Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/r5LF40oTNaKNVwdW-BLnIvD1M5I.roa
File:                     r5LF40oTNaKNVwdW-BLnIvD1M5I.roa (raw, json)
Hash identifier:          m6ZC8UOXBFaU6r5pSPgkVka/HCyEUrhccd4IvDhJNWk=
Subject key identifier:   AF:92:C5:E3:4A:13:35:A2:8D:57:07:56:F8:12:E7:22:F0:F5:33:92
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1AA9
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/r5LF40oTNaKNVwdW-BLnIvD1M5I.roa
Signing time:             Wed 29 Sep 2021 02:45:36 +0000
ROA not before:           Wed 29 Sep 2021 02:45:36 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        123.192.96.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6825 (0x1aa9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:45:36 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=AF92C5E34A1335A28D570756F812E722F0F53392
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:62:f3:1d:55:79:e8:e7:c8:20:4c:53:43:38:
                    67:a5:76:80:a2:5e:14:06:b4:1e:df:df:4c:8a:54:
                    b0:78:47:c6:24:3c:7e:dc:ad:44:df:02:ae:96:9e:
                    4c:88:b2:01:a6:3e:4f:a0:78:a3:20:f9:a1:6d:f1:
                    89:4e:a2:f1:7b:28:6d:57:fe:81:9f:ff:4c:f7:fe:
                    57:06:90:a1:a5:75:65:09:0a:32:cb:c3:e8:83:75:
                    a0:b4:c2:3a:e1:14:cc:55:ad:e3:c6:e9:73:00:61:
                    7a:2a:79:3e:ed:4f:98:a1:0c:6a:fc:9f:fc:35:43:
                    da:24:3e:b9:92:ab:66:4a:43:46:9c:3b:fb:d3:01:
                    0f:93:3d:e7:97:93:75:26:86:04:0a:9d:9a:f9:39:
                    37:70:db:bb:7f:fc:cd:f9:b8:ec:bf:42:ff:a9:78:
                    5b:21:21:03:36:4e:55:5e:96:4c:46:57:5b:c7:84:
                    32:a9:b3:fa:c7:67:a4:fc:b9:4f:65:98:8e:69:8d:
                    95:98:b6:42:fe:cd:99:2a:78:4d:6a:a5:3b:8d:28:
                    65:f8:ab:be:73:9b:1f:29:40:d3:bc:54:ae:bd:73:
                    24:40:99:73:61:87:3c:6b:c2:be:e7:06:d8:04:f1:
                    ac:53:b6:30:8f:c9:23:2e:db:80:c3:b9:ea:4f:f0:
                    0e:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:92:C5:E3:4A:13:35:A2:8D:57:07:56:F8:12:E7:22:F0:F5:33:92
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/r5LF40oTNaKNVwdW-BLnIvD1M5I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.192.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         59:e6:1f:05:f0:a1:ef:7c:ad:e2:b7:13:0d:55:8c:2c:32:c5:
         6a:84:7f:16:ff:96:5a:39:16:ba:32:12:bd:99:f9:1d:fe:da:
         a7:c2:13:10:ec:9d:86:16:60:03:24:29:a2:c3:10:54:70:33:
         e7:17:a0:ca:fd:30:c9:e2:cb:be:1c:8f:fc:a1:d4:a1:8c:0c:
         b2:46:12:32:b8:b6:78:b4:fa:dc:2a:78:8a:f2:2b:34:ab:c7:
         27:c8:64:e5:bd:a5:f9:f8:ab:5b:ae:6c:10:19:1c:a6:25:7f:
         68:36:a5:71:fe:45:a8:5d:64:01:cc:2e:45:a3:d7:5a:c4:71:
         92:7d:ef:02:7a:c4:79:cc:9b:d8:59:b6:4e:c6:88:98:65:92:
         31:66:49:6b:5a:b8:c6:82:8a:be:be:b6:42:9d:6f:2f:fc:18:
         e9:92:cb:c9:73:ed:08:be:8e:91:c3:38:10:3f:ad:af:d2:84:
         e7:f4:67:7a:a0:f3:36:eb:ce:66:09:f4:13:b5:28:9a:e6:fb:
         2c:be:93:8f:71:50:5c:7d:32:d3:8d:4b:c6:98:c1:3a:87:58:
         ad:4e:c5:bf:aa:b9:6d:31:89:f5:44:c1:f4:0c:9d:46:b4:e0:
         9f:99:f7:68:06:51:19:07:d6:73:25:82:58:e4:24:2e:ea:70:
         7c:46:ec:e5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ1MzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEFGOTJDNUUzNEExMzM1
QTI4RDU3MDc1NkY4MTJFNzIyRjBGNTMzOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTYvMdVXno58ggTFNDOGeldoCiXhQGtB7f30yKVLB4R8YkPH7c
rUTfAq6WnkyIsgGmPk+geKMg+aFt8YlOovF7KG1X/oGf/0z3/lcGkKGldWUJCjLL
w+iDdaC0wjrhFMxVrePG6XMAYXoqeT7tT5ihDGr8n/w1Q9okPrmSq2ZKQ0acO/vT
AQ+TPeeXk3UmhgQKnZr5OTdw27t//M35uOy/Qv+peFshIQM2TlVelkxGV1vHhDKp
s/rHZ6T8uU9lmI5pjZWYtkL+zZkqeE1qpTuNKGX4q75zmx8pQNO8VK69cyRAmXNh
hzxrwr7nBtgE8axTtjCPySMu24DDuepP8A7nAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUr5LF40oTNaKNVwdW+BLnIvD1M5IwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3I1TEY0MG9UTmFLTlZ3ZFct
QkxuSXZEMU01SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR7
wGAwDQYJKoZIhvcNAQELBQADggEBAFnmHwXwoe98reK3Ew1VjCwyxWqEfxb/llo5
FroyEr2Z+R3+2qfCExDsnYYWYAMkKaLDEFRwM+cXoMr9MMniy74cj/yh1KGMDLJG
EjK4tni0+twqeIryKzSrxyfIZOW9pfn4q1uubBAZHKYlf2g2pXH+RahdZAHMLkWj
11rEcZJ97wJ6xHnMm9hZtk7GiJhlkjFmSWtauMaCir6+tkKdby/8GOmSy8lz7Qi+
jpHDOBA/ra/ShOf0Z3qg8zbrzmYJ9BO1KJrm+yy+k49xUFx9MtONS8aYwTqHWK1O
xb+quW0xifVEwfQMnUa04J+Z92gGURkH1nMlgljkJC7qcHxG7OU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:41 2024 by rpki-client on console-ams.rpki-client.org