Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/4uxsQKHPSgSYbpPupunW3NQtu9Y.roa
File:                     4uxsQKHPSgSYbpPupunW3NQtu9Y.roa (raw, json)
Hash identifier:          Z9yDIcIU4YJUczEBlf4hFCkvPRuXtBR0qOP6jxUtuhs=
Subject key identifier:   E2:EC:6C:40:A1:CF:4A:04:98:6E:93:EE:A6:E9:D6:DC:D4:2D:BB:D6
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       165D
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/4uxsQKHPSgSYbpPupunW3NQtu9Y.roa
Signing time:             Sun 07 Feb 2021 12:09:58 +0000
ROA not before:           Sun 07 Feb 2021 12:09:58 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38841
IP address blocks:        123.195.144.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5725 (0x165d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Feb  7 12:09:58 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E2EC6C40A1CF4A04986E93EEA6E9D6DCD42DBBD6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d5:07:52:9f:12:c3:5f:59:d1:7d:c1:64:93:
                    e9:82:2d:83:97:79:c0:24:d2:16:88:b7:33:0c:ea:
                    af:a6:24:0b:a0:0e:db:d5:90:87:4f:fa:87:ed:fc:
                    26:f4:1c:c2:68:61:95:1d:ae:ad:52:0f:0a:54:5e:
                    e3:90:c5:67:50:ab:17:44:8e:ba:fa:a5:d2:4c:e9:
                    cd:3c:1f:94:1f:14:e1:6f:3f:b6:54:ec:e6:f7:3a:
                    64:30:88:c7:73:4f:6a:1b:cf:b1:c7:b6:15:31:4b:
                    b6:bd:26:dc:61:92:5f:96:d7:43:c5:0a:20:35:67:
                    7d:84:06:cb:95:db:f2:a0:0b:5f:6d:00:ad:77:c4:
                    44:32:f1:46:46:d6:a8:48:a7:f7:b0:f6:ca:e7:ae:
                    63:ad:67:dd:92:49:50:01:26:69:90:79:b0:e9:9a:
                    75:8c:67:49:26:ec:a9:4c:7c:ce:d1:aa:5d:3f:7e:
                    8c:0b:ce:91:9a:d9:61:87:ab:c4:50:2b:22:97:0c:
                    13:cf:8f:ec:5a:16:13:eb:cb:e6:a4:16:93:35:89:
                    c3:d0:fc:cf:fa:97:44:41:c9:f0:e0:b6:e7:12:95:
                    f4:b7:f7:af:68:53:ef:6c:04:18:0b:a6:f7:b8:84:
                    f2:6e:ac:cf:ba:7f:be:86:f0:33:81:03:29:57:10:
                    d9:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:EC:6C:40:A1:CF:4A:04:98:6E:93:EE:A6:E9:D6:DC:D4:2D:BB:D6
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/4uxsQKHPSgSYbpPupunW3NQtu9Y.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.195.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8e:89:e2:c6:b8:94:58:01:4b:8e:87:0b:d9:3e:37:19:fe:79:
         47:1b:a7:43:a8:69:38:b6:3a:25:f8:49:90:48:55:70:f9:7f:
         1a:bb:e7:07:c9:97:5a:4a:a6:5f:a1:0e:7b:21:3a:b6:3f:2c:
         f7:5c:80:39:26:6c:cb:46:84:aa:3c:15:4a:27:be:53:03:79:
         b2:40:c7:76:d8:39:35:13:cf:50:8b:09:23:82:fe:9d:77:22:
         68:e7:8d:c9:11:52:b1:cd:5f:fa:1a:16:5f:04:ec:dd:71:40:
         7e:cf:40:6b:03:7d:6e:33:ef:98:89:4c:e3:ec:b8:24:d7:c9:
         95:0f:07:49:c2:69:a5:6f:2a:ed:6d:02:80:86:35:14:9f:bd:
         a2:0c:90:1a:fc:65:3b:38:ae:d6:94:b0:2a:30:e0:c2:75:7c:
         ea:ef:c6:12:3c:ba:b6:a3:e1:90:46:ae:d6:23:40:7b:bb:9e:
         f2:2a:27:21:9f:11:b9:e9:fc:2c:11:0f:ae:3a:9b:df:be:27:
         5d:31:dc:8c:11:65:4c:f4:6e:5e:4c:0e:07:86:de:a2:a4:00:
         f8:f3:6c:1d:10:06:25:0c:bf:da:5d:29:16:7d:30:70:12:8e:
         a1:dc:8d:4e:9e:c0:53:50:38:50:97:fc:9f:56:b8:46:e4:3e:
         49:03:33:fe
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTAyMDcx
MjA5NThaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEUyRUM2QzQwQTFDRjRB
MDQ5ODZFOTNFRUE2RTlENkRDRDQyREJCRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDO1QdSnxLDX1nRfcFkk+mCLYOXecAk0haItzMM6q+mJAugDtvV
kIdP+oft/Cb0HMJoYZUdrq1SDwpUXuOQxWdQqxdEjrr6pdJM6c08H5QfFOFvP7ZU
7Ob3OmQwiMdzT2obz7HHthUxS7a9Jtxhkl+W10PFCiA1Z32EBsuV2/KgC19tAK13
xEQy8UZG1qhIp/ew9srnrmOtZ92SSVABJmmQebDpmnWMZ0km7KlMfM7Rql0/fowL
zpGa2WGHq8RQKyKXDBPPj+xaFhPry+akFpM1icPQ/M/6l0RByfDgtucSlfS3969o
U+9sBBgLpve4hPJurM+6f76G8DOBAylXENn/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4uxsQKHPSgSYbpPupunW3NQtu9YwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzR1eHNRS0hQU2dTWWJwUHVw
dW5XM05RdHU5WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR7
w5AwDQYJKoZIhvcNAQELBQADggEBAI6J4sa4lFgBS46HC9k+Nxn+eUcbp0OoaTi2
OiX4SZBIVXD5fxq75wfJl1pKpl+hDnshOrY/LPdcgDkmbMtGhKo8FUonvlMDebJA
x3bYOTUTz1CLCSOC/p13ImjnjckRUrHNX/oaFl8E7N1xQH7PQGsDfW4z75iJTOPs
uCTXyZUPB0nCaaVvKu1tAoCGNRSfvaIMkBr8ZTs4rtaUsCow4MJ1fOrvxhI8uraj
4ZBGrtYjQHu7nvIqJyGfEbnp/CwRD646m9++J10x3IwRZUz0bl5MDgeG3qKkAPjz
bB0QBiUMv9pdKRZ9MHASjqHcjU6ewFNQOFCX/J9WuEbkPkkDM/4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-fra.rpki-client.org