Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/onWWlhTKNdiZcJbHkrKXPsWK1yI.roa
File:                     onWWlhTKNdiZcJbHkrKXPsWK1yI.roa (raw, json)
Hash identifier:          NOefw7Q/T9XffdgQsR08DLF8I4ge/GetWGo0hvLnr3U=
Subject key identifier:   A2:75:96:96:14:CA:35:D8:99:70:96:C7:92:B2:97:3E:C5:8A:D7:22
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1C29
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/onWWlhTKNdiZcJbHkrKXPsWK1yI.roa
Signing time:             Wed 29 Sep 2021 02:47:25 +0000
ROA not before:           Wed 29 Sep 2021 02:47:25 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        118.233.200.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7209 (0x1c29)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:47:25 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=A275969614CA35D8997096C792B2973EC58AD722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:69:65:dd:dc:fd:30:6f:1c:a2:4f:31:ca:47:
                    db:ea:d3:98:43:79:04:42:6e:74:2f:a8:5a:f6:9c:
                    5b:fc:b3:3f:f1:e8:4f:18:a0:86:d4:d2:31:a3:d9:
                    2f:b9:07:62:e9:0b:69:9a:ee:0b:eb:89:0b:c9:8a:
                    fc:17:b9:3e:3b:ba:3c:9d:f4:66:b7:7d:1e:70:4a:
                    ab:96:6e:2d:fb:dc:8d:c0:f4:92:85:62:cb:c5:6c:
                    9c:20:e4:64:40:0c:17:98:69:28:3e:f5:83:b7:d0:
                    e1:5c:91:d4:25:ce:ad:5b:b1:29:8c:27:62:12:58:
                    dd:4a:07:c7:c8:49:ee:66:be:f0:f1:af:a5:88:af:
                    f9:1b:dd:39:91:1c:23:8a:2f:f9:ab:00:36:ad:c3:
                    39:ae:65:71:87:27:85:3f:67:ad:10:b0:0a:7a:e3:
                    3a:4b:2b:51:fa:ec:95:87:90:7b:a4:5f:b6:cd:2e:
                    1b:ba:28:c4:9a:61:f3:2b:87:95:b1:75:35:35:94:
                    12:a0:dd:7a:26:79:bd:d5:54:f0:a5:9e:1c:d5:eb:
                    42:3e:28:c7:b2:7f:ba:2c:47:99:6a:1f:a1:57:b8:
                    cc:42:76:fe:fa:e1:22:36:56:5c:0c:53:03:1b:50:
                    e3:8b:98:22:37:96:8e:e0:25:dd:d6:3b:41:77:1f:
                    46:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:75:96:96:14:CA:35:D8:99:70:96:C7:92:B2:97:3E:C5:8A:D7:22
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/onWWlhTKNdiZcJbHkrKXPsWK1yI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.233.200.0/21

    Signature Algorithm: sha256WithRSAEncryption
         42:98:6b:cc:c3:4f:ed:88:b2:ca:61:db:ae:84:1b:51:91:e6:
         3b:ef:5e:76:57:c0:ea:4b:10:f5:a4:2b:3c:37:3b:1f:6d:10:
         04:f6:4d:27:cc:5b:75:46:5d:62:39:bd:0b:e4:89:f3:32:b0:
         41:9a:96:7b:a3:2f:84:45:ed:0f:e0:b1:97:16:27:9a:d8:e6:
         b6:35:b9:e6:96:16:66:1a:b5:3e:f6:35:63:f8:a5:92:70:a5:
         e5:ee:77:93:56:c6:88:84:f0:f3:40:a8:3d:f8:5b:a9:4a:a4:
         3d:9d:2f:9e:d9:92:80:3f:99:b2:bc:96:f3:b2:f4:0f:af:52:
         1d:da:dd:e7:07:76:7b:7e:04:b8:e6:b3:98:23:b7:28:8b:ee:
         a8:ff:6e:94:02:2d:7c:c3:9e:4e:d9:48:0f:69:ca:4b:9d:be:
         1c:7d:56:79:ae:6e:09:db:f6:af:40:50:22:34:81:96:a1:18:
         d2:fc:48:44:45:b0:91:e6:91:cc:b3:62:db:1e:3e:ea:94:6d:
         5f:a0:26:af:4a:e4:be:f0:1e:74:b6:54:b0:a4:d7:69:a3:15:
         a3:5a:fc:02:ad:2e:5f:9d:b0:39:fa:20:55:7b:c4:3b:84:23:
         7c:8b:d7:48:f0:1c:e4:a3:29:47:4e:34:d6:08:2e:39:84:d1:
         7a:fa:51:f1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHCkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ3MjVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEyNzU5Njk2MTRDQTM1
RDg5OTcwOTZDNzkyQjI5NzNFQzU4QUQ3MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjaWXd3P0wbxyiTzHKR9vq05hDeQRCbnQvqFr2nFv8sz/x6E8Y
oIbU0jGj2S+5B2LpC2ma7gvriQvJivwXuT47ujyd9Ga3fR5wSquWbi373I3A9JKF
YsvFbJwg5GRADBeYaSg+9YO30OFckdQlzq1bsSmMJ2ISWN1KB8fISe5mvvDxr6WI
r/kb3TmRHCOKL/mrADatwzmuZXGHJ4U/Z60QsAp64zpLK1H67JWHkHukX7bNLhu6
KMSaYfMrh5WxdTU1lBKg3Xomeb3VVPClnhzV60I+KMeyf7osR5lqH6FXuMxCdv76
4SI2VlwMUwMbUOOLmCI3lo7gJd3WO0F3H0ZNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUonWWlhTKNdiZcJbHkrKXPsWK1yIwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL29uV1dsaFRLTmRpWmNKYkhr
cktYUHNXSzF5SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6cgwDQYJKoZIhvcNAQELBQADggEBAEKYa8zDT+2Issph266EG1GR5jvvXnZXwOpL
EPWkKzw3Ox9tEAT2TSfMW3VGXWI5vQvkifMysEGalnujL4RF7Q/gsZcWJ5rY5rY1
ueaWFmYatT72NWP4pZJwpeXud5NWxoiE8PNAqD34W6lKpD2dL57ZkoA/mbK8lvOy
9A+vUh3a3ecHdnt+BLjms5gjtyiL7qj/bpQCLXzDnk7ZSA9pykudvhx9Vnmubgnb
9q9AUCI0gZahGNL8SERFsJHmkcyzYtsePuqUbV+gJq9K5L7wHnS2VLCk12mjFaNa
/AKtLl+dsDn6IFV7xDuEI3yL10jwHOSjKUdONNYILjmE0Xr6UfE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-fra.rpki-client.org