Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/qsjRfN6RrjZciGiOMMg1Tkmd6Ic.roa
File:                     qsjRfN6RrjZciGiOMMg1Tkmd6Ic.roa (raw, json)
Hash identifier:          UJPIGbROtYBea/DQSC9MP6pR2UY0/2UOVK6XePK4l8g=
Subject key identifier:   AA:C8:D1:7C:DE:91:AE:36:5C:88:68:8E:30:C8:35:4E:49:9D:E8:87
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1CF5
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/qsjRfN6RrjZciGiOMMg1Tkmd6Ic.roa
Signing time:             Wed 29 Sep 2021 02:48:26 +0000
ROA not before:           Wed 29 Sep 2021 02:48:26 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        123.192.188.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7413 (0x1cf5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:48:26 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=AAC8D17CDE91AE365C88688E30C8354E499DE887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:98:65:90:48:e5:8b:6e:45:14:7b:96:8f:1e:
                    af:2b:1a:07:3a:44:21:65:ef:26:0e:95:5a:7e:a8:
                    76:a0:be:35:e7:4c:0f:69:4f:77:d4:e3:e0:ce:c6:
                    23:96:51:8d:7d:4f:d8:b2:6b:88:38:8d:ec:9b:10:
                    69:1a:17:c8:f3:5e:81:58:0b:4a:c7:11:2d:82:d1:
                    46:d0:bb:64:70:37:e5:86:3f:a2:e1:0d:dd:23:e3:
                    35:e3:7e:a8:74:87:d1:3b:e2:97:f8:e4:49:9e:d7:
                    15:1a:92:07:47:12:a8:f6:38:d5:a3:b7:e8:c1:c7:
                    8e:45:b5:69:05:70:0a:41:85:8f:fe:f7:8d:fc:89:
                    11:e5:d6:27:64:6c:0f:08:56:df:02:35:44:f2:07:
                    1c:00:8f:ee:d7:3d:9d:21:01:7c:9a:86:31:c4:1d:
                    30:0e:a4:f4:4b:02:b1:07:a8:ee:92:b4:e7:3d:c8:
                    42:4f:53:6e:22:54:ad:a4:e4:7c:63:09:bd:6d:a5:
                    24:11:af:c0:f1:23:b4:2a:1e:ae:66:a1:59:06:d7:
                    90:d6:86:46:e2:e4:1e:96:47:88:8f:f1:86:77:92:
                    fb:51:ec:1a:04:e5:83:a7:18:77:13:5c:8d:d4:75:
                    21:25:f5:0d:29:ce:08:0d:d6:a3:9e:13:08:9e:ef:
                    04:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:C8:D1:7C:DE:91:AE:36:5C:88:68:8E:30:C8:35:4E:49:9D:E8:87
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/qsjRfN6RrjZciGiOMMg1Tkmd6Ic.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.192.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:87:ad:51:7f:75:19:83:c4:42:1d:ca:bd:73:a1:b3:d6:f5:
         7c:3c:2c:77:0e:c8:15:cf:a0:74:e7:9e:a1:b6:7d:64:3d:1d:
         ec:a9:ef:ac:d6:88:4f:fa:9e:91:8c:e4:12:e8:29:80:36:7f:
         ab:cf:f3:53:db:11:07:67:a9:39:89:90:d0:3a:a1:45:e3:54:
         0a:7d:23:a1:47:d9:78:e2:55:91:7e:5c:6a:da:66:c6:70:ff:
         56:4c:e3:f4:9b:91:ef:00:a5:6f:44:bb:c2:17:b7:fc:fe:42:
         f1:95:73:e9:46:7f:9b:ad:6f:85:51:aa:37:8d:bc:3f:02:89:
         45:5d:e0:77:37:d2:7d:3d:5d:a4:45:61:db:50:30:68:0f:28:
         44:24:77:ef:c9:6a:b9:73:6d:e8:86:d1:51:85:a3:93:70:15:
         7d:8a:67:2e:3d:2c:68:69:6c:ea:ff:5d:98:05:a4:3b:48:70:
         e1:b2:16:0f:d6:a1:11:e7:d6:07:d8:b3:a9:fc:11:65:78:43:
         12:52:6e:7a:29:53:49:30:d8:e3:e1:c4:ea:3e:e3:d1:d9:12:
         aa:71:b4:e0:84:12:61:27:5c:e1:9d:d0:28:a2:29:2f:8a:94:
         39:da:f6:bd:06:99:be:89:67:7a:84:5c:23:bd:2d:94:18:77:
         34:8b:b4:1f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ4MjZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEFBQzhEMTdDREU5MUFF
MzY1Qzg4Njg4RTMwQzgzNTRFNDk5REU4ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjmGWQSOWLbkUUe5aPHq8rGgc6RCFl7yYOlVp+qHagvjXnTA9p
T3fU4+DOxiOWUY19T9iya4g4jeybEGkaF8jzXoFYC0rHES2C0UbQu2RwN+WGP6Lh
Dd0j4zXjfqh0h9E74pf45Eme1xUakgdHEqj2ONWjt+jBx45FtWkFcApBhY/+9438
iRHl1idkbA8IVt8CNUTyBxwAj+7XPZ0hAXyahjHEHTAOpPRLArEHqO6StOc9yEJP
U24iVK2k5HxjCb1tpSQRr8DxI7QqHq5moVkG15DWhkbi5B6WR4iP8YZ3kvtR7BoE
5YOnGHcTXI3UdSEl9Q0pzggN1qOeEwie7wSLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqsjRfN6RrjZciGiOMMg1Tkmd6IcwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3FzalJmTjZScmpaY2lHaU9N
TWcxVGttZDZJYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7
wLwwDQYJKoZIhvcNAQELBQADggEBAGOHrVF/dRmDxEIdyr1zobPW9Xw8LHcOyBXP
oHTnnqG2fWQ9Heyp76zWiE/6npGM5BLoKYA2f6vP81PbEQdnqTmJkNA6oUXjVAp9
I6FH2XjiVZF+XGraZsZw/1ZM4/Sbke8ApW9Eu8IXt/z+QvGVc+lGf5utb4VRqjeN
vD8CiUVd4Hc30n09XaRFYdtQMGgPKEQkd+/JarlzbeiG0VGFo5NwFX2KZy49LGhp
bOr/XZgFpDtIcOGyFg/WoRHn1gfYs6n8EWV4QxJSbnopU0kw2OPhxOo+49HZEqpx
tOCEEmEnXOGd0CiiKS+KlDna9r0Gmb6JZ3qEXCO9LZQYdzSLtB8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-fra.rpki-client.org