Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/8bLqFUlGYQIaFhl0CHXmCdd4SrM.roa
File:                     8bLqFUlGYQIaFhl0CHXmCdd4SrM.roa (raw, json)
Hash identifier:          9Tixf861rlwaomYtg5f3Bd0UuXkAbiyIHO48agFYFaA=
Subject key identifier:   F1:B2:EA:15:49:46:61:02:1A:16:19:74:08:75:E6:09:D7:78:4A:B3
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1731
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/8bLqFUlGYQIaFhl0CHXmCdd4SrM.roa
Signing time:             Sun 07 Feb 2021 12:17:21 +0000
ROA not before:           Sun 07 Feb 2021 12:17:21 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38841
IP address blocks:        123.195.240.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5937 (0x1731)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Feb  7 12:17:21 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=F1B2EA15494661021A1619740875E609D7784AB3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:1a:08:69:b0:61:23:09:0b:4a:03:8a:f3:45:
                    ca:66:70:26:d8:30:1d:50:b1:9c:ca:08:25:73:2f:
                    2d:07:4d:b9:a7:5d:af:06:25:5c:64:77:c0:4a:2b:
                    a3:99:39:3f:d2:bb:bd:12:5e:51:20:3b:92:9d:fd:
                    5f:8a:d5:f2:2b:9f:7e:42:44:3b:54:35:c8:c0:a3:
                    64:22:30:0b:b7:1b:a2:67:b8:f6:19:32:72:00:98:
                    96:6f:cc:ac:5f:eb:1a:ad:75:84:ec:ca:3e:d2:d4:
                    3c:5f:ec:4e:91:ed:46:18:73:e8:db:4f:70:e8:ab:
                    43:8b:20:21:c9:ff:05:e7:43:85:ec:3d:4a:82:f6:
                    3f:9e:a5:b0:31:82:5a:7e:13:91:85:8e:b0:a9:90:
                    58:d3:89:65:0e:78:22:70:b0:c9:fe:bd:45:79:c8:
                    8f:bc:42:2b:6c:21:55:29:29:d9:67:0d:2a:18:92:
                    fe:12:9e:0a:a9:49:f7:17:f9:c1:2c:b2:96:5c:3d:
                    d0:ce:78:0c:90:51:c1:9e:d8:62:51:fd:b1:a4:57:
                    e7:d7:bb:67:9f:a5:77:1a:5a:80:ef:8b:ec:6b:6b:
                    db:ce:bb:a3:c4:13:f3:2c:f4:af:43:4c:45:98:64:
                    e1:ae:3c:32:6d:30:a2:e9:e3:c9:50:e0:42:bd:a8:
                    6b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:B2:EA:15:49:46:61:02:1A:16:19:74:08:75:E6:09:D7:78:4A:B3
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/8bLqFUlGYQIaFhl0CHXmCdd4SrM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.195.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         42:e8:0b:ff:2c:ab:04:02:93:e0:4d:c8:e0:cf:7e:69:d0:b4:
         c0:02:17:c6:52:e2:66:46:0a:f7:60:46:5b:d6:3c:24:37:0e:
         af:6e:78:40:c9:97:ee:83:17:f2:cc:36:38:d3:81:04:67:01:
         60:56:35:3e:e1:88:70:53:1a:97:5f:f7:55:93:3d:09:c1:4c:
         4d:15:1a:34:50:13:d8:0f:ef:4e:6b:8d:01:d2:f2:df:cf:bb:
         a2:82:1e:67:b6:91:d7:bb:31:31:ab:a9:25:01:01:f1:cd:3f:
         c9:e6:ba:f1:2d:d9:33:e6:03:c0:ff:cd:52:21:3b:e8:80:36:
         93:58:a1:3a:63:a6:e0:b8:83:ca:2c:42:97:ff:3f:ad:af:e3:
         01:89:af:48:de:c2:3d:39:22:9e:31:58:fd:e8:0e:d0:19:9d:
         20:fc:b5:73:23:bc:3b:44:d0:e2:4a:a3:af:c0:19:d9:18:2f:
         d8:4b:f8:52:dc:30:ee:f9:6e:2e:2c:1d:2c:24:08:32:d6:f6:
         4f:e9:d1:78:33:42:b1:94:4b:18:f9:dc:3b:0c:bb:25:0c:bb:
         de:33:35:76:43:69:3c:1c:63:33:86:23:f3:76:a5:f6:91:c5:
         9f:c0:e3:c9:b3:0a:78:4a:e6:3e:3c:85:32:40:b2:94:7f:cb:
         09:6d:8e:29
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTAyMDcx
MjE3MjFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEYxQjJFQTE1NDk0NjYx
MDIxQTE2MTk3NDA4NzVFNjA5RDc3ODRBQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRGghpsGEjCQtKA4rzRcpmcCbYMB1QsZzKCCVzLy0HTbmnXa8G
JVxkd8BKK6OZOT/Su70SXlEgO5Kd/V+K1fIrn35CRDtUNcjAo2QiMAu3G6JnuPYZ
MnIAmJZvzKxf6xqtdYTsyj7S1Dxf7E6R7UYYc+jbT3Doq0OLICHJ/wXnQ4XsPUqC
9j+epbAxglp+E5GFjrCpkFjTiWUOeCJwsMn+vUV5yI+8QitsIVUpKdlnDSoYkv4S
ngqpSfcX+cEsspZcPdDOeAyQUcGe2GJR/bGkV+fXu2efpXcaWoDvi+xra9vOu6PE
E/Ms9K9DTEWYZOGuPDJtMKLp48lQ4EK9qGuFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8bLqFUlGYQIaFhl0CHXmCdd4SrMwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzhiTHFGVWxHWVFJYUZobDBD
SFhtQ2RkNFNyTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
w/AwDQYJKoZIhvcNAQELBQADggEBAELoC/8sqwQCk+BNyODPfmnQtMACF8ZS4mZG
CvdgRlvWPCQ3Dq9ueEDJl+6DF/LMNjjTgQRnAWBWNT7hiHBTGpdf91WTPQnBTE0V
GjRQE9gP705rjQHS8t/Pu6KCHme2kde7MTGrqSUBAfHNP8nmuvEt2TPmA8D/zVIh
O+iANpNYoTpjpuC4g8osQpf/P62v4wGJr0jewj05Ip4xWP3oDtAZnSD8tXMjvDtE
0OJKo6/AGdkYL9hL+FLcMO75bi4sHSwkCDLW9k/p0XgzQrGUSxj53DsMuyUMu94z
NXZDaTwcYzOGI/N2pfaRxZ/A48mzCnhK5j48hTJAspR/ywltjik=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-fra.rpki-client.org