Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/v3vZusQFiy0tjZ0Z8UgeYhz81e0.roa
File:                     v3vZusQFiy0tjZ0Z8UgeYhz81e0.roa (raw, json)
Hash identifier:          JBNZQGFUol6Fk397/ZrSQfhOFwM9gt6xKN5jbbdUC7g=
Subject key identifier:   BF:7B:D9:BA:C4:05:8B:2D:2D:8D:9D:19:F1:48:1E:62:1C:FC:D5:ED
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1FA0
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/v3vZusQFiy0tjZ0Z8UgeYhz81e0.roa
Signing time:             Thu 15 Sep 2022 02:45:11 +0000
ROA not before:           Thu 15 Sep 2022 02:45:11 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        123.192.32.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8096 (0x1fa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 15 02:45:11 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=BF7BD9BAC4058B2D2D8D9D19F1481E621CFCD5ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:be:6e:af:10:a3:96:a8:9a:85:9c:5b:cc:2d:
                    5f:c1:5e:3c:00:45:b6:61:c5:fa:3c:f7:e4:59:3b:
                    e9:64:fd:ea:26:d0:e6:4f:f1:d5:07:21:d8:5a:b1:
                    30:7f:1a:03:0e:04:d4:cd:01:b4:53:ea:29:e4:df:
                    ed:1a:86:f0:b4:ae:35:c4:9a:df:26:da:da:0c:3b:
                    42:bd:bb:18:cf:3a:4e:bc:90:5f:d1:3b:c6:4f:15:
                    83:2f:ec:dd:49:eb:1f:fb:6d:6e:b9:02:0a:b2:a8:
                    94:7f:90:ca:83:33:4a:b2:55:e6:eb:24:90:e3:ba:
                    9e:9b:3f:3a:30:c4:1c:57:46:64:42:bf:6f:64:aa:
                    09:6c:79:9d:f2:ff:85:a1:09:0f:23:f5:b1:6d:bb:
                    99:b5:65:0a:87:6a:ff:f2:d4:32:5e:ce:16:06:dc:
                    31:ea:07:4d:07:a4:c6:0c:21:5f:ce:22:c0:d0:a2:
                    13:19:08:e6:7d:b2:4e:99:d7:b9:99:91:6e:60:28:
                    4e:30:c5:9f:11:d5:72:1f:62:22:54:08:a3:a1:53:
                    20:4c:02:bd:fc:b6:5f:50:a3:90:e7:0c:40:e2:fd:
                    46:6a:46:6a:b2:62:3b:ff:3a:b9:4c:b9:f8:de:7c:
                    06:4f:54:4e:c4:eb:30:e3:13:28:ca:bd:5d:61:2d:
                    57:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:7B:D9:BA:C4:05:8B:2D:2D:8D:9D:19:F1:48:1E:62:1C:FC:D5:ED
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/v3vZusQFiy0tjZ0Z8UgeYhz81e0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.192.32.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4a:27:eb:09:4e:ae:29:d6:29:fe:28:8b:01:22:cf:84:b6:e1:
         eb:35:e3:d3:df:28:aa:af:03:e9:8d:80:9c:62:1a:78:65:6f:
         59:a2:06:f6:68:2f:39:e1:3a:a0:49:b1:de:8d:29:b1:fc:75:
         23:ab:6f:bd:7b:3f:27:c3:c4:fa:49:6c:72:06:df:8b:1e:c2:
         78:b7:85:66:da:61:7d:11:c4:15:44:c8:24:3b:56:c2:ab:15:
         2d:bf:35:73:aa:b7:c5:ff:5c:78:06:90:ff:b1:5c:04:f8:5e:
         1b:ec:46:00:ae:fc:f2:db:e7:5b:d3:6a:a8:c3:89:61:64:bf:
         51:1d:75:a5:ac:d5:07:f6:9f:01:f0:aa:00:6f:f2:22:82:82:
         e5:f9:a4:8b:c4:47:a2:93:12:5c:a1:47:e4:62:76:bb:f4:71:
         c8:58:2d:a3:72:81:2c:36:a1:2a:7c:67:40:62:bc:2a:2f:bf:
         ee:99:95:ff:4e:73:76:bc:23:a2:c8:e0:d6:fd:40:32:13:25:
         bc:b3:35:4d:8a:79:b5:e5:46:57:f8:c1:22:30:92:02:c7:60:
         2f:48:f3:b5:93:82:d3:3b:39:26:48:94:65:ba:5c:5a:7c:97:
         5e:c2:5a:b1:69:75:a9:79:e6:6d:b2:78:78:15:0f:c5:c8:ae:
         ea:f4:8e:17
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjA5MTUw
MjQ1MTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJGN0JEOUJBQzQwNThC
MkQyRDhEOUQxOUYxNDgxRTYyMUNGQ0Q1RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdvm6vEKOWqJqFnFvMLV/BXjwARbZhxfo89+RZO+lk/eom0OZP
8dUHIdhasTB/GgMOBNTNAbRT6ink3+0ahvC0rjXEmt8m2toMO0K9uxjPOk68kF/R
O8ZPFYMv7N1J6x/7bW65AgqyqJR/kMqDM0qyVebrJJDjup6bPzowxBxXRmRCv29k
qglseZ3y/4WhCQ8j9bFtu5m1ZQqHav/y1DJezhYG3DHqB00HpMYMIV/OIsDQohMZ
COZ9sk6Z17mZkW5gKE4wxZ8R1XIfYiJUCKOhUyBMAr38tl9Qo5DnDEDi/UZqRmqy
Yjv/OrlMufjefAZPVE7E6zDjEyjKvV1hLVeZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUv3vZusQFiy0tjZ0Z8UgeYhz81e0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3Yzdlp1c1FGaXkwdGpaMFo4
VWdlWWh6ODFlMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wCAwDQYJKoZIhvcNAQELBQADggEBAEon6wlOrinWKf4oiwEiz4S24es149PfKKqv
A+mNgJxiGnhlb1miBvZoLznhOqBJsd6NKbH8dSOrb717PyfDxPpJbHIG34sewni3
hWbaYX0RxBVEyCQ7VsKrFS2/NXOqt8X/XHgGkP+xXAT4XhvsRgCu/PLb51vTaqjD
iWFkv1EddaWs1Qf2nwHwqgBv8iKCguX5pIvER6KTElyhR+Ridrv0cchYLaNygSw2
oSp8Z0BivCovv+6Zlf9Oc3a8I6LI4Nb9QDITJbyzNU2KebXlRlf4wSIwkgLHYC9I
87WTgtM7OSZIlGW6XFp8l17CWrFpdal55m2yeHgVD8XIrur0jhc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:42 2024 by rpki-client on console-ams.rpki-client.org