Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/88uCgq9c-WJXnF36FsHmO674avA.roa
File:                     88uCgq9c-WJXnF36FsHmO674avA.roa (raw, json)
Hash identifier:          1HruB7C4xtf4NO9VEzV33GH2QR0lL2x628c5jF9RtW0=
Subject key identifier:   F3:CB:82:82:AF:5C:F9:62:57:9C:5D:FA:16:C1:E6:3B:AE:F8:6A:F0
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       10EF
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/88uCgq9c-WJXnF36FsHmO674avA.roa
Signing time:             Wed 27 Jan 2021 07:04:10 +0000
ROA not before:           Wed 27 Jan 2021 07:04:10 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38841
IP address blocks:        123.195.168.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4335 (0x10ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Jan 27 07:04:10 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=F3CB8282AF5CF962579C5DFA16C1E63BAEF86AF0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:51:ee:5d:e1:55:01:a5:5e:79:04:52:85:36:
                    a6:bc:49:e7:c7:b4:70:ed:0b:80:5e:23:bb:da:fd:
                    4c:57:4d:f4:f4:19:b2:81:54:25:df:90:10:7a:9f:
                    34:26:b7:ca:cb:11:d3:64:30:3e:7b:e3:c3:1a:99:
                    86:5e:12:e0:24:3d:c9:dd:4f:fa:c2:38:35:5a:5d:
                    c9:25:18:12:bc:c2:f7:6e:3d:c6:b9:64:53:65:6a:
                    37:65:aa:94:5d:ab:4a:59:b1:36:53:bd:2f:04:a5:
                    08:ac:72:37:4a:6c:58:82:5c:aa:d5:bf:d1:0c:6d:
                    5b:c5:f9:96:17:2e:6c:91:b3:e8:65:ec:c3:34:23:
                    90:8b:a4:ec:73:de:d6:df:16:54:21:b5:ba:fa:c4:
                    b1:78:1e:49:40:19:2b:a3:b9:c6:86:d6:b0:5e:1c:
                    5b:09:4c:c3:ac:67:7b:19:6c:4b:0c:4d:ed:79:90:
                    ab:0a:9e:aa:cb:c7:13:d1:2d:d6:16:e9:b5:0b:15:
                    08:75:52:2b:d7:e5:0a:8c:f7:07:5d:cf:89:9b:92:
                    01:fc:59:97:4e:f5:28:82:40:1e:2d:13:37:0a:b8:
                    95:af:98:a2:d8:7e:57:da:bc:c3:8f:2a:e5:25:ca:
                    48:f0:a8:bf:99:0b:4d:10:56:ea:f9:fd:76:73:89:
                    c0:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:CB:82:82:AF:5C:F9:62:57:9C:5D:FA:16:C1:E6:3B:AE:F8:6A:F0
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/88uCgq9c-WJXnF36FsHmO674avA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.195.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:b4:bc:2f:1e:f8:84:50:5e:b5:f4:f9:d2:22:3d:3f:37:62:
         2a:5a:26:1c:a0:73:8e:e2:14:98:34:e3:76:e5:1c:c3:31:75:
         ec:27:06:bd:53:30:08:bd:79:89:c8:cf:45:76:96:38:c1:05:
         2e:42:90:30:21:ec:65:e7:71:d0:cf:96:66:fb:d6:92:a2:17:
         8b:cc:01:16:50:ac:4d:36:a5:f3:c9:49:99:3d:79:b7:58:e8:
         15:bf:07:80:3b:0a:66:3b:23:fa:9d:9d:d5:13:bf:9b:21:f9:
         d8:7f:6c:0b:b9:54:c0:18:f8:1f:e7:4a:a5:8a:de:e8:a3:31:
         6a:2c:68:ca:30:5a:0e:ba:19:ba:1c:44:d6:2e:54:41:bb:91:
         27:ef:b2:05:6e:87:49:f1:29:a1:6b:45:04:12:23:25:b7:3f:
         85:1e:c9:7e:d1:86:d9:e5:18:a3:c7:1d:b7:62:d2:fb:5b:ee:
         71:fa:bd:30:58:89:45:4a:d0:f9:73:4a:0d:b4:8e:02:c0:b6:
         34:35:2d:1e:82:42:af:93:7b:4f:b5:14:e2:5b:92:ca:38:25:
         4f:00:49:84:99:59:00:6c:4d:1d:a0:fd:85:4a:c3:f6:6b:cb:
         9a:83:83:63:a7:22:1e:ca:71:9b:d9:52:8b:c5:30:8a:70:4c:
         3f:c8:e1:23
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTAxMjcw
NzA0MTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEYzQ0I4MjgyQUY1Q0Y5
NjI1NzlDNURGQTE2QzFFNjNCQUVGODZBRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmUe5d4VUBpV55BFKFNqa8SefHtHDtC4BeI7va/UxXTfT0GbKB
VCXfkBB6nzQmt8rLEdNkMD5748MamYZeEuAkPcndT/rCODVaXcklGBK8wvduPca5
ZFNlajdlqpRdq0pZsTZTvS8EpQiscjdKbFiCXKrVv9EMbVvF+ZYXLmyRs+hl7MM0
I5CLpOxz3tbfFlQhtbr6xLF4HklAGSujucaG1rBeHFsJTMOsZ3sZbEsMTe15kKsK
nqrLxxPRLdYW6bULFQh1UivX5QqM9wddz4mbkgH8WZdO9SiCQB4tEzcKuJWvmKLY
flfavMOPKuUlykjwqL+ZC00QVur5/XZzicADAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU88uCgq9c+WJXnF36FsHmO674avAwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzg4dUNncTljLVdKWG5GMzZG
c0htTzY3NGF2QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7
w6gwDQYJKoZIhvcNAQELBQADggEBAEW0vC8e+IRQXrX0+dIiPT83YipaJhygc47i
FJg043blHMMxdewnBr1TMAi9eYnIz0V2ljjBBS5CkDAh7GXncdDPlmb71pKiF4vM
ARZQrE02pfPJSZk9ebdY6BW/B4A7CmY7I/qdndUTv5sh+dh/bAu5VMAY+B/nSqWK
3uijMWosaMowWg66GbocRNYuVEG7kSfvsgVuh0nxKaFrRQQSIyW3P4UeyX7Rhtnl
GKPHHbdi0vtb7nH6vTBYiUVK0PlzSg20jgLAtjQ1LR6CQq+Te0+1FOJbkso4JU8A
SYSZWQBsTR2g/YVKw/Zry5qDg2OnIh7KcZvZUovFMIpwTD/I4SM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-fra.rpki-client.org