Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/RaZBwvgxcIsHXNwZKZ1_2fNWMCs.roa
File:                     RaZBwvgxcIsHXNwZKZ1_2fNWMCs.roa (raw, json)
Hash identifier:          catfv+yHmaxNi0pUf82CN0ZqQf+nQfmeT45iMji4cyU=
Subject key identifier:   45:A6:41:C2:F8:31:70:8B:07:5C:DC:19:29:9D:7F:D9:F3:56:30:2B
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA0
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/RaZBwvgxcIsHXNwZKZ1_2fNWMCs.roa
Signing time:             Thu 15 Sep 2022 02:45:24 +0000
ROA not before:           Thu 15 Sep 2022 02:45:24 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        211.76.113.128/25 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8096 (0x1fa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:45:24 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=45A641C2F831708B075CDC19299D7FD9F356302B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e3:8c:93:5d:35:53:a2:83:d4:6f:69:6f:7c:
                    9d:b4:17:87:00:ec:ee:2a:31:74:8e:18:e1:cb:17:
                    4f:5d:7a:1d:1c:db:3f:31:78:65:e4:e0:4b:8c:67:
                    7d:92:df:2b:3c:f8:5d:57:01:90:28:80:7a:bb:9e:
                    07:6f:33:ed:89:4b:78:fc:a9:9e:b9:44:9f:b9:67:
                    b8:4e:10:67:75:a9:3a:89:da:21:24:0a:20:77:bf:
                    f3:59:62:91:e5:99:94:a5:ec:3b:44:f2:81:78:f4:
                    9f:92:2b:c2:e9:26:ee:b5:a7:27:68:d7:99:78:3e:
                    48:7a:92:df:70:75:9f:e8:29:16:39:0e:7c:fb:0c:
                    af:5f:51:0f:39:29:45:5a:95:fe:80:38:2c:58:ae:
                    ce:d8:d9:e7:eb:55:0a:76:fd:57:2a:78:07:ce:f7:
                    23:01:eb:b2:72:5a:4b:73:b3:7d:25:94:8c:c7:76:
                    ea:45:30:e1:c9:71:b9:d1:8f:62:14:79:53:c9:5f:
                    bc:7e:d3:87:53:d0:d2:11:1a:a6:73:2b:bf:17:0a:
                    5b:f1:e6:e6:d2:72:76:ca:6c:16:f7:d7:b2:1a:9f:
                    fa:c7:9e:23:05:14:af:3d:a0:c9:3d:22:fa:5f:cc:
                    4b:2a:a4:23:65:e4:10:6b:df:4c:b2:cd:a3:5a:a4:
                    c1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:A6:41:C2:F8:31:70:8B:07:5C:DC:19:29:9D:7F:D9:F3:56:30:2B
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/RaZBwvgxcIsHXNwZKZ1_2fNWMCs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.76.113.128/25

    Signature Algorithm: sha256WithRSAEncryption
         93:5e:a1:3c:de:5e:16:12:91:10:8f:c4:36:0c:df:95:fd:38:
         b9:e9:df:ea:2c:86:a3:03:92:9b:ed:44:89:00:18:ff:4a:4a:
         90:c4:01:9d:cb:bf:af:d1:78:01:ee:c0:43:14:84:08:34:92:
         2d:f2:26:ab:8d:f2:e8:49:21:d3:71:09:06:bc:e9:94:9e:9c:
         82:d2:f5:ff:db:50:21:ff:3a:30:5e:80:02:e2:1f:b8:de:67:
         64:f2:b6:73:eb:82:9d:7b:46:e4:8e:f8:3e:2c:82:c3:b3:5f:
         bc:53:fd:bf:ac:f5:20:16:78:8c:96:3a:32:80:0f:66:3a:af:
         d7:6d:37:ab:eb:50:07:cc:e8:87:44:63:40:cd:27:64:e6:f1:
         54:4f:62:7b:33:91:7f:2c:fe:1a:85:45:96:c9:cc:21:da:50:
         cd:f0:18:3b:e0:af:7b:1c:bf:f9:e1:b1:13:ea:d9:00:ee:9a:
         dc:bf:84:2b:02:1a:ca:71:0c:28:d6:4d:fe:f7:76:60:2f:e2:
         a2:b1:0b:f1:57:b0:8c:06:d6:0e:5b:59:b7:35:0c:ed:83:9e:
         0e:6c:7d:31:22:eb:07:42:ca:ce:24:93:05:a7:c4:9b:75:72:
         f9:7a:6b:4d:29:71:76:48:2d:ec:46:66:b6:8b:2e:54:6e:f1:
         be:d1:02:36
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICH6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjQ1MjRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQ1QTY0MUMyRjgzMTcw
OEIwNzVDREMxOTI5OUQ3RkQ5RjM1NjMwMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv44yTXTVTooPUb2lvfJ20F4cA7O4qMXSOGOHLF09deh0c2z8x
eGXk4EuMZ32S3ys8+F1XAZAogHq7ngdvM+2JS3j8qZ65RJ+5Z7hOEGd1qTqJ2iEk
CiB3v/NZYpHlmZSl7DtE8oF49J+SK8LpJu61pydo15l4Pkh6kt9wdZ/oKRY5Dnz7
DK9fUQ85KUValf6AOCxYrs7Y2efrVQp2/VcqeAfO9yMB67JyWktzs30llIzHdupF
MOHJcbnRj2IUeVPJX7x+04dT0NIRGqZzK78XClvx5ubScnbKbBb317Ian/rHniMF
FK89oMk9IvpfzEsqpCNl5BBr30yyzaNapMFbAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQURaZBwvgxcIsHXNwZKZ1/2fNWMCswHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1JhWkJ3dmd4Y0lzSFhOd1pL
WjFfMmZOV01Dcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQfT
THGAMA0GCSqGSIb3DQEBCwUAA4IBAQCTXqE83l4WEpEQj8Q2DN+V/Ti56d/qLIaj
A5Kb7USJABj/SkqQxAGdy7+v0XgB7sBDFIQINJIt8iarjfLoSSHTcQkGvOmUnpyC
0vX/21Ah/zowXoAC4h+43mdk8rZz64Kde0bkjvg+LILDs1+8U/2/rPUgFniMljoy
gA9mOq/XbTer61AHzOiHRGNAzSdk5vFUT2J7M5F/LP4ahUWWycwh2lDN8Bg74K97
HL/54bET6tkA7prcv4QrAhrKcQwo1k3+93ZgL+KisQvxV7CMBtYOW1m3NQztg54O
bH0xIusHQsrOJJMFp8SbdXL5emtNKXF2SC3sRma2iy5UbvG+0QI2
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:31 2024 by rpki-client on console-ams.rpki-client.org