Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/tPxl_l8ho6bAjK84SSy2WvCCxN0.roa
File:                     tPxl_l8ho6bAjK84SSy2WvCCxN0.roa (raw, json)
Hash identifier:          vcVelrzqV+D9PlzrYnis1Cect+Nq4akuDyLf2BeRDXM=
Subject key identifier:   B4:FC:65:FE:5F:21:A3:A6:C0:8C:AF:38:49:2C:B6:5A:F0:82:C4:DD
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       234F
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/tPxl_l8ho6bAjK84SSy2WvCCxN0.roa
Signing time:             Fri 25 Nov 2022 04:43:25 +0000
ROA not before:           Fri 25 Nov 2022 04:43:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        123.195.24.0/21 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9039 (0x234f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Nov 25 04:43:25 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=B4FC65FE5F21A3A6C08CAF38492CB65AF082C4DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:99:6a:d6:08:e1:31:85:cd:43:2c:0e:2f:d1:
                    0b:cc:48:e4:1c:28:4b:5a:43:b2:c9:bb:64:51:51:
                    18:7c:d8:50:af:a0:a7:00:b7:20:8f:61:d3:89:d9:
                    c1:c3:ec:25:d7:eb:05:cf:12:5f:28:bf:e1:c3:94:
                    ec:b2:39:d8:b5:64:68:ad:8a:f9:04:7f:28:9d:ff:
                    0c:23:c9:f1:77:7c:1e:ca:ae:e5:d8:5b:c8:2d:2d:
                    ee:de:da:43:1c:7f:ea:f4:8e:41:d0:32:da:22:e4:
                    73:bd:01:4d:a0:a2:d5:26:aa:23:55:15:2f:3d:5b:
                    55:ee:71:a6:c7:19:da:97:7a:66:d5:4e:b2:59:a6:
                    9d:26:a6:a9:49:e4:03:70:0f:d3:3a:02:ea:ee:38:
                    84:be:86:f0:df:67:9d:4e:28:b4:8a:de:20:6a:30:
                    d5:e7:7a:ff:a5:c7:cd:f3:23:5f:cb:99:1d:7b:6b:
                    ad:53:b8:9b:c4:d9:80:5b:58:b8:9c:79:48:51:c3:
                    5f:43:fe:6c:89:8a:87:de:c4:ad:ea:b9:af:e1:2e:
                    6d:74:9e:b3:11:bc:8f:a6:55:3f:fb:21:7d:21:02:
                    07:d2:33:35:88:13:c8:02:16:b3:7c:c2:e2:96:da:
                    e5:ff:4f:f1:4a:2f:8e:d7:73:94:75:c0:84:66:e8:
                    49:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:FC:65:FE:5F:21:A3:A6:C0:8C:AF:38:49:2C:B6:5A:F0:82:C4:DD
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/tPxl_l8ho6bAjK84SSy2WvCCxN0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.195.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0b:15:0b:98:0e:86:05:1b:a8:02:1c:49:b8:76:ef:4f:53:7e:
         07:ed:37:88:2f:d2:75:3c:a8:c7:b4:33:9b:e1:3c:7a:d1:fd:
         2c:69:80:33:6f:ff:73:b4:7d:2f:c4:36:3c:38:d2:4d:cc:74:
         3f:53:4a:bb:bd:a6:f2:0b:0b:49:b2:d9:c5:f2:8f:f0:68:2a:
         39:92:8d:8a:da:3d:50:ba:54:e4:3b:59:b5:4b:87:25:01:3c:
         60:80:33:44:38:c5:4e:81:43:26:1b:b2:9a:04:d7:d9:4c:9e:
         79:07:b8:bf:f7:b0:5b:3e:f7:36:84:73:3d:bc:40:e5:87:3e:
         2a:85:df:8c:83:78:4d:ac:db:72:13:84:d3:8e:4e:74:6c:2d:
         08:3d:cb:59:8a:cc:65:c2:e9:8c:fb:05:3d:20:c3:98:5c:09:
         e8:f1:8a:33:9b:a8:e9:0a:78:e4:53:ab:d8:52:29:51:ce:61:
         91:3b:ff:38:2a:69:e0:9b:a5:86:14:56:4f:54:bd:c8:3b:44:
         b6:23:84:64:df:6a:7a:b1:f0:fd:60:46:f9:c3:b2:c6:2b:1b:
         dd:45:b0:f8:19:bd:21:16:47:6b:8f:74:24:a3:8c:33:4c:fe:
         61:c6:f4:6e:72:d9:ac:50:80:85:05:66:53:75:a3:06:ef:54:
         8c:5f:33:1a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI08wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQzMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEI0RkM2NUZFNUYyMUEz
QTZDMDhDQUYzODQ5MkNCNjVBRjA4MkM0REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPmWrWCOExhc1DLA4v0QvMSOQcKEtaQ7LJu2RRURh82FCvoKcA
tyCPYdOJ2cHD7CXX6wXPEl8ov+HDlOyyOdi1ZGitivkEfyid/wwjyfF3fB7KruXY
W8gtLe7e2kMcf+r0jkHQMtoi5HO9AU2gotUmqiNVFS89W1XucabHGdqXembVTrJZ
pp0mpqlJ5ANwD9M6AuruOIS+hvDfZ51OKLSK3iBqMNXnev+lx83zI1/LmR17a61T
uJvE2YBbWLiceUhRw19D/myJiofexK3qua/hLm10nrMRvI+mVT/7IX0hAgfSMzWI
E8gCFrN8wuKW2uX/T/FKL47Xc5R1wIRm6EkbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtPxl/l8ho6bAjK84SSy2WvCCxN0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3RQeGxfbDhobzZiQWpLODRT
U3kyV3ZDQ3hOMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wxgwDQYJKoZIhvcNAQELBQADggEBAAsVC5gOhgUbqAIcSbh2709TfgftN4gv0nU8
qMe0M5vhPHrR/SxpgDNv/3O0fS/ENjw40k3MdD9TSru9pvILC0my2cXyj/BoKjmS
jYraPVC6VOQ7WbVLhyUBPGCAM0Q4xU6BQyYbspoE19lMnnkHuL/3sFs+9zaEcz28
QOWHPiqF34yDeE2s23IThNOOTnRsLQg9y1mKzGXC6Yz7BT0gw5hcCejxijObqOkK
eORTq9hSKVHOYZE7/zgqaeCbpYYUVk9Uvcg7RLYjhGTfanqx8P1gRvnDssYrG91F
sPgZvSEWR2uPdCSjjDNM/mHG9G5y2axQgIUFZlN1owbvVIxfMxo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:59 2024 by rpki-client on console-fra.rpki-client.org