Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/VU9LeZzIPFJtT3U2_PTaVvs-_zk.roa
File:                     VU9LeZzIPFJtT3U2_PTaVvs-_zk.roa (raw, json)
Hash identifier:          V+OvKLJGsv9VsXSplXWOGgeao3whlLIwCauvBVvZQwc=
Subject key identifier:   55:4F:4B:79:9C:C8:3C:52:6D:4F:75:36:FC:F4:DA:56:FB:3E:FF:39
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA0
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/VU9LeZzIPFJtT3U2_PTaVvs-_zk.roa
Signing time:             Thu 15 Sep 2022 02:45:36 +0000
ROA not before:           Thu 15 Sep 2022 02:45:36 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        123.194.168.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8096 (0x1fa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:45:36 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=554F4B799CC83C526D4F7536FCF4DA56FB3EFF39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ec:25:93:b0:21:64:52:ce:e5:b8:a1:97:7e:
                    19:74:84:ca:73:6a:ee:b8:38:57:6d:8d:71:bc:f4:
                    16:7f:a8:80:7b:42:19:9f:2d:c4:5c:55:33:60:9a:
                    17:6e:22:4b:ad:f6:76:8a:28:d5:c8:5f:4e:35:a2:
                    36:ee:59:62:1b:8b:36:8e:29:dc:dc:67:64:80:e6:
                    f2:51:3b:75:52:17:2c:85:f0:c9:8d:2b:ae:35:b1:
                    7e:ae:be:35:22:6f:e2:00:a6:fc:2c:41:f2:cf:43:
                    e2:7f:d6:52:b8:42:e8:d8:60:46:01:f3:e8:9c:40:
                    83:4d:c3:f6:fb:36:ff:4f:9a:3c:79:23:d9:18:e2:
                    e3:7c:5f:f8:e1:bc:c6:8e:a9:b1:70:9a:aa:b2:79:
                    c7:09:d8:ec:a6:61:c7:f3:d6:c4:65:22:d9:15:81:
                    7b:ec:00:21:cb:18:7f:9e:6d:56:4f:46:83:4c:25:
                    47:6b:dc:b7:30:ff:64:b2:51:0d:e0:32:1e:5c:7b:
                    0b:72:d2:34:74:ae:af:72:17:f8:0f:d8:cf:98:84:
                    43:4a:30:2c:5a:e8:15:69:e1:28:cb:88:43:2d:78:
                    e6:3e:a9:03:d1:0c:a0:c4:95:a2:c2:e8:f0:dd:6b:
                    51:26:87:21:f6:56:e1:9d:7a:a1:11:c9:d1:de:b5:
                    a1:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:4F:4B:79:9C:C8:3C:52:6D:4F:75:36:FC:F4:DA:56:FB:3E:FF:39
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/VU9LeZzIPFJtT3U2_PTaVvs-_zk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.194.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7f:31:39:dc:5d:e5:58:97:8d:26:4d:97:b9:c7:97:64:6e:5d:
         57:67:72:b6:39:0a:f9:98:3d:31:e6:a1:f7:ef:ed:7b:db:de:
         b1:04:ee:b9:80:38:fe:58:19:b8:ea:58:b9:02:c1:d2:dc:00:
         8c:f9:19:4c:b1:62:26:c7:64:52:fa:2e:96:5a:a8:7c:59:b7:
         81:1a:7c:ff:8e:9b:e7:91:f7:f6:00:26:d0:55:ba:5e:f5:d9:
         d2:01:96:fe:82:6f:d6:90:0e:33:2e:70:e7:21:9e:14:ef:58:
         73:5c:0e:92:24:49:69:42:b7:0e:19:a2:45:3d:c5:aa:47:72:
         1d:d1:6b:d7:a6:7c:c3:10:38:3e:e5:81:fa:b6:51:58:71:4a:
         f0:be:8a:cf:04:f9:b1:66:3f:c2:d2:a9:ba:6b:59:35:da:91:
         82:06:a4:c3:42:63:e5:bc:cb:cd:08:c3:d0:3c:56:2d:cc:aa:
         c7:06:01:e8:57:04:62:2f:c1:73:7b:50:46:a8:c7:16:45:39:
         b8:a7:60:12:61:16:a5:4a:53:0f:25:95:bd:5c:c9:c3:21:94:
         9e:0a:55:ad:ab:93:55:be:44:32:36:87:b5:a1:35:45:bb:f8:
         3b:00:c1:6d:25:d3:1e:c9:e7:48:9d:48:ac:26:e8:29:a7:d1:
         24:fb:6d:c2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjQ1MzZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDU1NEY0Qjc5OUNDODND
NTI2RDRGNzUzNkZDRjREQTU2RkIzRUZGMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ7CWTsCFkUs7luKGXfhl0hMpzau64OFdtjXG89BZ/qIB7Qhmf
LcRcVTNgmhduIkut9naKKNXIX041ojbuWWIbizaOKdzcZ2SA5vJRO3VSFyyF8MmN
K641sX6uvjUib+IApvwsQfLPQ+J/1lK4QujYYEYB8+icQINNw/b7Nv9Pmjx5I9kY
4uN8X/jhvMaOqbFwmqqyeccJ2OymYcfz1sRlItkVgXvsACHLGH+ebVZPRoNMJUdr
3Lcw/2SyUQ3gMh5cewty0jR0rq9yF/gP2M+YhENKMCxa6BVp4SjLiEMteOY+qQPR
DKDElaLC6PDda1EmhyH2VuGdeqERydHetaH3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVU9LeZzIPFJtT3U2/PTaVvs+/zkwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1ZVOUxlWnpJUEZKdFQzVTJf
UFRhVnZzLV96ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wqgwDQYJKoZIhvcNAQELBQADggEBAH8xOdxd5ViXjSZNl7nHl2RuXVdncrY5CvmY
PTHmoffv7Xvb3rEE7rmAOP5YGbjqWLkCwdLcAIz5GUyxYibHZFL6LpZaqHxZt4Ea
fP+Om+eR9/YAJtBVul712dIBlv6Cb9aQDjMucOchnhTvWHNcDpIkSWlCtw4ZokU9
xapHch3Ra9emfMMQOD7lgfq2UVhxSvC+is8E+bFmP8LSqbprWTXakYIGpMNCY+W8
y80Iw9A8Vi3MqscGAehXBGIvwXN7UEaoxxZFObinYBJhFqVKUw8llb1cycMhlJ4K
Va2rk1W+RDI2h7WhNUW7+DsAwW0l0x7J50idSKwm6Cmn0ST7bcI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-fra.rpki-client.org