Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/R2_Yl-qu3afMmq6oclP7c9HJXgs.roa
File:                     R2_Yl-qu3afMmq6oclP7c9HJXgs.roa (raw, json)
Hash identifier:          IacXix2BDIjEkQPNPI4VYo+B9iIlW0lt7mwy6fDl/ek=
Subject key identifier:   47:6F:D8:97:EA:AE:DD:A7:CC:9A:AE:A8:72:53:FB:73:D1:C9:5E:0B
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       0CDB
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/R2_Yl-qu3afMmq6oclP7c9HJXgs.roa
Signing time:             Tue 29 Sep 2020 09:53:53 +0000
ROA not before:           Tue 29 Sep 2020 09:53:53 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38841
IP address blocks:        118.233.236.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3291 (0xcdb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 09:53:53 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=476FD897EAAEDDA7CC9AAEA87253FB73D1C95E0B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1d:5e:5e:ef:cc:dd:6a:9d:08:aa:0e:e8:fd:
                    20:f6:3f:91:42:b4:61:fd:6d:c6:dc:58:0c:e4:69:
                    4c:9d:b9:5b:0f:ed:ae:9d:48:59:7e:76:e0:f0:14:
                    1e:d5:eb:0c:c7:54:2a:d9:61:18:27:00:bc:5c:82:
                    63:58:e4:72:c0:11:ef:f7:f9:dd:f2:c0:b7:0a:64:
                    4a:70:ae:18:1a:f6:e6:31:49:e3:0c:74:ed:16:bd:
                    a8:4a:75:91:35:08:9d:ec:4e:f5:29:fd:82:05:f7:
                    32:07:8b:2e:ec:6b:2b:16:c5:66:b9:70:5f:6e:2d:
                    66:c6:18:11:60:11:18:3c:16:4e:1a:b5:62:7f:f1:
                    b2:9e:49:fd:0f:20:85:00:47:00:fa:b6:13:d8:c2:
                    3e:8d:52:db:16:9e:f0:d8:02:ab:3f:d9:0b:94:8f:
                    29:6b:98:27:87:36:9e:ba:58:c4:a5:79:ed:bf:d3:
                    c0:14:83:4f:17:a2:e6:da:17:88:70:fd:45:dc:4c:
                    5e:e8:39:78:e4:67:11:8b:3c:34:53:37:43:85:e0:
                    6c:f5:6b:12:2f:1b:5e:ca:63:be:09:aa:a1:22:31:
                    1b:ec:e6:c4:fe:ff:c6:9a:4e:30:56:ec:5c:28:49:
                    60:6e:f8:15:6f:38:54:84:82:2c:8c:23:d7:88:2c:
                    18:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:6F:D8:97:EA:AE:DD:A7:CC:9A:AE:A8:72:53:FB:73:D1:C9:5E:0B
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/R2_Yl-qu3afMmq6oclP7c9HJXgs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.233.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:1d:ea:7c:67:c4:36:9f:83:f7:0f:8e:b8:35:43:5a:65:ca:
         22:7f:14:77:22:78:79:43:c0:9f:0f:28:66:6b:2a:c8:c9:ab:
         65:e5:48:1e:c6:ac:b0:44:74:d3:31:52:db:0e:81:2d:3a:8d:
         ac:b7:0e:3b:a0:6b:d0:b9:85:fe:a0:72:24:b4:3c:d2:66:d1:
         60:30:2e:e2:cb:6f:68:54:89:01:38:88:75:42:1b:28:4a:e5:
         a2:4c:45:cb:b6:7e:8d:cd:d5:4b:7b:cf:c9:74:12:3f:f1:56:
         e2:c0:33:cd:7a:e0:92:27:d8:0d:e3:8a:f6:50:6e:3d:71:23:
         c5:ea:b4:28:61:d6:dc:da:fe:32:25:2a:f6:fe:42:80:61:bc:
         7c:49:81:1c:c3:97:e8:42:11:0d:39:30:db:17:70:06:fb:62:
         dd:aa:95:d0:27:12:97:c4:91:e7:cd:8c:f1:ed:d2:ab:7e:43:
         c3:b1:dc:f1:6b:78:0d:5b:79:83:7e:9c:f2:d1:70:90:b3:6a:
         44:c1:6e:08:4b:f6:5f:99:f0:23:1d:ac:36:0b:70:4f:c9:ef:
         e3:fd:4a:c0:dc:1f:1f:ba:44:08:4c:86:aa:a9:d2:e5:ec:07:
         d4:51:74:0f:a4:09:80:4d:90:25:9d:96:45:bc:c8:8d:17:55:
         95:8a:1c:6c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMDA5Mjkw
OTUzNTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDQ3NkZEODk3RUFBRURE
QTdDQzlBQUVBODcyNTNGQjczRDFDOTVFMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGHV5e78zdap0Iqg7o/SD2P5FCtGH9bcbcWAzkaUyduVsP7a6d
SFl+duDwFB7V6wzHVCrZYRgnALxcgmNY5HLAEe/3+d3ywLcKZEpwrhga9uYxSeMM
dO0WvahKdZE1CJ3sTvUp/YIF9zIHiy7saysWxWa5cF9uLWbGGBFgERg8Fk4atWJ/
8bKeSf0PIIUARwD6thPYwj6NUtsWnvDYAqs/2QuUjylrmCeHNp66WMSlee2/08AU
g08XoubaF4hw/UXcTF7oOXjkZxGLPDRTN0OF4Gz1axIvG17KY74JqqEiMRvs5sT+
/8aaTjBW7FwoSWBu+BVvOFSEgiyMI9eILBgVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUR2/Yl+qu3afMmq6oclP7c9HJXgswHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1IyX1lsLXF1M2FmTW1xNm9j
bFA3YzlISlhncy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ2
6ewwDQYJKoZIhvcNAQELBQADggEBAHQd6nxnxDafg/cPjrg1Q1plyiJ/FHcieHlD
wJ8PKGZrKsjJq2XlSB7GrLBEdNMxUtsOgS06jay3Djuga9C5hf6gciS0PNJm0WAw
LuLLb2hUiQE4iHVCGyhK5aJMRcu2fo3N1Ut7z8l0Ej/xVuLAM8164JIn2A3jivZQ
bj1xI8XqtChh1tza/jIlKvb+QoBhvHxJgRzDl+hCEQ05MNsXcAb7Yt2qldAnEpfE
kefNjPHt0qt+Q8Ox3PFreA1beYN+nPLRcJCzakTBbghL9l+Z8CMdrDYLcE/J7+P9
SsDcHx+6RAhMhqqp0uXsB9RRdA+kCYBNkCWdlkW8yI0XVZWKHGw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:52 2024 by rpki-client on console-fra.rpki-client.org