Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3T4ARL1Tru-R9kf4a6oOjUq4qaM.roa
File:                     3T4ARL1Tru-R9kf4a6oOjUq4qaM.roa (raw, json)
Hash identifier:          tEi9vrhZJJdJ9IF+ARgaXgE/VQ8xivJZztLiumC0HGQ=
Subject key identifier:   DD:3E:00:44:BD:53:AE:EF:91:F6:47:F8:6B:AA:0E:8D:4A:B8:A9:A3
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1C7A
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3T4ARL1Tru-R9kf4a6oOjUq4qaM.roa
Signing time:             Wed 29 Sep 2021 02:47:49 +0000
ROA not before:           Wed 29 Sep 2021 02:47:49 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        118.232.104.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7290 (0x1c7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:47:49 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=DD3E0044BD53AEEF91F647F86BAA0E8D4AB8A9A3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f7:a0:02:02:79:e4:50:06:b6:e2:bb:6e:49:
                    76:52:81:9d:e6:49:c8:9e:ef:75:fa:2b:45:67:09:
                    f8:1a:c1:c8:fc:71:1a:6c:47:e7:a7:2e:5e:48:b4:
                    d3:de:cf:a5:19:cb:48:53:f8:50:ba:8b:e3:c5:47:
                    70:7f:1a:dd:91:f5:4e:7a:2b:5c:69:3c:73:06:29:
                    ae:eb:18:76:e2:cf:6f:ba:b8:46:6d:27:a0:fb:e3:
                    5f:d7:c1:4c:e4:62:e7:80:b3:65:37:93:1a:e4:f4:
                    82:0d:56:6f:37:30:b7:ec:2c:ee:ca:ef:e8:f5:d0:
                    69:25:84:0e:f9:18:e0:e1:95:6d:59:f5:f5:fa:8a:
                    eb:ef:7a:84:c2:01:e7:ce:31:a4:81:b3:1b:77:e5:
                    a8:10:15:56:ec:37:17:db:8c:d4:c0:ce:61:e5:05:
                    a3:15:f6:33:55:e6:e6:c7:88:18:88:e3:e2:9a:bd:
                    dd:b4:8b:ff:0a:36:fb:14:b0:6a:e2:f0:ec:23:1f:
                    a1:d7:ff:60:4b:ae:21:2f:9a:4c:44:6c:29:ea:4e:
                    7b:32:c9:bb:9f:fe:66:f0:6d:75:2a:43:84:b0:74:
                    e9:ac:21:e7:a1:7f:ca:09:9c:86:74:6e:e4:ce:78:
                    78:02:ef:3b:c7:02:cf:56:37:36:55:d4:1c:3a:09:
                    e5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:3E:00:44:BD:53:AE:EF:91:F6:47:F8:6B:AA:0E:8D:4A:B8:A9:A3
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3T4ARL1Tru-R9kf4a6oOjUq4qaM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.232.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         62:5e:ea:92:7a:82:3f:e4:eb:89:08:6b:40:74:17:95:f6:e0:
         ea:83:e5:e2:58:b5:42:98:60:e1:b1:52:f5:f0:30:f4:63:e4:
         0f:19:8d:91:9e:43:f9:66:fe:81:72:cd:52:ce:c5:76:d0:cc:
         13:bc:78:12:4f:1e:d5:03:4d:7e:77:20:8d:fb:02:30:d9:0b:
         c0:f3:85:ed:ae:5f:e7:0a:85:0e:4a:7b:00:44:02:48:06:64:
         27:38:70:7d:c4:2c:4d:76:d5:5a:a5:50:c1:f6:d2:38:d8:12:
         25:8d:d7:d3:1f:ef:5b:e1:18:6e:c9:d4:5a:56:4e:10:2a:49:
         e5:96:17:e3:85:b5:d4:b2:87:cc:55:04:4d:7a:0a:24:58:c7:
         d5:45:5e:27:bb:75:12:a2:6d:38:80:71:e4:1d:8c:d8:73:85:
         40:d0:ec:ba:dc:d3:30:7e:85:13:ee:5c:13:d2:5e:ea:5b:7a:
         58:82:c3:db:f8:3d:78:23:b8:31:fc:69:eb:af:1f:e2:bc:a5:
         fe:e4:13:30:9b:d1:22:91:cd:7b:ba:20:54:32:22:d7:70:24:
         32:a4:df:31:76:5f:82:49:e2:e1:fd:51:f2:1e:ab:f9:da:8d:
         ef:01:f1:e7:15:23:cd:f4:d5:45:6f:84:84:e3:54:2e:b7:99:
         de:38:74:f3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHHowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ3NDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEREM0UwMDQ0QkQ1M0FF
RUY5MUY2NDdGODZCQUEwRThENEFCOEE5QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC996ACAnnkUAa24rtuSXZSgZ3mScie73X6K0VnCfgawcj8cRps
R+enLl5ItNPez6UZy0hT+FC6i+PFR3B/Gt2R9U56K1xpPHMGKa7rGHbiz2+6uEZt
J6D741/XwUzkYueAs2U3kxrk9IINVm83MLfsLO7K7+j10GklhA75GODhlW1Z9fX6
iuvveoTCAefOMaSBsxt35agQFVbsNxfbjNTAzmHlBaMV9jNV5ubHiBiI4+Kavd20
i/8KNvsUsGri8OwjH6HX/2BLriEvmkxEbCnqTnsyybuf/mbwbXUqQ4SwdOmsIeeh
f8oJnIZ0buTOeHgC7zvHAs9WNzZV1Bw6CeXPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3T4ARL1Tru+R9kf4a6oOjUq4qaMwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzNUNEFSTDFUcnUtUjlrZjRh
Nm9PalVxNHFhTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6GgwDQYJKoZIhvcNAQELBQADggEBAGJe6pJ6gj/k64kIa0B0F5X24OqD5eJYtUKY
YOGxUvXwMPRj5A8ZjZGeQ/lm/oFyzVLOxXbQzBO8eBJPHtUDTX53II37AjDZC8Dz
he2uX+cKhQ5KewBEAkgGZCc4cH3ELE121VqlUMH20jjYEiWN19Mf71vhGG7J1FpW
ThAqSeWWF+OFtdSyh8xVBE16CiRYx9VFXie7dRKibTiAceQdjNhzhUDQ7Lrc0zB+
hRPuXBPSXupbeliCw9v4PXgjuDH8aeuvH+K8pf7kEzCb0SKRzXu6IFQyItdwJDKk
3zF2X4JJ4uH9UfIeq/naje8B8ecVI8301UVvhITjVC63md44dPM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-fra.rpki-client.org