Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h60ltdG0k5H4tGOMYgMkggHgT-4.roa
File:                     h60ltdG0k5H4tGOMYgMkggHgT-4.roa (raw, json)
Hash identifier:          IZaPCgFOa/ml9NSNuIC+YP9egdz29yJ5FAx38t3NJwo=
Subject key identifier:   87:AD:25:B5:D1:B4:93:91:F8:B4:63:8C:62:03:24:82:01:E0:4F:EE
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1ADF
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h60ltdG0k5H4tGOMYgMkggHgT-4.roa
Signing time:             Wed 29 Sep 2021 02:45:51 +0000
ROA not before:           Wed 29 Sep 2021 02:45:51 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        123.194.156.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6879 (0x1adf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:45:51 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=87AD25B5D1B49391F8B4638C6203248201E04FEE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:35:5c:40:f8:91:9b:b2:59:45:11:d6:a0:64:
                    de:dc:c6:14:2e:67:ca:5c:c5:80:80:ca:c0:34:23:
                    64:88:a5:21:f3:dd:06:b4:45:45:05:9f:8a:86:09:
                    a9:df:38:ef:5a:4c:7a:a7:9e:74:73:44:20:4d:66:
                    28:6d:e7:bd:51:e3:d6:d7:45:5b:c4:66:76:71:94:
                    74:c8:ae:dd:94:8d:cf:fa:d4:92:d9:9e:4e:a7:d0:
                    1f:76:2b:42:77:35:38:e6:d4:01:0f:dd:6a:21:d0:
                    76:24:da:f6:bb:ed:e0:bb:b1:c8:be:e6:1b:cd:b8:
                    2f:7b:f9:f2:81:36:7d:47:92:79:53:74:71:d7:65:
                    16:b5:d2:49:1d:35:71:5d:64:c1:5e:27:d0:04:42:
                    7c:88:9e:1f:19:d7:da:60:82:36:cf:c5:5f:eb:7d:
                    0a:42:cc:05:17:47:4c:65:9b:2a:c1:1e:04:50:6f:
                    21:28:a6:5d:e6:4f:b7:1c:55:cf:30:9f:fc:12:a1:
                    05:77:5f:e0:d2:82:67:75:d7:cb:f8:1a:1c:ad:43:
                    49:c2:ca:1e:35:d5:1e:5c:32:33:22:60:02:22:78:
                    5c:a7:2b:b9:c5:ee:a5:a4:f4:b3:c4:4d:e3:eb:8d:
                    0b:dc:dc:66:71:00:f8:5a:10:bb:b0:5a:7e:87:ec:
                    b7:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:AD:25:B5:D1:B4:93:91:F8:B4:63:8C:62:03:24:82:01:E0:4F:EE
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h60ltdG0k5H4tGOMYgMkggHgT-4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.194.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:50:50:5e:9c:6b:ac:f0:ef:cc:23:b8:67:d7:81:0c:6d:27:
         c5:8f:32:c1:70:46:e7:56:b1:ef:95:3a:90:97:fb:2d:b8:6f:
         90:d5:6b:6f:6d:2a:d8:37:98:9a:b7:f5:b9:7c:3e:17:1b:cc:
         a3:e2:de:2f:18:0b:16:41:c1:8a:22:41:d1:2e:8e:bd:43:dc:
         07:40:6e:7e:6f:f3:25:17:26:f9:6e:94:46:0e:01:2b:8d:69:
         c4:07:a1:44:cb:31:05:ae:7a:d4:fe:88:d6:e9:10:f7:8a:01:
         14:27:65:65:6b:81:c5:fa:e9:7e:ad:11:fc:ec:fd:13:2c:6f:
         86:97:c5:3c:bf:ba:39:b9:91:59:e5:ad:9f:2d:f9:39:17:51:
         2d:a9:fa:16:40:e3:25:1f:c9:ea:69:1b:b8:70:9a:a8:c2:dc:
         53:63:72:eb:ae:66:6f:f3:46:f8:98:61:92:92:8d:df:f5:e1:
         be:37:88:2e:d8:86:7a:f2:4e:d3:8f:18:59:3a:79:b1:25:34:
         08:98:6f:ac:9b:03:e2:49:fb:8b:bc:df:f7:bf:f9:c2:ed:65:
         53:9f:6e:2b:ce:3a:3a:69:42:18:80:e4:b6:d6:a5:e8:9a:7b:
         2d:82:af:ef:b1:7c:30:1d:f0:53:2f:0a:02:fa:a9:ba:ab:11:
         e1:95:55:97
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ1NTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg3QUQyNUI1RDFCNDkz
OTFGOEI0NjM4QzYyMDMyNDgyMDFFMDRGRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsNVxA+JGbsllFEdagZN7cxhQuZ8pcxYCAysA0I2SIpSHz3Qa0
RUUFn4qGCanfOO9aTHqnnnRzRCBNZiht571R49bXRVvEZnZxlHTIrt2Ujc/61JLZ
nk6n0B92K0J3NTjm1AEP3Woh0HYk2va77eC7sci+5hvNuC97+fKBNn1HknlTdHHX
ZRa10kkdNXFdZMFeJ9AEQnyInh8Z19pggjbPxV/rfQpCzAUXR0xlmyrBHgRQbyEo
pl3mT7ccVc8wn/wSoQV3X+DSgmd118v4GhytQ0nCyh411R5cMjMiYAIieFynK7nF
7qWk9LPETePrjQvc3GZxAPhaELuwWn6H7Le9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUh60ltdG0k5H4tGOMYgMkggHgT+4wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2g2MGx0ZEcwazVINHRHT01Z
Z01rZ2dIZ1QtNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7
wpwwDQYJKoZIhvcNAQELBQADggEBAIhQUF6ca6zw78wjuGfXgQxtJ8WPMsFwRudW
se+VOpCX+y24b5DVa29tKtg3mJq39bl8PhcbzKPi3i8YCxZBwYoiQdEujr1D3AdA
bn5v8yUXJvlulEYOASuNacQHoUTLMQWuetT+iNbpEPeKARQnZWVrgcX66X6tEfzs
/RMsb4aXxTy/ujm5kVnlrZ8t+TkXUS2p+hZA4yUfyeppG7hwmqjC3FNjcuuuZm/z
RviYYZKSjd/14b43iC7YhnryTtOPGFk6ebElNAiYb6ybA+JJ+4u83/e/+cLtZVOf
bivOOjppQhiA5LbWpeiaey2Cr++xfDAd8FMvCgL6qbqrEeGVVZc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-fra.rpki-client.org