Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/w4wyhZ7I23ClSoJ_PAWEPXU8Ob0.roa
File:                     w4wyhZ7I23ClSoJ_PAWEPXU8Ob0.roa (raw, json)
Hash identifier:          Ixu/Se9g4l6stAxTgwoh+GkBC9sb6v5WblDFPj94zmA=
Subject key identifier:   C3:8C:32:85:9E:C8:DB:70:A5:4A:82:7F:3C:05:84:3D:75:3C:39:BD
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1CCA
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/w4wyhZ7I23ClSoJ_PAWEPXU8Ob0.roa
Signing time:             Wed 29 Sep 2021 02:48:12 +0000
ROA not before:           Wed 29 Sep 2021 02:48:12 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        118.233.136.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7370 (0x1cca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:48:12 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=C38C32859EC8DB70A54A827F3C05843D753C39BD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:7c:fa:34:c6:13:e4:59:aa:92:77:30:77:b0:
                    f0:44:8f:91:49:ca:ff:07:4f:6b:e7:09:0f:34:e8:
                    5e:c0:2e:9a:f6:31:8e:52:91:3c:38:92:e5:e1:22:
                    09:2e:25:14:90:3c:06:a7:0a:9e:52:03:13:f2:d0:
                    e9:b1:d0:cb:e3:d7:d7:1b:64:a8:a6:21:31:a7:70:
                    f9:c8:fb:80:0d:0f:50:cc:f3:92:61:a9:f0:1b:5a:
                    bb:e5:64:45:7f:67:7c:80:1e:e5:10:a4:f6:ea:a9:
                    68:48:57:4f:d0:11:ec:69:d4:ca:73:48:b8:ca:6d:
                    9a:84:99:a2:ad:f7:33:f7:13:fd:5c:dd:d9:e4:2c:
                    7e:0d:37:b7:c4:41:6e:87:67:c1:c3:2b:6a:ff:fc:
                    49:4d:c2:7f:eb:c4:3f:70:a6:96:9a:4f:ee:b7:90:
                    cf:5b:6e:7e:16:a4:ba:77:7d:a9:e7:6b:70:c2:9d:
                    90:dc:2f:07:ed:c5:db:9d:e7:2d:fd:4d:29:37:59:
                    07:47:43:98:cb:98:78:a1:d2:6c:3c:8a:d8:47:f8:
                    08:86:02:79:2f:6b:a9:53:a8:0b:74:21:f3:2f:90:
                    5b:56:05:cc:9f:c3:c3:a8:b5:92:ca:90:66:04:13:
                    e7:4c:96:7c:0e:5a:d8:9f:e5:b4:48:ee:df:e6:1b:
                    11:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:8C:32:85:9E:C8:DB:70:A5:4A:82:7F:3C:05:84:3D:75:3C:39:BD
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/w4wyhZ7I23ClSoJ_PAWEPXU8Ob0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.233.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         49:39:91:6a:74:86:25:c6:56:eb:5f:d8:91:16:a6:b1:0e:5e:
         c9:4a:e4:75:8d:d3:b3:01:34:69:0e:b2:65:f1:e0:82:79:e0:
         6e:0c:68:4c:c4:d4:b3:2b:0d:7c:2f:f9:04:e6:63:40:b3:ef:
         93:73:94:b3:bc:75:85:de:f7:8d:a2:50:21:a0:89:e6:76:65:
         5a:c3:36:9b:25:2e:3d:8b:22:74:4d:8c:29:b2:8e:d4:1f:91:
         e5:80:e5:02:81:79:90:3e:46:35:3a:f1:17:fe:5e:ce:5b:bc:
         37:fc:d4:0b:49:6b:7a:fc:a4:37:75:2b:ee:b2:7f:ab:fe:26:
         97:f4:b4:48:85:73:17:43:95:b2:37:91:55:3c:fe:41:7c:d0:
         ec:45:37:d9:3d:52:12:5f:66:e5:c5:25:30:79:85:79:73:f8:
         09:bf:8d:71:39:49:89:f0:c8:91:ae:01:3d:39:09:90:55:32:
         8a:c4:fe:5c:80:0d:39:17:82:b8:d5:13:37:00:c9:38:a2:d4:
         2b:fd:ed:c7:8c:76:c9:a9:46:2d:c0:67:d8:89:38:6e:93:2b:
         ce:87:c2:34:9d:b3:6f:65:3c:f5:76:ae:3c:10:57:69:98:81:
         e5:04:fe:4e:e8:58:d7:6a:97:0e:fe:39:33:41:83:af:b3:99:
         d4:6e:ce:3b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ4MTJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEMzOEMzMjg1OUVDOERC
NzBBNTRBODI3RjNDMDU4NDNENzUzQzM5QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2fPo0xhPkWaqSdzB3sPBEj5FJyv8HT2vnCQ806F7ALpr2MY5S
kTw4kuXhIgkuJRSQPAanCp5SAxPy0Omx0Mvj19cbZKimITGncPnI+4AND1DM85Jh
qfAbWrvlZEV/Z3yAHuUQpPbqqWhIV0/QEexp1MpzSLjKbZqEmaKt9zP3E/1c3dnk
LH4NN7fEQW6HZ8HDK2r//ElNwn/rxD9wppaaT+63kM9bbn4WpLp3fanna3DCnZDc
Lwftxdud5y39TSk3WQdHQ5jLmHih0mw8ithH+AiGAnkva6lTqAt0IfMvkFtWBcyf
w8OotZLKkGYEE+dMlnwOWtif5bRI7t/mGxGtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUw4wyhZ7I23ClSoJ/PAWEPXU8Ob0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3c0d3loWjdJMjNDbFNvSl9Q
QVdFUFhVOE9iMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6YgwDQYJKoZIhvcNAQELBQADggEBAEk5kWp0hiXGVutf2JEWprEOXslK5HWN07MB
NGkOsmXx4IJ54G4MaEzE1LMrDXwv+QTmY0Cz75NzlLO8dYXe942iUCGgieZ2ZVrD
NpslLj2LInRNjCmyjtQfkeWA5QKBeZA+RjU68Rf+Xs5bvDf81AtJa3r8pDd1K+6y
f6v+Jpf0tEiFcxdDlbI3kVU8/kF80OxFN9k9UhJfZuXFJTB5hXlz+Am/jXE5SYnw
yJGuAT05CZBVMorE/lyADTkXgrjVEzcAyTii1Cv97ceMdsmpRi3AZ9iJOG6TK86H
wjSds29lPPV2rjwQV2mYgeUE/k7oWNdqlw7+OTNBg6+zmdRuzjs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:42 2024 by rpki-client on console-ams.rpki-client.org