH85h+16u6H/Y58pAnrbucvAMvbAUBMP35BY3ynArCS5Li
B1o1a66gM6wyr2TIUzP73YMm1D7n+QS8b9BtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3LhePZZAsffMJQOaRwXbc1uUA74wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzNMaGVQWlpBc2ZmTUpRT2FS
d1hiYzF1VUE3NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABq
AdcwDQYJKoZIhvcNAQELBQADggEBAHiQ28mihkCYthCaJN0/HafuPPD7ZWvmInvg
yBP/SRn5TGErGVlKtv7KqggRZfpw6GtV3I3OxXkKj3nfIY4C9iTwgYw/K84w6GdX
vAjaz3/EZkOYHQMMDQhpo6Al6wio0SxU0dK10mPXhW2o8p4nGRvQn40Y3bc+Cvd8
Q5fJDfm1kox9lu+oPiFBJHnrnVcduTZ6q9Ml7cwpHsM3504lIGR64n96Gws4St0h
VUhHmiN2g1GKOAHQIz/ebg8Bxa1k91mrP1ULGAv/ClCSivRPDfj8q9LY24UM5pGm
b6EK4/JPpgwO8hixgafVPhDmA5up7VRIAw1/n19G0wNFJ4Bn+z0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-fra.rpki-client.org