Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/agotxlXp-iMxSpIZ_i66N451J1w.roa
File:                     agotxlXp-iMxSpIZ_i66N451J1w.roa (raw, json)
Hash identifier:          xODBpvk6YakzUIQSAUDOJzrbdNNthn9L+/9RQxSwX9A=
Subject key identifier:   6A:0A:2D:C6:55:E9:FA:23:31:4A:92:19:FE:2E:BA:37:8E:75:27:5C
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       0CF8
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/agotxlXp-iMxSpIZ_i66N451J1w.roa
Signing time:             Tue 29 Sep 2020 09:54:01 +0000
ROA not before:           Tue 29 Sep 2020 09:54:01 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38841
IP address blocks:        118.232.232.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3320 (0xcf8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 09:54:01 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=6A0A2DC655E9FA23314A9219FE2EBA378E75275C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:50:f1:e3:e2:08:60:46:9a:f4:6d:1d:6d:b4:
                    8f:a8:28:0d:35:70:a5:76:1f:19:1a:ae:7d:cc:9e:
                    01:be:c2:b3:e2:53:7d:85:a8:93:0e:1c:1f:87:cc:
                    bd:ef:08:76:49:a2:01:06:4d:67:b8:01:3b:51:97:
                    bd:2c:38:4a:04:85:50:08:a2:2d:6c:15:0f:56:97:
                    b0:98:8c:df:91:90:f3:36:4a:5c:9c:7d:aa:c0:82:
                    36:06:e3:8b:06:ac:78:f2:c5:fd:36:a1:88:b3:73:
                    c2:b8:19:bb:16:8e:40:d3:0f:14:39:6f:d9:74:82:
                    47:ce:1f:80:40:26:90:c8:59:0c:03:c0:b7:31:9a:
                    96:b7:be:ca:4b:21:28:58:0c:36:1f:3e:bb:fd:8e:
                    ce:1b:d8:f3:c5:a9:1b:61:23:07:20:57:73:0f:19:
                    0a:6c:aa:e9:c0:79:e4:18:70:9a:4b:5e:53:21:86:
                    b2:d9:56:2c:ad:1e:4e:41:b4:5b:95:51:25:74:40:
                    dc:6c:8e:b2:be:48:88:5c:18:85:0a:cf:04:03:2e:
                    13:7a:67:0a:eb:15:50:c9:78:b8:5e:04:26:ca:20:
                    a7:7a:9f:86:39:5e:c5:63:28:9f:7b:aa:23:6e:e9:
                    e7:73:f7:76:82:3e:56:e6:8d:8f:4b:b0:30:3b:4f:
                    ce:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:0A:2D:C6:55:E9:FA:23:31:4A:92:19:FE:2E:BA:37:8E:75:27:5C
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/agotxlXp-iMxSpIZ_i66N451J1w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.232.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         04:34:03:f7:d0:be:e3:22:b7:fc:59:91:f7:27:3f:46:65:a1:
         ba:d6:80:85:0c:95:00:c3:e9:2a:27:70:ec:f0:17:cb:7e:67:
         fb:d4:5a:9e:4f:7c:be:05:dd:e4:a2:de:2f:73:33:45:80:67:
         87:46:8e:56:8b:bd:d5:fd:4b:44:8a:95:d3:9c:8a:71:b3:ea:
         0b:1e:b3:b6:ca:0d:21:e7:b1:f6:37:00:76:a1:49:a4:18:44:
         25:df:de:bd:e9:66:af:df:cd:f6:19:22:ed:31:65:e5:ea:c2:
         17:0f:2e:fe:8e:10:c1:09:78:4d:20:bf:14:02:f9:3d:8f:9c:
         97:e6:ef:95:79:1f:b1:06:3b:9c:39:50:cc:a4:0b:b0:60:bc:
         c7:ce:e3:78:18:00:90:ba:13:cc:51:ba:dd:19:08:41:70:75:
         25:93:32:e0:28:fa:fb:92:6a:cf:bf:d0:8e:df:5a:b4:50:61:
         59:0f:01:3d:7e:bf:a6:e7:e7:9a:05:f9:c8:8a:f0:05:bd:54:
         5f:fd:ab:f9:16:75:0d:f1:9f:00:e4:33:72:ea:3a:fa:62:48:
         94:65:52:31:b9:01:6d:da:6a:c2:63:9c:48:2f:14:95:ea:cf:
         1d:76:38:de:56:64:0c:c5:ea:4f:7a:87:0e:a1:51:42:40:5f:
         69:f1:84:15
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMDA5Mjkw
OTU0MDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZBMEEyREM2NTVFOUZB
MjMzMTRBOTIxOUZFMkVCQTM3OEU3NTI3NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWUPHj4ghgRpr0bR1ttI+oKA01cKV2Hxkarn3MngG+wrPiU32F
qJMOHB+HzL3vCHZJogEGTWe4ATtRl70sOEoEhVAIoi1sFQ9Wl7CYjN+RkPM2Slyc
farAgjYG44sGrHjyxf02oYizc8K4GbsWjkDTDxQ5b9l0gkfOH4BAJpDIWQwDwLcx
mpa3vspLIShYDDYfPrv9js4b2PPFqRthIwcgV3MPGQpsqunAeeQYcJpLXlMhhrLZ
ViytHk5BtFuVUSV0QNxsjrK+SIhcGIUKzwQDLhN6ZwrrFVDJeLheBCbKIKd6n4Y5
XsVjKJ97qiNu6edz93aCPlbmjY9LsDA7T87rAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUagotxlXp+iMxSpIZ/i66N451J1wwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2Fnb3R4bFhwLWlNeFNwSVpf
aTY2TjQ1MUoxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6OgwDQYJKoZIhvcNAQELBQADggEBAAQ0A/fQvuMit/xZkfcnP0ZlobrWgIUMlQDD
6SoncOzwF8t+Z/vUWp5PfL4F3eSi3i9zM0WAZ4dGjlaLvdX9S0SKldOcinGz6gse
s7bKDSHnsfY3AHahSaQYRCXf3r3pZq/fzfYZIu0xZeXqwhcPLv6OEMEJeE0gvxQC
+T2PnJfm75V5H7EGO5w5UMykC7BgvMfO43gYAJC6E8xRut0ZCEFwdSWTMuAo+vuS
as+/0I7fWrRQYVkPAT1+v6bn55oF+ciK8AW9VF/9q/kWdQ3xnwDkM3LqOvpiSJRl
UjG5AW3aasJjnEgvFJXqzx12ON5WZAzF6k96hw6hUUJAX2nxhBU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-fra.rpki-client.org