Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hz0by6QcfXtDIPvrvcbs7tzOy8o.roa
File:                     hz0by6QcfXtDIPvrvcbs7tzOy8o.roa (raw, json)
Hash identifier:          uQ09J3keB5yOSLYuWaRTyzTGbH8kW8euKaFpjfW2gPo=
Subject key identifier:   87:3D:1B:CB:A4:1C:7D:7B:43:20:FB:EB:BD:C6:EC:EE:DC:CE:CB:CA
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1645
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hz0by6QcfXtDIPvrvcbs7tzOy8o.roa
Signing time:             Sun 07 Feb 2021 12:09:22 +0000
ROA not before:           Sun 07 Feb 2021 12:09:22 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38841
IP address blocks:        106.1.222.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5701 (0x1645)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Feb  7 12:09:22 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=873D1BCBA41C7D7B4320FBEBBDC6ECEEDCCECBCA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d9:25:63:3d:1f:08:79:2b:5e:2c:ff:b5:84:
                    47:46:da:bd:f0:8f:cb:ac:87:58:fa:58:bd:2e:9d:
                    6b:b6:42:a5:54:3a:98:9a:f0:bf:12:47:97:62:34:
                    94:c0:fc:70:ce:4a:48:be:d7:bd:dd:77:1c:9e:28:
                    a8:4b:c7:01:96:33:5c:a9:1f:d0:eb:fd:0b:7d:12:
                    fe:3a:82:04:01:b6:d8:41:1e:4a:74:e3:87:34:93:
                    e3:40:08:6c:e1:51:d0:c8:25:3b:b9:5c:76:70:18:
                    f5:55:15:d0:40:4a:81:f5:62:6d:7d:28:ab:24:14:
                    5c:f1:e6:a5:2e:2a:33:2d:a0:8b:61:97:63:98:d7:
                    6e:51:df:d6:d9:f7:55:ec:0b:2e:70:ef:0d:3e:bd:
                    e6:09:c4:86:f2:01:8f:24:ed:a9:3a:f3:4e:f7:f7:
                    fd:fe:1c:fe:17:95:76:3b:d1:37:fa:aa:ac:81:91:
                    18:dc:b4:01:23:b6:cd:de:8e:94:f1:e3:43:92:ab:
                    b0:ef:b3:61:c8:c7:72:9b:29:28:9a:06:ec:2f:28:
                    e4:c6:ee:2a:83:e5:5a:eb:64:fc:f9:29:2c:a1:3f:
                    3b:76:13:88:76:50:a3:f4:c7:92:39:01:29:58:be:
                    e9:aa:55:3e:29:5e:39:32:0f:8e:31:31:cb:68:71:
                    13:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:3D:1B:CB:A4:1C:7D:7B:43:20:FB:EB:BD:C6:EC:EE:DC:CE:CB:CA
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hz0by6QcfXtDIPvrvcbs7tzOy8o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.1.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:43:a1:27:60:eb:73:3e:6e:8b:7e:9a:55:ee:58:2a:ad:d0:
         27:d7:c8:bd:51:b3:65:72:86:89:c5:9f:4b:86:de:9b:90:78:
         dd:a5:d9:b5:e5:bd:f0:8a:ca:62:e3:4b:75:90:dd:e8:32:e2:
         94:8d:4a:15:3f:f7:54:9c:bd:c7:08:99:23:d4:cf:5d:41:2d:
         79:98:25:73:aa:6f:66:21:44:da:44:01:d1:48:ce:52:99:ea:
         88:82:cc:52:93:c9:96:b3:91:41:8f:68:e8:ae:10:ba:42:0d:
         0f:5a:ac:0b:7b:74:20:48:be:17:62:de:37:d5:fa:b1:2e:61:
         79:f7:ef:3d:0d:76:89:66:59:9d:05:80:2d:2f:30:db:24:c1:
         c4:b2:b2:8f:6b:61:57:01:3c:7a:e5:2a:41:23:bf:77:56:66:
         a4:e9:38:e5:f2:05:50:48:e5:7e:72:b6:98:5d:24:f4:70:40:
         15:38:b4:18:89:b0:d5:84:36:bd:6c:e7:6b:84:c9:af:32:95:
         75:3b:11:be:94:a7:13:06:b5:2a:1a:ae:d4:15:5b:ee:ce:3f:
         b0:e0:b0:b0:d4:7c:21:3e:ea:40:ca:68:a2:df:6a:a3:4e:0d:
         fb:1a:8e:dc:7f:50:7a:43:6f:b4:87:d9:75:08:00:32:b6:d1:
         9d:4b:bc:65
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTAyMDcx
MjA5MjJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg3M0QxQkNCQTQxQzdE
N0I0MzIwRkJFQkJEQzZFQ0VFRENDRUNCQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD2SVjPR8IeSteLP+1hEdG2r3wj8ush1j6WL0unWu2QqVUOpia
8L8SR5diNJTA/HDOSki+173ddxyeKKhLxwGWM1ypH9Dr/Qt9Ev46ggQBtthBHkp0
44c0k+NACGzhUdDIJTu5XHZwGPVVFdBASoH1Ym19KKskFFzx5qUuKjMtoIthl2OY
125R39bZ91XsCy5w7w0+veYJxIbyAY8k7ak680739/3+HP4XlXY70Tf6qqyBkRjc
tAEjts3ejpTx40OSq7Dvs2HIx3KbKSiaBuwvKOTG7iqD5VrrZPz5KSyhPzt2E4h2
UKP0x5I5ASlYvumqVT4pXjkyD44xMctocRN/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhz0by6QcfXtDIPvrvcbs7tzOy8owHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2h6MGJ5NlFjZlh0RElQdnJ2
Y2JzN3R6T3k4by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABq
Ad4wDQYJKoZIhvcNAQELBQADggEBAFdDoSdg63M+bot+mlXuWCqt0CfXyL1Rs2Vy
honFn0uG3puQeN2l2bXlvfCKymLjS3WQ3egy4pSNShU/91ScvccImSPUz11BLXmY
JXOqb2YhRNpEAdFIzlKZ6oiCzFKTyZazkUGPaOiuELpCDQ9arAt7dCBIvhdi3jfV
+rEuYXn37z0NdolmWZ0FgC0vMNskwcSyso9rYVcBPHrlKkEjv3dWZqTpOOXyBVBI
5X5ytphdJPRwQBU4tBiJsNWENr1s52uEya8ylXU7Eb6UpxMGtSoartQVW+7OP7Dg
sLDUfCE+6kDKaKLfaqNODfsajtx/UHpDb7SH2XUIADK20Z1LvGU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-fra.rpki-client.org