Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/om1ffX8gC5idIvC_Z-T51aC_hf4.roa
File:                     om1ffX8gC5idIvC_Z-T51aC_hf4.roa (raw, json)
Hash identifier:          +o9Wk9+FDAWSUKqstX14CDRbwK0m//SrjsRDCf0MMzg=
Subject key identifier:   A2:6D:5F:7D:7F:20:0B:98:9D:22:F0:BF:67:E4:F9:D5:A0:BF:85:FE
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       14F5
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/om1ffX8gC5idIvC_Z-T51aC_hf4.roa
Signing time:             Sun 07 Feb 2021 12:00:49 +0000
ROA not before:           Sun 07 Feb 2021 12:00:49 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38841
IP address blocks:        118.233.254.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5365 (0x14f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Feb  7 12:00:49 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=A26D5F7D7F200B989D22F0BF67E4F9D5A0BF85FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:9a:b2:98:58:8d:71:9d:f4:31:fd:fc:c0:9a:
                    0e:89:71:cc:4e:ed:2a:66:0a:1f:1d:57:ea:7a:e4:
                    d2:dd:a5:b0:5f:69:6d:41:7c:e0:ec:dc:88:d8:46:
                    ea:62:9b:f3:2e:6c:a8:79:67:68:78:6f:07:5b:7c:
                    71:13:a8:3e:8d:7c:df:1e:7a:b6:47:86:f5:24:af:
                    19:b0:28:70:c1:6b:89:9e:97:a6:78:6e:eb:30:90:
                    e1:e0:46:b8:8d:10:64:fb:70:c4:00:db:8f:d2:7b:
                    17:4a:8d:91:4f:1b:97:d2:6d:2c:12:4d:aa:0a:90:
                    dc:c1:5a:ce:7f:3d:d2:db:fe:10:27:51:75:d9:1d:
                    85:56:11:23:2c:ff:4c:a3:1c:aa:c1:f2:c5:18:7b:
                    04:74:eb:4d:e4:0d:12:0a:ed:23:b8:bf:d9:0e:71:
                    ca:9a:61:66:59:33:f6:e0:49:f9:f4:0f:e9:08:07:
                    90:6c:8c:18:70:d8:96:e4:4a:af:d5:ae:64:d3:51:
                    23:05:d4:de:6c:aa:b9:52:ff:d3:63:36:8b:13:18:
                    a7:b5:80:5e:a3:1f:7f:bf:7e:79:f5:73:4c:2a:59:
                    ce:e5:64:3a:02:c0:05:8c:44:5c:8f:33:b7:cb:83:
                    65:03:d6:fb:4a:5d:c2:a0:98:30:ac:b9:7f:3c:c5:
                    f4:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:6D:5F:7D:7F:20:0B:98:9D:22:F0:BF:67:E4:F9:D5:A0:BF:85:FE
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/om1ffX8gC5idIvC_Z-T51aC_hf4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.233.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:34:af:97:8f:df:1d:97:99:68:67:65:9a:f8:9d:bb:1d:68:
         b6:5e:9d:88:5c:6e:e6:ed:e0:73:fd:22:a5:e5:cd:4b:4a:e7:
         67:e8:57:74:61:04:87:e7:ab:7b:f9:fb:9d:ed:e2:15:35:2a:
         19:05:08:91:0b:34:4f:79:a3:76:39:88:a3:5f:68:45:de:8c:
         f7:38:6f:8c:08:99:a8:45:ab:f8:da:48:b4:cb:e6:38:76:87:
         b6:53:df:19:5a:ba:6c:ce:1d:9d:45:a1:c3:be:88:64:4f:85:
         02:a6:33:e6:0f:37:8c:35:bf:7b:9f:fb:17:3a:f4:09:d3:85:
         54:23:fb:ff:54:72:e3:91:8c:ab:a7:09:05:8c:3f:ce:93:03:
         dc:de:2f:c6:ea:aa:38:59:d8:e9:4f:4e:03:59:00:15:f6:2a:
         99:b9:b5:3c:c2:76:8d:bf:9e:33:a0:48:2a:ae:d3:fe:39:7e:
         76:20:2f:fc:4d:f2:25:3f:b5:42:88:3a:87:c1:cb:9b:ae:a5:
         28:52:7c:73:67:f3:db:0c:01:25:b1:53:0c:68:ef:9a:b4:86:
         8d:f4:67:35:8e:88:9c:48:c7:04:7e:9c:2c:5d:5f:dd:a6:2d:
         3b:3b:d0:02:db:24:e7:a1:1f:fc:28:7c:0c:ee:37:09:fb:1c:
         95:14:2e:25
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTAyMDcx
MjAwNDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEEyNkQ1RjdEN0YyMDBC
OTg5RDIyRjBCRjY3RTRGOUQ1QTBCRjg1RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWmrKYWI1xnfQx/fzAmg6JccxO7SpmCh8dV+p65NLdpbBfaW1B
fODs3IjYRupim/MubKh5Z2h4bwdbfHETqD6NfN8eerZHhvUkrxmwKHDBa4mel6Z4
buswkOHgRriNEGT7cMQA24/SexdKjZFPG5fSbSwSTaoKkNzBWs5/PdLb/hAnUXXZ
HYVWESMs/0yjHKrB8sUYewR0603kDRIK7SO4v9kOccqaYWZZM/bgSfn0D+kIB5Bs
jBhw2JbkSq/VrmTTUSMF1N5sqrlS/9NjNosTGKe1gF6jH3+/fnn1c0wqWc7lZDoC
wAWMRFyPM7fLg2UD1vtKXcKgmDCsuX88xfQBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUom1ffX8gC5idIvC/Z+T51aC/hf4wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL29tMWZmWDhnQzVpZEl2Q19a
LVQ1MWFDX2hmNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAF2
6f4wDQYJKoZIhvcNAQELBQADggEBABc0r5eP3x2XmWhnZZr4nbsdaLZenYhcbubt
4HP9IqXlzUtK52foV3RhBIfnq3v5+53t4hU1KhkFCJELNE95o3Y5iKNfaEXejPc4
b4wImahFq/jaSLTL5jh2h7ZT3xlaumzOHZ1FocO+iGRPhQKmM+YPN4w1v3uf+xc6
9AnThVQj+/9UcuORjKunCQWMP86TA9zeL8bqqjhZ2OlPTgNZABX2Kpm5tTzCdo2/
njOgSCqu0/45fnYgL/xN8iU/tUKIOofBy5uupShSfHNn89sMASWxUwxo75q0ho30
ZzWOiJxIxwR+nCxdX92mLTs70ALbJOehH/wofAzuNwn7HJUULiU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-fra.rpki-client.org