Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Qzcfkrun7FIeFxmcU48T7Ta-7lo.roa
File:                     Qzcfkrun7FIeFxmcU48T7Ta-7lo.roa (raw, json)
Hash identifier:          v2lRYGEocYND00zQX6z/k8f7yVH9owwysus6RUYgF04=
Subject key identifier:   43:37:1F:92:BB:A7:EC:52:1E:17:19:9C:53:8F:13:ED:36:BE:EE:5A
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA2
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Qzcfkrun7FIeFxmcU48T7Ta-7lo.roa
Signing time:             Thu 15 Sep 2022 02:53:04 +0000
ROA not before:           Thu 15 Sep 2022 02:53:04 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        180.176.128.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8098 (0x1fa2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:53:04 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=43371F92BBA7EC521E17199C538F13ED36BEEE5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1e:fd:9a:a6:93:82:c5:ba:ef:af:7c:8a:78:
                    e4:73:f2:ab:c7:b1:8b:f8:fe:91:b7:9a:64:41:67:
                    23:43:50:8d:29:b6:94:31:74:4a:4d:85:90:32:85:
                    1a:8b:2c:7f:97:ed:a1:9f:55:5e:13:95:03:6b:9a:
                    26:70:57:98:4d:46:2d:8c:3f:ac:fc:f1:40:f1:bf:
                    43:ac:c3:2b:d4:ae:a3:79:44:48:f1:01:55:fa:6d:
                    9d:26:65:54:50:10:8b:2e:53:a2:cc:99:74:38:5d:
                    b0:7c:29:3d:ab:28:60:4d:53:bb:54:9e:1d:3c:03:
                    22:8a:5f:45:99:2c:1b:21:7a:e3:a9:68:a4:a8:26:
                    a5:7f:c3:22:d6:f2:73:00:92:a1:10:f0:f8:3a:1e:
                    6d:a8:9a:73:cc:ac:1e:95:a6:a0:6f:06:4c:b6:c7:
                    d4:54:a4:6e:07:b0:bd:69:0d:92:b9:ed:5b:d2:14:
                    d5:a6:76:7c:61:2a:76:c1:15:e4:2b:5c:4b:f8:f8:
                    de:9a:11:8c:14:ec:45:3e:bc:c2:74:7b:20:9b:49:
                    2a:a1:34:24:3a:e2:c6:12:7f:d0:bc:52:89:9f:95:
                    e8:ca:db:6b:d7:98:2c:c8:5a:c9:f7:4a:e4:43:ea:
                    45:09:76:c1:55:d1:4f:d7:f1:84:c0:a3:3b:34:67:
                    30:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:37:1F:92:BB:A7:EC:52:1E:17:19:9C:53:8F:13:ED:36:BE:EE:5A
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Qzcfkrun7FIeFxmcU48T7Ta-7lo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.176.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         27:13:94:94:b5:f1:b3:d6:12:8a:18:03:5a:e9:2d:61:26:8a:
         8b:db:27:44:55:dd:1b:bd:5b:26:8e:ce:fb:e2:ef:d2:cf:4d:
         0d:4f:79:15:f2:d0:ea:5e:05:68:ec:dc:22:c0:15:ee:3b:fd:
         f8:ac:44:5b:75:c1:6f:46:3c:64:77:80:da:62:98:a1:61:d4:
         e9:00:b3:90:c7:67:a8:bb:9e:cd:80:f5:af:60:cc:a9:f8:e3:
         e8:5b:2d:b1:17:bc:cb:5d:c5:63:75:f7:94:6f:3e:0e:14:5b:
         2c:21:4e:e1:fd:05:a9:09:ec:4b:cc:7b:df:9c:20:29:46:c6:
         c9:85:5e:0e:ab:8a:67:d6:4c:fb:61:98:0e:91:96:b9:34:9a:
         18:bd:05:f5:a1:58:53:98:60:a5:08:66:a7:4a:d6:e8:ee:a6:
         a3:2d:d7:a3:58:c9:57:02:24:16:c7:01:47:7e:47:16:2b:e9:
         72:e5:09:e2:0c:1a:89:65:a9:36:b2:2e:5a:27:c3:ed:3c:1f:
         7d:46:35:f7:3f:49:00:95:0b:6d:9d:39:9f:6f:fe:55:2a:26:
         0e:d8:6a:f0:54:bc:9b:9f:7f:fd:86:dd:88:c8:ca:3e:da:c5:
         86:16:0b:ac:d4:17:3d:58:0e:e6:92:86:96:53:9e:7a:81:a6:
         09:36:34:9d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjUzMDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQzMzcxRjkyQkJBN0VD
NTIxRTE3MTk5QzUzOEYxM0VEMzZCRUVFNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSHv2appOCxbrvr3yKeORz8qvHsYv4/pG3mmRBZyNDUI0ptpQx
dEpNhZAyhRqLLH+X7aGfVV4TlQNrmiZwV5hNRi2MP6z88UDxv0OswyvUrqN5REjx
AVX6bZ0mZVRQEIsuU6LMmXQ4XbB8KT2rKGBNU7tUnh08AyKKX0WZLBsheuOpaKSo
JqV/wyLW8nMAkqEQ8Pg6Hm2omnPMrB6VpqBvBky2x9RUpG4HsL1pDZK57VvSFNWm
dnxhKnbBFeQrXEv4+N6aEYwU7EU+vMJ0eyCbSSqhNCQ64sYSf9C8UomflejK22vX
mCzIWsn3SuRD6kUJdsFV0U/X8YTAozs0ZzB9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQzcfkrun7FIeFxmcU48T7Ta+7lowHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1F6Y2ZrcnVuN0ZJZUZ4bWNV
NDhUN1RhLTdsby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO0
sIAwDQYJKoZIhvcNAQELBQADggEBACcTlJS18bPWEooYA1rpLWEmiovbJ0RV3Ru9
WyaOzvvi79LPTQ1PeRXy0OpeBWjs3CLAFe47/fisRFt1wW9GPGR3gNpimKFh1OkA
s5DHZ6i7ns2A9a9gzKn44+hbLbEXvMtdxWN195RvPg4UWywhTuH9BakJ7EvMe9+c
IClGxsmFXg6rimfWTPthmA6Rlrk0mhi9BfWhWFOYYKUIZqdK1ujupqMt16NYyVcC
JBbHAUd+RxYr6XLlCeIMGollqTayLlonw+08H31GNfc/SQCVC22dOZ9v/lUqJg7Y
avBUvJuff/2G3YjIyj7axYYWC6zUFz1YDuaShpZTnnqBpgk2NJ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:31 2024 by rpki-client on console-ams.rpki-client.org