Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/KwWiuOo1NU7QkjLH69RgIdNSyqg.roa
File:                     KwWiuOo1NU7QkjLH69RgIdNSyqg.roa (raw, json)
Hash identifier:          O8q/VNLTOZED1Ar+ue9aAQKHqrKrWZX+Vsgt3I18vVo=
Subject key identifier:   2B:05:A2:B8:EA:35:35:4E:D0:92:32:C7:EB:D4:60:21:D3:52:CA:A8
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA0
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/KwWiuOo1NU7QkjLH69RgIdNSyqg.roa
Signing time:             Thu 15 Sep 2022 02:46:28 +0000
ROA not before:           Thu 15 Sep 2022 02:46:28 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        123.194.88.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8096 (0x1fa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:46:28 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=2B05A2B8EA35354ED09232C7EBD46021D352CAA8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:80:c1:25:3e:25:14:f9:57:e5:1a:10:8e:72:
                    9e:eb:7a:d6:b6:e7:d3:3e:c3:56:56:d1:53:b3:d0:
                    f7:d0:d7:00:00:3d:20:af:da:ad:95:90:6f:2f:3c:
                    81:40:22:1c:38:5f:25:93:e2:aa:8d:e8:87:29:2a:
                    eb:d1:e4:0a:50:63:be:f4:04:40:b2:b6:6c:cb:f0:
                    45:0b:b3:fb:4f:79:06:c8:4f:e0:b4:fb:99:1d:05:
                    10:97:06:7f:2e:02:8b:7b:cd:99:0b:4e:04:46:7b:
                    3b:72:cc:27:4e:53:20:e1:c4:a5:39:fa:69:41:11:
                    50:82:cb:55:96:36:56:0e:66:b9:7b:6a:5a:d8:f6:
                    64:42:f2:b3:22:5d:03:c9:fe:47:cd:3a:98:93:d2:
                    33:79:ed:d5:33:bf:33:25:b9:3a:03:4d:f1:4f:86:
                    51:d9:c6:99:88:20:fb:db:ae:c4:de:27:10:32:2d:
                    0f:7e:54:f5:dd:ad:b5:40:8b:45:2d:00:6b:51:27:
                    c9:96:2c:a1:4c:6e:4f:38:f6:58:85:d3:88:ca:64:
                    90:a4:fb:ef:46:88:7d:b0:f4:3a:09:fd:8c:2d:b2:
                    05:87:3d:9c:92:a1:8d:2b:7d:76:c1:f6:a4:d2:e8:
                    e2:54:d8:11:cf:a8:5c:6c:da:08:06:bd:74:bf:39:
                    ec:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:05:A2:B8:EA:35:35:4E:D0:92:32:C7:EB:D4:60:21:D3:52:CA:A8
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/KwWiuOo1NU7QkjLH69RgIdNSyqg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.194.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         92:64:d0:20:c3:52:9a:c9:8c:f5:36:59:61:5d:0f:6b:d8:a4:
         72:49:42:70:15:d8:0e:82:b7:f4:13:00:23:32:1a:e6:15:73:
         86:27:54:b2:39:a4:62:50:bc:59:a7:67:64:30:d0:64:cd:e7:
         cc:9e:02:d6:96:ea:f6:43:69:9c:fb:e7:43:5a:7f:f6:82:72:
         79:e5:92:d8:95:33:1b:25:49:9f:4d:66:86:36:f8:9b:b0:f8:
         cf:80:c9:85:46:4e:b4:41:e5:24:13:36:17:7b:52:b4:14:8b:
         92:84:1e:a7:0b:9e:e1:75:1c:5e:25:58:46:1a:ce:00:5a:7a:
         f8:e6:fb:9d:0a:52:1e:7d:14:24:41:6f:4d:ef:aa:e3:0f:b1:
         27:c2:f1:b5:88:d7:63:40:02:63:5b:97:5d:4d:5c:d8:a3:c0:
         f4:8f:db:ae:67:7d:3f:c0:69:40:e5:56:a5:af:99:8a:08:94:
         40:b9:25:b4:0e:95:45:12:94:cc:4a:8c:37:60:f8:b3:d9:1c:
         5f:25:ee:c2:9a:60:c4:71:c3:8f:ad:55:b7:95:13:28:d1:80:
         b1:00:80:b2:8c:27:e6:22:ac:20:47:4f:52:08:d8:46:ce:a6:
         a3:71:50:6f:78:e2:45:36:4f:82:e2:13:96:ed:20:4b:dc:ad:
         39:41:f8:87
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjQ2MjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJCMDVBMkI4RUEzNTM1
NEVEMDkyMzJDN0VCRDQ2MDIxRDM1MkNBQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsgMElPiUU+VflGhCOcp7reta259M+w1ZW0VOz0PfQ1wAAPSCv
2q2VkG8vPIFAIhw4XyWT4qqN6IcpKuvR5ApQY770BECytmzL8EULs/tPeQbIT+C0
+5kdBRCXBn8uAot7zZkLTgRGeztyzCdOUyDhxKU5+mlBEVCCy1WWNlYOZrl7alrY
9mRC8rMiXQPJ/kfNOpiT0jN57dUzvzMluToDTfFPhlHZxpmIIPvbrsTeJxAyLQ9+
VPXdrbVAi0UtAGtRJ8mWLKFMbk849liF04jKZJCk++9GiH2w9DoJ/YwtsgWHPZyS
oY0rfXbB9qTS6OJU2BHPqFxs2ggGvXS/OexHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKwWiuOo1NU7QkjLH69RgIdNSyqgwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0t3V2l1T28xTlU3UWtqTEg2
OVJnSWROU3lxZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wlgwDQYJKoZIhvcNAQELBQADggEBAJJk0CDDUprJjPU2WWFdD2vYpHJJQnAV2A6C
t/QTACMyGuYVc4YnVLI5pGJQvFmnZ2Qw0GTN58yeAtaW6vZDaZz750Naf/aCcnnl
ktiVMxslSZ9NZoY2+Juw+M+AyYVGTrRB5SQTNhd7UrQUi5KEHqcLnuF1HF4lWEYa
zgBaevjm+50KUh59FCRBb03vquMPsSfC8bWI12NAAmNbl11NXNijwPSP265nfT/A
aUDlVqWvmYoIlEC5JbQOlUUSlMxKjDdg+LPZHF8l7sKaYMRxw4+tVbeVEyjRgLEA
gLKMJ+YirCBHT1II2EbOpqNxUG944kU2T4LiE5btIEvcrTlB+Ic=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:28 2024 by rpki-client on console-ams.rpki-client.org