Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/rLsGSWjTvMLgmOERtfQIzgUtmg0.roa
File:                     rLsGSWjTvMLgmOERtfQIzgUtmg0.roa (raw, json)
Hash identifier:          Ir0XDty0QsKZGvVHFKfD+QKtmUNV0zGX1dYe20w4Q9E=
Subject key identifier:   AC:BB:06:49:68:D3:BC:C2:E0:98:E1:11:B5:F4:08:CE:05:2D:9A:0D
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA2
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/rLsGSWjTvMLgmOERtfQIzgUtmg0.roa
Signing time:             Thu 15 Sep 2022 02:53:04 +0000
ROA not before:           Thu 15 Sep 2022 02:53:04 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        123.193.24.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8098 (0x1fa2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:53:04 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=ACBB064968D3BCC2E098E111B5F408CE052D9A0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:05:0e:58:ed:32:df:23:5b:e5:91:86:bf:6c:
                    c8:01:e0:fd:91:84:b3:a9:3c:33:d3:11:d4:09:5a:
                    56:c4:03:3c:40:3c:f7:1b:92:ac:d4:9a:24:b7:6f:
                    bb:26:1a:3b:e9:18:e2:08:26:b1:6b:2c:a0:62:17:
                    90:c9:37:34:c6:65:b0:d1:5c:41:d9:ba:80:46:9b:
                    3b:12:18:96:ae:9e:bd:0b:b8:45:89:09:4f:6a:5b:
                    7e:35:11:a2:95:a9:46:4b:b8:67:c2:11:d0:df:5c:
                    ea:6a:11:c2:a4:89:f4:b8:89:0e:66:ea:3a:ef:1f:
                    55:e9:6f:86:55:17:ff:b6:04:fa:12:6e:44:cb:f8:
                    8d:53:68:8b:40:9f:c4:b7:86:a3:e6:da:37:ef:2b:
                    fb:92:f3:bc:e1:e0:03:42:61:d7:84:95:e3:89:69:
                    69:74:94:ea:54:07:1e:b5:f8:ba:56:a7:8e:a2:ca:
                    0b:60:64:af:03:79:49:8c:6d:4b:cb:b9:d7:10:d2:
                    7e:a4:75:99:06:89:66:6f:79:3a:2b:e7:ff:07:bc:
                    5f:40:91:d0:6e:05:34:22:1e:cd:b9:ab:0e:70:7e:
                    a9:d6:10:09:94:36:70:cc:5f:4a:a1:53:e8:b6:f0:
                    c0:db:49:03:f1:ed:26:55:3c:45:d5:44:68:70:24:
                    31:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:BB:06:49:68:D3:BC:C2:E0:98:E1:11:B5:F4:08:CE:05:2D:9A:0D
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/rLsGSWjTvMLgmOERtfQIzgUtmg0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.193.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         02:dc:27:c2:d1:14:cb:99:46:d3:1a:a3:1b:40:4f:cb:d4:a7:
         69:10:ad:ce:3b:ce:26:b6:da:29:c2:1e:7f:6f:97:21:bc:89:
         b2:13:d4:dc:fd:65:f4:7a:13:00:dd:08:6e:7b:1d:6f:c5:ba:
         9f:1d:76:52:f2:fb:09:e9:48:2a:51:ba:43:b9:46:a7:e7:07:
         c2:87:93:52:35:71:1e:c8:9e:c7:c2:d2:a1:ca:ed:c2:84:6f:
         e0:60:8b:34:59:87:28:a6:ed:95:81:c8:80:ef:0e:05:d0:c3:
         a8:38:a5:2e:5f:87:78:dd:0a:94:6a:73:9c:b0:bb:e1:d8:f1:
         8c:8e:69:39:a4:eb:e2:73:33:5b:f3:3d:4b:50:b2:61:3d:2b:
         33:72:66:6b:fa:28:bb:45:a4:ac:fb:30:f0:1e:5b:c4:2b:74:
         06:c4:e8:db:1d:98:ad:de:01:95:53:83:63:1d:dd:e3:a1:e2:
         d8:60:a9:12:de:e7:24:e4:f2:ef:86:e8:e4:fc:98:3d:4f:56:
         43:24:8b:75:81:51:db:f5:d4:e5:16:0b:6b:f7:33:e4:e8:cc:
         10:7c:cb:dc:01:4a:65:41:cb:2c:78:7c:c7:53:fc:8f:81:70:
         d7:d4:86:6c:db:e6:b0:95:1e:1b:f2:3b:7c:10:4a:a2:09:35:
         8c:9a:09:94
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjUzMDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFDQkIwNjQ5NjhEM0JD
QzJFMDk4RTExMUI1RjQwOENFMDUyRDlBMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClBQ5Y7TLfI1vlkYa/bMgB4P2RhLOpPDPTEdQJWlbEAzxAPPcb
kqzUmiS3b7smGjvpGOIIJrFrLKBiF5DJNzTGZbDRXEHZuoBGmzsSGJaunr0LuEWJ
CU9qW341EaKVqUZLuGfCEdDfXOpqEcKkifS4iQ5m6jrvH1Xpb4ZVF/+2BPoSbkTL
+I1TaItAn8S3hqPm2jfvK/uS87zh4ANCYdeEleOJaWl0lOpUBx61+LpWp46iygtg
ZK8DeUmMbUvLudcQ0n6kdZkGiWZveTor5/8HvF9AkdBuBTQiHs25qw5wfqnWEAmU
NnDMX0qhU+i28MDbSQPx7SZVPEXVRGhwJDH/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrLsGSWjTvMLgmOERtfQIzgUtmg0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3JMc0dTV2pUdk1MZ21PRVJ0
ZlFJemdVdG1nMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wRgwDQYJKoZIhvcNAQELBQADggEBAALcJ8LRFMuZRtMaoxtAT8vUp2kQrc47zia2
2inCHn9vlyG8ibIT1Nz9ZfR6EwDdCG57HW/Fup8ddlLy+wnpSCpRukO5RqfnB8KH
k1I1cR7InsfC0qHK7cKEb+BgizRZhyim7ZWByIDvDgXQw6g4pS5fh3jdCpRqc5yw
u+HY8YyOaTmk6+JzM1vzPUtQsmE9KzNyZmv6KLtFpKz7MPAeW8QrdAbE6NsdmK3e
AZVTg2Md3eOh4thgqRLe5yTk8u+G6OT8mD1PVkMki3WBUdv11OUWC2v3M+TozBB8
y9wBSmVByyx4fMdT/I+BcNfUhmzb5rCVHhvyO3wQSqIJNYyaCZQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:59 2024 by rpki-client on console-fra.rpki-client.org