Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/yCn_t28CzmPM2eFK3ylAN9jFPZ0.roa
File:                     yCn_t28CzmPM2eFK3ylAN9jFPZ0.roa (raw, json)
Hash identifier:          gWQUZWUOmlURan59yvFisJsIprK7eOAGfuK2vxn1bkg=
Subject key identifier:   C8:29:FF:B7:6F:02:CE:63:CC:D9:E1:4A:DF:29:40:37:D8:C5:3D:9D
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1BD1
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/yCn_t28CzmPM2eFK3ylAN9jFPZ0.roa
Signing time:             Wed 29 Sep 2021 02:47:02 +0000
ROA not before:           Wed 29 Sep 2021 02:47:02 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        123.192.240.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7121 (0x1bd1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep 29 02:47:02 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=C829FFB76F02CE63CCD9E14ADF294037D8C53D9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:0c:84:24:b6:12:cb:e4:6a:fb:0b:2b:c0:c4:
                    42:41:16:78:f2:c9:23:6e:c6:64:77:61:81:a0:61:
                    ad:54:a5:26:58:de:2d:5c:ef:02:5a:04:b6:d1:be:
                    9f:79:91:f6:61:35:a6:19:9e:d2:4b:3f:c5:14:0d:
                    8d:97:ef:c0:f7:e4:0a:d9:25:5b:3c:08:fe:34:0d:
                    42:19:02:07:e2:e3:a5:ea:d8:b2:47:bd:17:ba:5b:
                    d2:44:4e:44:b2:fe:98:53:62:ba:56:7e:a3:92:c6:
                    53:e1:88:3d:51:94:68:a6:87:5a:69:30:52:6e:46:
                    bc:95:df:64:5e:5d:ef:b6:88:aa:54:64:f4:81:be:
                    02:45:a8:33:70:a8:04:42:f2:53:63:7d:72:50:48:
                    b9:d3:1a:ec:5b:03:79:47:0a:cb:e8:08:06:55:37:
                    f1:96:4b:07:5d:7b:b5:0b:64:04:54:5d:e3:bc:69:
                    eb:2c:42:a9:0a:12:63:94:78:83:80:a1:9f:de:2a:
                    56:14:d8:8b:56:96:a7:c7:bd:99:d6:cb:ec:e8:2c:
                    cb:d1:b4:9a:ab:dc:64:e2:2a:53:5e:05:10:0e:78:
                    ff:49:13:50:e3:6e:d6:d1:ec:e7:73:56:48:6b:da:
                    05:95:c7:96:83:43:cb:b1:fa:03:77:62:22:7b:2a:
                    15:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:29:FF:B7:6F:02:CE:63:CC:D9:E1:4A:DF:29:40:37:D8:C5:3D:9D
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/yCn_t28CzmPM2eFK3ylAN9jFPZ0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.192.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         95:8d:41:cf:d4:32:92:47:ff:28:d9:ce:e8:7a:ee:39:1d:67:
         4c:22:c6:d7:5c:d2:b2:4e:e8:02:06:e4:9d:31:c1:0f:06:fe:
         eb:0e:3a:32:d3:93:35:85:a7:3d:c7:b2:02:ca:63:90:78:79:
         41:9c:9e:4a:a2:bb:cb:1d:d9:92:f5:ed:2f:98:82:b8:24:c8:
         db:3d:df:44:2c:37:fb:82:f7:56:6f:e4:7b:f2:6b:87:e3:46:
         e8:24:05:e6:e2:36:46:20:40:40:8a:0f:c4:d5:0a:b2:3d:ff:
         53:ae:0f:66:07:77:b1:c1:d1:91:63:aa:0c:b0:ff:9f:24:0d:
         10:a3:c2:fa:e7:d2:f0:de:85:6d:ae:35:b0:72:ba:f4:cb:43:
         e3:51:c6:89:76:02:cb:8c:08:6a:36:3e:aa:f0:e3:b2:0b:4e:
         4f:9e:7c:e4:e4:c2:66:0d:10:55:f4:78:51:5e:76:a9:8b:08:
         c4:0b:4e:04:d5:ef:6d:b7:7c:0d:39:8e:8f:b5:7d:ac:47:2e:
         2b:83:ad:2e:9a:32:9d:0c:7c:e1:fc:f4:e6:f1:59:2a:3e:4a:
         07:65:98:e7:1d:da:0c:4e:54:d3:09:00:b7:ec:8c:c1:98:35:
         f6:23:fd:43:f0:58:ac:bc:d6:2d:d2:3f:0e:88:30:18:cc:72:
         35:5a:ed:27
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTA5Mjkw
MjQ3MDJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEM4MjlGRkI3NkYwMkNF
NjNDQ0Q5RTE0QURGMjk0MDM3RDhDNTNEOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIDIQkthLL5Gr7CyvAxEJBFnjyySNuxmR3YYGgYa1UpSZY3i1c
7wJaBLbRvp95kfZhNaYZntJLP8UUDY2X78D35ArZJVs8CP40DUIZAgfi46Xq2LJH
vRe6W9JETkSy/phTYrpWfqOSxlPhiD1RlGimh1ppMFJuRryV32ReXe+2iKpUZPSB
vgJFqDNwqARC8lNjfXJQSLnTGuxbA3lHCsvoCAZVN/GWSwdde7ULZARUXeO8aess
QqkKEmOUeIOAoZ/eKlYU2ItWlqfHvZnWy+zoLMvRtJqr3GTiKlNeBRAOeP9JE1Dj
btbR7OdzVkhr2gWVx5aDQ8ux+gN3YiJ7KhWVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyCn/t28CzmPM2eFK3ylAN9jFPZ0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3lDbl90MjhDem1QTTJlRksz
eWxBTjlqRlBaMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wPAwDQYJKoZIhvcNAQELBQADggEBAJWNQc/UMpJH/yjZzuh67jkdZ0wixtdc0rJO
6AIG5J0xwQ8G/usOOjLTkzWFpz3HsgLKY5B4eUGcnkqiu8sd2ZL17S+YgrgkyNs9
30QsN/uC91Zv5Hvya4fjRugkBebiNkYgQECKD8TVCrI9/1OuD2YHd7HB0ZFjqgyw
/58kDRCjwvrn0vDehW2uNbByuvTLQ+NRxol2AsuMCGo2Pqrw47ILTk+efOTkwmYN
EFX0eFFedqmLCMQLTgTV7223fA05jo+1faxHLiuDrS6aMp0MfOH89ObxWSo+Sgdl
mOcd2gxOVNMJALfsjMGYNfYj/UPwWKy81i3SPw6IMBjMcjVa7Sc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org