Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LfJMDRr_0HsXnzJ_j6K0YqN8BEw.roa
File:                     LfJMDRr_0HsXnzJ_j6K0YqN8BEw.roa (raw, json)
Hash identifier:          nuuf1BDcNWzKHeISP9sLqEjgtXYJg0RDzS3CebA4df0=
Subject key identifier:   2D:F2:4C:0D:1A:FF:D0:7B:17:9F:32:7F:8F:A2:B4:62:A3:7C:04:4C
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1087
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LfJMDRr_0HsXnzJ_j6K0YqN8BEw.roa
Signing time:             Mon 16 Nov 2020 01:56:23 +0000
ROA not before:           Mon 16 Nov 2020 01:56:23 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38841
IP address blocks:        123.195.20.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4231 (0x1087)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Nov 16 01:56:23 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=2DF24C0D1AFFD07B179F327F8FA2B462A37C044C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:24:06:f8:5e:4e:0c:8e:f4:3b:c8:37:7e:e4:
                    2d:60:3d:4e:57:80:0a:5f:f8:54:69:f6:16:58:0f:
                    29:55:60:73:39:1b:b4:77:67:86:77:93:8a:cd:93:
                    f2:f8:fd:60:d6:ee:06:d2:7e:40:0a:2c:a4:04:25:
                    21:9d:6e:92:4e:28:99:5c:03:20:93:93:95:50:66:
                    b7:05:cc:8f:ae:a7:53:10:71:13:7b:93:d6:37:1c:
                    a8:ff:7d:64:17:d7:95:76:8f:62:db:34:10:71:b6:
                    54:aa:be:90:66:bb:47:7f:de:fb:16:d8:b5:66:0b:
                    5b:ef:4b:da:34:3f:20:53:8f:e1:40:89:1a:3b:7f:
                    31:80:16:8f:cd:77:e0:fa:f9:eb:c4:a5:2e:ff:dc:
                    b0:d5:05:e6:8c:4f:ab:b5:29:b2:e6:5e:15:e0:26:
                    7d:ff:01:c8:d1:55:e9:40:93:c7:e2:77:85:5c:b0:
                    71:a0:af:1f:24:fa:91:de:fc:fb:c9:c1:98:5a:5b:
                    f3:5a:c6:1d:8c:9d:3d:8f:9f:46:ad:f4:09:52:71:
                    83:6f:87:e9:1d:30:06:1c:9e:d0:d0:55:25:f9:1d:
                    37:35:79:5c:33:b3:82:df:3a:6e:fe:85:1b:7b:3c:
                    aa:e9:a9:f0:1d:46:e3:8c:65:ac:4f:b2:2e:98:23:
                    3d:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:F2:4C:0D:1A:FF:D0:7B:17:9F:32:7F:8F:A2:B4:62:A3:7C:04:4C
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LfJMDRr_0HsXnzJ_j6K0YqN8BEw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.195.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a7:4e:8e:1a:28:c7:86:4d:02:35:3a:7a:9f:61:c2:33:88:aa:
         a6:43:1f:45:6a:f5:7e:74:0c:98:18:2b:23:db:bf:cf:f1:ed:
         70:07:fa:41:e2:80:de:30:5b:64:d1:7b:5c:a3:4a:cd:40:c2:
         d5:b0:93:cb:82:ec:83:89:1d:c5:cd:67:26:9c:e2:74:03:56:
         71:b8:3e:bd:c2:e6:32:08:e4:5f:6d:4e:69:a4:06:28:63:1b:
         69:af:c4:0f:c4:09:99:ca:7f:65:3e:3c:d7:55:5c:54:75:2c:
         e3:d6:31:53:30:80:d1:4e:3e:ee:77:f0:d7:3c:23:73:fa:ef:
         15:3a:20:07:93:47:b1:ca:fe:bd:db:b0:26:23:b0:05:24:3e:
         1e:bf:ef:2b:e6:3b:7e:a3:cf:cb:c7:99:ab:82:2b:c2:87:4c:
         46:11:25:20:e5:d8:d4:8c:d1:64:4f:56:8e:f1:78:72:c0:e4:
         af:43:4c:e6:54:94:3b:2b:34:e0:0a:14:76:a2:f2:73:7b:bd:
         af:15:fc:87:cd:d7:f8:32:6f:a3:de:39:bb:bf:23:03:f1:83:
         a6:84:05:0b:ef:2c:ac:12:86:96:f2:c2:99:b9:5c:1e:da:5f:
         15:2e:af:99:dd:12:67:f6:da:1a:7c:5c:43:ac:52:92:78:60:
         c8:d7:e5:75
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMDExMTYw
MTU2MjNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJERjI0QzBEMUFGRkQw
N0IxNzlGMzI3RjhGQTJCNDYyQTM3QzA0NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4JAb4Xk4MjvQ7yDd+5C1gPU5XgApf+FRp9hZYDylVYHM5G7R3
Z4Z3k4rNk/L4/WDW7gbSfkAKLKQEJSGdbpJOKJlcAyCTk5VQZrcFzI+up1MQcRN7
k9Y3HKj/fWQX15V2j2LbNBBxtlSqvpBmu0d/3vsW2LVmC1vvS9o0PyBTj+FAiRo7
fzGAFo/Nd+D6+evEpS7/3LDVBeaMT6u1KbLmXhXgJn3/AcjRVelAk8fid4VcsHGg
rx8k+pHe/PvJwZhaW/Naxh2MnT2Pn0at9AlScYNvh+kdMAYcntDQVSX5HTc1eVwz
s4LfOm7+hRt7PKrpqfAdRuOMZaxPsi6YIz1FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULfJMDRr/0HsXnzJ/j6K0YqN8BEwwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0xmSk1EUnJfMEhzWG56Sl9q
NkswWXFOOEJFdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7
wxQwDQYJKoZIhvcNAQELBQADggEBAKdOjhoox4ZNAjU6ep9hwjOIqqZDH0Vq9X50
DJgYKyPbv8/x7XAH+kHigN4wW2TRe1yjSs1AwtWwk8uC7IOJHcXNZyac4nQDVnG4
Pr3C5jII5F9tTmmkBihjG2mvxA/ECZnKf2U+PNdVXFR1LOPWMVMwgNFOPu538Nc8
I3P67xU6IAeTR7HK/r3bsCYjsAUkPh6/7yvmO36jz8vHmauCK8KHTEYRJSDl2NSM
0WRPVo7xeHLA5K9DTOZUlDsrNOAKFHai8nN7va8V/IfN1/gyb6PeObu/IwPxg6aE
BQvvLKwShpbywpm5XB7aXxUur5ndEmf22hp8XEOsUpJ4YMjX5XU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:28 2024 by rpki-client on console-ams.rpki-client.org