Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/4Yo13I1b5rJfIaY7-DPyQJ_W0H0.roa
File:                     4Yo13I1b5rJfIaY7-DPyQJ_W0H0.roa (raw, json)
Hash identifier:          eg+4bIhn65Deh/5oGS0nmJskCzFgnhn/rfm7ilMntV8=
Subject key identifier:   E1:8A:35:DC:8D:5B:E6:B2:5F:21:A6:3B:F8:33:F2:40:9F:D6:D0:7D
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       20E4
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/4Yo13I1b5rJfIaY7-DPyQJ_W0H0.roa
Signing time:             Fri 25 Nov 2022 04:39:14 +0000
ROA not before:           Fri 25 Nov 2022 04:39:14 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        118.233.248.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8420 (0x20e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Nov 25 04:39:14 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=E18A35DC8D5BE6B25F21A63BF833F2409FD6D07D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:cb:29:e2:48:04:1f:64:b4:27:4f:f0:73:56:
                    f8:88:ea:4a:70:0d:77:60:d2:a6:01:7e:ea:e1:0f:
                    d7:b2:ef:e5:16:aa:ab:9b:86:e6:11:cc:38:f6:b1:
                    94:9d:24:a8:58:ba:c2:de:f0:17:8f:10:ce:6a:3e:
                    99:66:19:6a:52:5e:d4:71:46:85:dc:7e:fe:7e:b6:
                    ff:88:c3:57:b1:16:15:30:9b:3e:c2:52:79:42:81:
                    60:04:fb:f3:bb:09:56:4b:d9:a2:0d:b3:0f:52:e3:
                    a3:5e:f4:cd:b7:f5:21:c9:58:bd:e5:57:cb:16:1f:
                    7f:2a:20:95:3d:89:32:0b:24:eb:50:fc:67:61:56:
                    13:95:2f:0e:c4:9c:85:bc:28:cf:f6:b4:a3:07:8d:
                    81:88:05:98:d7:b4:e5:65:6a:88:7f:e4:48:0f:1d:
                    59:64:c9:4b:99:59:a0:34:01:b9:2f:1d:01:46:12:
                    9f:52:ce:1f:36:4d:13:c0:57:5d:73:d6:ab:48:c0:
                    b4:ba:c1:e7:d9:27:9a:b5:9e:c7:f8:d4:91:1e:94:
                    da:0f:63:18:e1:dd:8e:f2:1a:ed:9d:6d:b7:dc:77:
                    4a:97:53:76:c1:b7:21:ee:7b:d5:96:4c:fc:79:7b:
                    3a:a2:3e:f4:e0:e9:70:81:ac:91:13:29:75:62:a2:
                    6b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:8A:35:DC:8D:5B:E6:B2:5F:21:A6:3B:F8:33:F2:40:9F:D6:D0:7D
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/4Yo13I1b5rJfIaY7-DPyQJ_W0H0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.233.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:04:9b:61:ca:b9:c6:17:14:28:4a:83:b2:54:0d:91:e9:40:
         86:88:2d:c6:33:a9:09:53:d0:0d:c0:bb:4b:5a:fb:d6:a9:f4:
         1d:22:0f:84:bd:8a:c8:d2:01:85:43:f1:4b:dc:88:e0:82:ad:
         04:0c:79:b8:1f:ff:cb:4b:8e:01:ab:f1:6c:b6:25:44:39:13:
         80:82:db:5b:de:9d:e9:ff:03:88:b1:cb:c4:94:4f:6a:a8:d0:
         2c:f3:c2:a5:4d:1d:25:7f:b7:26:68:cc:b3:17:66:63:db:d9:
         55:ea:89:85:2f:8b:49:84:cd:80:3c:18:36:0f:c8:5e:9f:b3:
         b3:95:ff:bf:38:ec:79:14:42:cc:30:d3:c0:74:e5:b1:5b:01:
         17:91:4e:45:5c:d0:14:05:86:d4:7b:a2:fc:76:9f:da:13:79:
         3f:a4:8e:77:bd:8b:13:54:8a:c0:e0:3f:07:b4:0b:7a:20:98:
         87:f7:73:36:cb:ad:c7:73:7c:b1:d8:6b:b4:26:71:4d:eb:c4:
         a0:a2:c4:bc:e0:61:6c:44:87:76:89:71:4d:4e:a2:0f:ca:c5:
         ef:da:aa:2c:11:fe:b9:06:b1:11:ce:36:b5:a8:76:9e:36:c1:
         d9:2e:5c:dc:e0:4f:8b:0b:c8:52:55:85:55:56:96:e2:46:f6:
         82:a8:2b:c4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDM5MTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUxOEEzNURDOEQ1QkU2
QjI1RjIxQTYzQkY4MzNGMjQwOUZENkQwN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDayyniSAQfZLQnT/BzVviI6kpwDXdg0qYBfurhD9ey7+UWqqub
huYRzDj2sZSdJKhYusLe8BePEM5qPplmGWpSXtRxRoXcfv5+tv+Iw1exFhUwmz7C
UnlCgWAE+/O7CVZL2aINsw9S46Ne9M239SHJWL3lV8sWH38qIJU9iTILJOtQ/Gdh
VhOVLw7EnIW8KM/2tKMHjYGIBZjXtOVlaoh/5EgPHVlkyUuZWaA0AbkvHQFGEp9S
zh82TRPAV11z1qtIwLS6wefZJ5q1nsf41JEelNoPYxjh3Y7yGu2dbbfcd0qXU3bB
tyHue9WWTPx5ezqiPvTg6XCBrJETKXViomslAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4Yo13I1b5rJfIaY7+DPyQJ/W0H0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzRZbzEzSTFiNXJKZklhWTct
RFB5UUpfVzBIMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ2
6fgwDQYJKoZIhvcNAQELBQADggEBAEUEm2HKucYXFChKg7JUDZHpQIaILcYzqQlT
0A3Au0ta+9ap9B0iD4S9isjSAYVD8UvciOCCrQQMebgf/8tLjgGr8Wy2JUQ5E4CC
21venen/A4ixy8SUT2qo0CzzwqVNHSV/tyZozLMXZmPb2VXqiYUvi0mEzYA8GDYP
yF6fs7OV/7847HkUQsww08B05bFbAReRTkVc0BQFhtR7ovx2n9oTeT+kjne9ixNU
isDgPwe0C3ogmIf3czbLrcdzfLHYa7QmcU3rxKCixLzgYWxEh3aJcU1Oog/Kxe/a
qiwR/rkGsRHONrWodp42wdkuXNzgT4sLyFJVhVVWluJG9oKoK8Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:23 2024 by rpki-client on console-ams.rpki-client.org