Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/96pCn1SRXyFMkdclBeV39AQERzE.roa
File:                     96pCn1SRXyFMkdclBeV39AQERzE.roa (raw, json)
Hash identifier:          cEkvQEziIbvI839GCq79vR1Ll3FI30iZWT1EXB+zFis=
Subject key identifier:   F7:AA:42:9F:54:91:5F:21:4C:91:D7:25:05:E5:77:F4:04:04:47:31
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1BF5
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/96pCn1SRXyFMkdclBeV39AQERzE.roa
Signing time:             Wed 29 Sep 2021 02:47:12 +0000
ROA not before:           Wed 29 Sep 2021 02:47:12 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        180.177.152.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7157 (0x1bf5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:47:12 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=F7AA429F54915F214C91D72505E577F404044731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:fe:f9:b9:02:66:07:2f:19:96:a9:39:6e:08:
                    46:e7:14:17:78:1d:04:d2:e1:98:56:c3:24:23:e9:
                    ee:22:29:a0:37:f0:f4:ee:fa:81:b3:80:b6:99:ea:
                    72:ed:8d:f4:cd:12:88:a2:71:ec:ff:0d:81:4c:27:
                    7b:94:49:9e:8f:f8:28:d7:53:b8:c7:a7:cb:be:8b:
                    29:0b:bc:0a:99:8d:44:8f:8c:3b:2a:1d:a3:07:0e:
                    02:bb:2a:a1:77:00:55:d7:dc:79:49:dd:99:84:16:
                    c2:6e:61:0b:0f:bf:a2:84:fb:a4:db:a1:35:d9:bf:
                    75:1c:05:b7:1d:25:86:64:a8:07:e7:61:1e:a8:0e:
                    65:5b:e8:ab:c2:78:f1:c1:5c:c9:35:c0:90:76:97:
                    ea:09:ae:f0:94:8d:f3:1a:5a:b9:5f:ff:31:cf:80:
                    dc:32:6d:33:e6:36:07:eb:35:f0:91:02:bb:2a:c3:
                    56:45:06:9c:57:7f:f7:b8:ee:99:19:c7:ad:3e:c1:
                    07:c6:59:7f:78:e3:63:f9:9f:dd:0a:52:c5:43:05:
                    2f:2e:f4:8c:3c:ba:7a:0c:d0:f8:9b:0a:77:65:df:
                    1f:f4:61:bc:e2:89:a9:d7:57:41:25:24:40:33:8d:
                    ca:d5:26:00:f7:08:67:f6:ff:49:d6:11:1a:0b:d2:
                    f2:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:AA:42:9F:54:91:5F:21:4C:91:D7:25:05:E5:77:F4:04:04:47:31
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/96pCn1SRXyFMkdclBeV39AQERzE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.177.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8b:0b:99:ab:ef:08:71:3d:f6:44:ef:23:b5:0c:97:00:9a:c6:
         ce:12:fb:fb:0a:55:14:47:69:30:96:05:22:36:60:5f:f9:cf:
         2a:80:c0:1d:70:75:62:c3:23:dc:26:03:6c:e8:cc:e1:7c:e5:
         7f:45:0c:5c:f6:8d:17:54:29:39:4b:f5:e8:54:b0:dd:c1:21:
         9d:63:bd:39:ba:d0:73:4b:f9:1b:12:7f:6e:68:25:6b:6e:ea:
         8a:fa:71:9f:e7:d6:86:94:79:bd:9e:31:10:53:96:92:4f:49:
         1c:02:25:06:25:a4:03:3f:4f:86:36:4c:7c:b5:8c:db:b8:d4:
         4a:48:8d:cf:6b:fd:5e:5f:70:38:fd:99:fc:f6:b1:25:1b:ca:
         30:19:e1:87:13:84:67:69:d1:08:91:0f:56:fd:99:e4:f1:2c:
         c5:e7:9f:26:38:a2:5a:6a:6f:af:e8:77:a8:0f:de:2d:cb:86:
         8c:d1:10:9a:d0:3d:d5:ab:dd:07:4e:56:86:ce:d8:c8:b7:5a:
         2b:0e:d9:a0:b9:b6:03:4d:da:52:b6:b3:05:6e:5f:81:2c:84:
         22:84:44:99:b0:b9:5d:b8:f3:a0:31:99:9b:7f:df:bb:e3:94:
         cd:65:b8:4e:47:b5:95:2e:11:2f:a0:39:72:65:c1:4e:32:22:
         ad:8e:6e:29
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG/UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ3MTJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEY3QUE0MjlGNTQ5MTVG
MjE0QzkxRDcyNTA1RTU3N0Y0MDQwNDQ3MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN/vm5AmYHLxmWqTluCEbnFBd4HQTS4ZhWwyQj6e4iKaA38PTu
+oGzgLaZ6nLtjfTNEoiicez/DYFMJ3uUSZ6P+CjXU7jHp8u+iykLvAqZjUSPjDsq
HaMHDgK7KqF3AFXX3HlJ3ZmEFsJuYQsPv6KE+6TboTXZv3UcBbcdJYZkqAfnYR6o
DmVb6KvCePHBXMk1wJB2l+oJrvCUjfMaWrlf/zHPgNwybTPmNgfrNfCRArsqw1ZF
BpxXf/e47pkZx60+wQfGWX9442P5n90KUsVDBS8u9Iw8unoM0PibCndl3x/0Ybzi
ianXV0ElJEAzjcrVJgD3CGf2/0nWERoL0vLNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU96pCn1SRXyFMkdclBeV39AQERzEwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzk2cENuMVNSWHlGTWtkY2xC
ZVYzOUFRRVJ6RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO0
sZgwDQYJKoZIhvcNAQELBQADggEBAIsLmavvCHE99kTvI7UMlwCaxs4S+/sKVRRH
aTCWBSI2YF/5zyqAwB1wdWLDI9wmA2zozOF85X9FDFz2jRdUKTlL9ehUsN3BIZ1j
vTm60HNL+RsSf25oJWtu6or6cZ/n1oaUeb2eMRBTlpJPSRwCJQYlpAM/T4Y2THy1
jNu41EpIjc9r/V5fcDj9mfz2sSUbyjAZ4YcThGdp0QiRD1b9meTxLMXnnyY4olpq
b6/od6gP3i3LhozREJrQPdWr3QdOVobO2Mi3WisO2aC5tgNN2lK2swVuX4EshCKE
RJmwuV2486AxmZt/37vjlM1luE5HtZUuES+gOXJlwU4yIq2Obik=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:25 2024 by rpki-client on console-ams.rpki-client.org