Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/QwpsVbcqf-DyOBnQCoTrHy0GjK4.roa
File:                     QwpsVbcqf-DyOBnQCoTrHy0GjK4.roa (raw, json)
Hash identifier:          HrtAHpq1KMwQIZsr8V2uOx54d4+/+9zcRyxS+mP/Uv8=
Subject key identifier:   43:0A:6C:55:B7:2A:7F:E0:F2:38:19:D0:0A:84:EB:1F:2D:06:8C:AE
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA2
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/QwpsVbcqf-DyOBnQCoTrHy0GjK4.roa
Signing time:             Thu 15 Sep 2022 02:53:57 +0000
ROA not before:           Thu 15 Sep 2022 02:53:57 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        123.194.192.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8098 (0x1fa2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:53:57 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=430A6C55B72A7FE0F23819D00A84EB1F2D068CAE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:8e:02:e9:b1:d8:0a:6f:a7:6f:43:a4:b6:c2:
                    f4:82:1c:2f:a3:61:d0:65:f7:e5:e3:2f:d8:26:08:
                    43:1d:b2:df:d0:19:20:ef:8f:60:ce:1e:88:97:fd:
                    b3:0a:80:a2:dd:b2:10:41:f3:54:34:ce:67:22:1d:
                    a6:95:3a:4d:58:79:11:bf:58:9a:1f:c1:96:25:cd:
                    95:77:d2:7f:8b:5e:bc:db:67:de:a1:a9:31:89:ab:
                    8f:5c:27:4b:2c:b5:c1:52:04:67:20:cb:17:0a:2d:
                    00:35:ac:18:d1:e1:46:83:ba:df:f2:5d:f1:33:f0:
                    09:ae:16:fc:4b:38:cc:64:f5:45:86:88:e3:c3:c8:
                    51:bc:f9:c6:11:d2:92:96:8a:83:0f:be:cf:dd:f2:
                    d5:3c:01:88:83:cf:fb:c1:ae:2d:9c:00:0d:06:70:
                    24:0e:55:70:e3:cc:aa:6e:da:a0:68:ea:03:fd:09:
                    b2:c9:ed:2c:3e:d7:1d:9c:33:ac:f2:be:a1:9e:9b:
                    fa:1c:67:54:89:7b:d0:dd:85:9d:f3:42:36:31:0f:
                    e8:ee:ec:f7:74:c1:66:44:f3:9a:ab:33:05:d0:a8:
                    bd:4e:7d:fd:45:8c:b3:e1:a6:db:d8:f7:b4:0e:30:
                    21:4f:41:97:9e:c0:5b:00:75:04:c0:9e:78:04:c0:
                    fd:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:0A:6C:55:B7:2A:7F:E0:F2:38:19:D0:0A:84:EB:1F:2D:06:8C:AE
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/QwpsVbcqf-DyOBnQCoTrHy0GjK4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.194.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         45:ce:c7:97:27:cb:4a:5e:42:b3:36:7a:ba:89:63:76:dc:db:
         f9:ec:82:fa:30:bc:f2:a6:cf:71:23:1f:e7:c9:03:7c:10:cf:
         a1:77:69:9d:2e:24:03:e6:43:42:a3:ca:d7:35:89:42:37:33:
         98:7c:03:2b:b2:c2:28:fe:28:d5:83:cb:78:ce:96:ad:8c:a1:
         46:c3:7a:7d:d0:69:1e:f7:8e:9e:f0:cb:ae:6b:45:71:27:7f:
         bb:07:32:bb:37:00:a9:3c:7b:e1:10:a8:12:93:c8:b3:2a:17:
         6a:0c:bf:5d:21:87:ab:c8:61:00:ed:b5:f0:37:20:44:73:f9:
         63:8d:6f:43:2d:c0:30:98:bc:d2:2b:d4:4e:a7:7c:a4:0b:60:
         96:0d:be:f7:25:ce:ee:f4:13:e8:33:98:cb:f5:04:53:d9:96:
         b3:01:80:71:2e:29:0d:fc:e7:64:d4:0b:46:6f:cf:6e:e6:1d:
         da:6b:b6:7e:65:e9:2c:1c:b8:b1:90:45:92:55:a7:8e:ff:5a:
         84:39:98:9f:43:c6:8a:03:a0:5c:56:b4:a1:01:1c:be:28:9a:
         b5:24:58:6f:bf:d7:93:ab:7a:6d:ea:94:12:a7:04:a3:04:0d:
         76:aa:ec:88:11:e7:85:76:99:84:a3:85:87:43:69:56:c4:cd:
         be:19:89:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjUzNTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQzMEE2QzU1QjcyQTdG
RTBGMjM4MTlEMDBBODRFQjFGMkQwNjhDQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqjgLpsdgKb6dvQ6S2wvSCHC+jYdBl9+XjL9gmCEMdst/QGSDv
j2DOHoiX/bMKgKLdshBB81Q0zmciHaaVOk1YeRG/WJofwZYlzZV30n+LXrzbZ96h
qTGJq49cJ0sstcFSBGcgyxcKLQA1rBjR4UaDut/yXfEz8AmuFvxLOMxk9UWGiOPD
yFG8+cYR0pKWioMPvs/d8tU8AYiDz/vBri2cAA0GcCQOVXDjzKpu2qBo6gP9CbLJ
7Sw+1x2cM6zyvqGem/ocZ1SJe9DdhZ3zQjYxD+ju7Pd0wWZE85qrMwXQqL1Off1F
jLPhptvY97QOMCFPQZeewFsAdQTAnngEwP2xAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQwpsVbcqf+DyOBnQCoTrHy0GjK4wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1F3cHNWYmNxZi1EeU9CblFD
b1RySHkwR2pLNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wsAwDQYJKoZIhvcNAQELBQADggEBAEXOx5cny0peQrM2erqJY3bc2/nsgvowvPKm
z3EjH+fJA3wQz6F3aZ0uJAPmQ0Kjytc1iUI3M5h8Ayuywij+KNWDy3jOlq2MoUbD
en3QaR73jp7wy65rRXEnf7sHMrs3AKk8e+EQqBKTyLMqF2oMv10hh6vIYQDttfA3
IERz+WONb0MtwDCYvNIr1E6nfKQLYJYNvvclzu70E+gzmMv1BFPZlrMBgHEuKQ38
52TUC0Zvz27mHdprtn5l6SwcuLGQRZJVp47/WoQ5mJ9DxooDoFxWtKEBHL4omrUk
WG+/15Orem3qlBKnBKMEDXaq7IgR54V2mYSjhYdDaVbEzb4ZidU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:31 2024 by rpki-client on console-ams.rpki-client.org