Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Cn1Yak-APYs_VA1ZuZGCbd4Ab8A.roa
File:                     Cn1Yak-APYs_VA1ZuZGCbd4Ab8A.roa (raw, json)
Hash identifier:          m33iXIRjvJMGVw+nTQnwWo4kmNl8qhERx11egMr6kiQ=
Subject key identifier:   0A:7D:58:6A:4F:80:3D:8B:3F:54:0D:59:B9:91:82:6D:DE:00:6F:C0
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA0
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Cn1Yak-APYs_VA1ZuZGCbd4Ab8A.roa
Signing time:             Thu 15 Sep 2022 02:44:41 +0000
ROA not before:           Thu 15 Sep 2022 02:44:41 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        123.195.237.0/25 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8096 (0x1fa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:44:41 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=0A7D586A4F803D8B3F540D59B991826DDE006FC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a1:b5:f5:7c:8a:b4:82:7b:d9:54:a4:5d:ce:
                    a9:b4:4e:58:2d:21:59:1d:8d:06:e6:4c:4e:e4:6c:
                    33:df:77:f0:c6:7f:d7:30:22:04:4f:ab:88:f1:30:
                    36:56:fe:ab:0f:d4:3b:b4:35:a6:81:41:96:52:8a:
                    cc:8b:bb:d0:e4:bb:60:25:99:12:7e:70:d0:a7:a9:
                    96:00:51:16:74:19:c7:87:01:c8:7d:d5:10:28:89:
                    54:2f:e0:41:ec:dc:f2:7f:a3:13:bd:e5:66:a9:57:
                    87:bd:11:a7:86:a0:0c:33:21:da:76:e1:70:6e:0b:
                    34:87:50:5b:95:fb:06:11:ef:be:fa:44:7b:97:0e:
                    1c:df:4f:31:97:14:3c:58:f2:28:c0:4f:7e:be:14:
                    b4:bf:cc:bf:cd:e1:00:a7:c0:79:4b:5a:27:d7:08:
                    c6:ec:fa:72:9f:2f:cc:24:8c:bc:7a:4c:fa:bd:7c:
                    0d:0a:fa:e4:97:a8:6b:d3:7f:d7:d8:92:dd:9e:61:
                    be:46:3a:f3:66:4d:95:c1:bb:fc:8c:e5:8d:ce:2e:
                    81:a7:ed:78:f4:5f:ea:fa:09:8f:5e:c5:22:d2:5e:
                    a9:d2:17:18:3a:4f:9e:2d:eb:7e:96:38:e3:5c:d5:
                    6e:46:26:f5:f1:20:9a:15:ac:43:f8:e5:16:14:ec:
                    d0:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:7D:58:6A:4F:80:3D:8B:3F:54:0D:59:B9:91:82:6D:DE:00:6F:C0
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Cn1Yak-APYs_VA1ZuZGCbd4Ab8A.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.195.237.0/25

    Signature Algorithm: sha256WithRSAEncryption
         0c:cd:43:50:28:c7:09:da:50:92:9d:d2:b2:d8:ce:27:17:25:
         b6:41:05:6c:e7:da:a9:d0:90:4f:2d:9d:37:6b:11:af:1f:f5:
         68:b6:b2:10:63:7b:29:8b:2d:58:d2:c1:5d:b8:14:1c:27:5d:
         74:bc:9c:cb:8c:1c:c8:60:90:5b:7a:22:9a:fb:77:d9:28:ba:
         af:fc:56:2d:b2:8a:91:6b:0f:ee:f0:53:9e:2d:a5:5b:da:39:
         19:86:45:8c:1b:a7:52:27:4a:86:61:24:8b:24:aa:e1:74:99:
         aa:f8:27:9f:cd:9d:46:bc:c7:76:41:a6:27:fa:c3:0c:74:d9:
         e3:b7:46:c8:e1:36:96:1c:42:c6:ef:fb:98:3b:3f:6d:d5:66:
         e9:d9:a4:db:ae:aa:4a:50:bb:37:27:08:f1:22:99:2d:7c:47:
         de:06:43:cf:5f:77:3d:66:23:08:85:ea:98:d5:94:9a:97:37:
         f0:8c:fe:80:6a:58:da:5e:75:71:1e:51:84:e9:48:f1:f2:76:
         bc:0f:c0:2c:aa:1e:37:1f:33:5f:5e:0e:08:c9:ae:b4:52:de:
         d3:71:bb:95:53:ae:7f:22:d0:38:0b:08:78:26:7c:61:17:b0:
         4a:09:e3:66:3e:34:9f:a4:4b:0d:1e:81:91:b8:69:3b:8f:c0:
         0a:88:ca:65
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICH6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjQ0NDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBBN0Q1ODZBNEY4MDNE
OEIzRjU0MEQ1OUI5OTE4MjZEREUwMDZGQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8obX1fIq0gnvZVKRdzqm0TlgtIVkdjQbmTE7kbDPfd/DGf9cw
IgRPq4jxMDZW/qsP1Du0NaaBQZZSisyLu9Dku2AlmRJ+cNCnqZYAURZ0GceHAch9
1RAoiVQv4EHs3PJ/oxO95WapV4e9EaeGoAwzIdp24XBuCzSHUFuV+wYR7776RHuX
DhzfTzGXFDxY8ijAT36+FLS/zL/N4QCnwHlLWifXCMbs+nKfL8wkjLx6TPq9fA0K
+uSXqGvTf9fYkt2eYb5GOvNmTZXBu/yM5Y3OLoGn7Xj0X+r6CY9exSLSXqnSFxg6
T54t636WOONc1W5GJvXxIJoVrEP45RYU7NCTAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUCn1Yak+APYs/VA1ZuZGCbd4Ab8AwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0NuMVlhay1BUFlzX1ZBMVp1
WkdDYmQ0QWI4QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQd7
w+0AMA0GCSqGSIb3DQEBCwUAA4IBAQAMzUNQKMcJ2lCSndKy2M4nFyW2QQVs59qp
0JBPLZ03axGvH/VotrIQY3spiy1Y0sFduBQcJ110vJzLjBzIYJBbeiKa+3fZKLqv
/FYtsoqRaw/u8FOeLaVb2jkZhkWMG6dSJ0qGYSSLJKrhdJmq+CefzZ1GvMd2QaYn
+sMMdNnjt0bI4TaWHELG7/uYOz9t1Wbp2aTbrqpKULs3JwjxIpktfEfeBkPPX3c9
ZiMIheqY1ZSalzfwjP6AaljaXnVxHlGE6Ujx8na8D8Asqh43HzNfXg4Iya60Ut7T
cbuVU65/ItA4Cwh4JnxhF7BKCeNmPjSfpEsNHoGRuGk7j8AKiMpl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-fra.rpki-client.org