Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ya5RTg6h3GKppNVVVqjOa1c_qRw.roa
File:                     ya5RTg6h3GKppNVVVqjOa1c_qRw.roa (raw, json)
Hash identifier:          T9eN+AGiOEBj+sw5nUFgJxL73+lCuTb7/Zn4jIF55FM=
Subject key identifier:   C9:AE:51:4E:0E:A1:DC:62:A9:A4:D5:55:56:A8:CE:6B:57:3F:A9:1C
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       21E0
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ya5RTg6h3GKppNVVVqjOa1c_qRw.roa
Signing time:             Fri 25 Nov 2022 04:40:30 +0000
ROA not before:           Fri 25 Nov 2022 04:40:30 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        118.232.56.0/21 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8672 (0x21e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Nov 25 04:40:30 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C9AE514E0EA1DC62A9A4D55556A8CE6B573FA91C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:7f:67:10:0b:9a:2a:64:da:06:5a:d0:a3:85:
                    a9:9c:b5:93:40:c2:cb:8b:ac:53:18:34:3b:4d:b1:
                    cf:58:48:94:b3:ce:b2:91:5b:e9:89:68:21:25:44:
                    19:a5:c2:c9:4c:ac:b3:a2:25:f4:cb:6f:07:ad:a5:
                    60:18:9f:df:f1:09:bd:5a:00:64:9b:42:6a:78:aa:
                    00:db:d5:5d:5c:e2:08:42:ed:d9:2c:43:08:bd:90:
                    8d:59:69:74:c0:42:15:42:50:e3:ab:e0:d8:47:ac:
                    da:f5:50:35:c6:43:ae:01:84:f8:ac:29:eb:23:46:
                    8c:13:7a:67:fb:98:25:86:7d:cc:e0:6e:7c:8f:06:
                    e6:94:2f:64:b3:be:d2:80:1a:5d:01:39:71:a9:3d:
                    8e:2b:d3:1a:03:80:cf:fb:00:f3:e4:db:bc:6b:c3:
                    96:11:31:53:63:83:58:11:d2:78:9c:a9:f0:f5:e0:
                    26:e4:64:ba:7b:f3:20:8a:5d:43:be:92:67:6e:b7:
                    a1:52:3e:16:8d:d7:73:79:be:26:96:ff:a5:78:da:
                    6c:8b:54:d8:44:ba:84:47:6b:92:1f:ec:81:11:ee:
                    ad:7a:66:b4:b7:aa:e4:54:4f:a2:bb:cc:f0:fc:4c:
                    2c:48:f0:80:8c:4e:f3:b7:7d:46:ab:b2:b6:d2:c4:
                    a7:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:AE:51:4E:0E:A1:DC:62:A9:A4:D5:55:56:A8:CE:6B:57:3F:A9:1C
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ya5RTg6h3GKppNVVVqjOa1c_qRw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.232.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         49:bb:34:df:b2:30:d0:3e:54:11:5d:3e:3c:ba:9d:93:d4:e5:
         e9:f7:7e:09:55:b8:55:9f:a7:f7:69:e6:29:1a:8f:6d:d5:db:
         9a:c4:da:22:31:71:d9:70:17:63:01:3e:ac:c3:36:1d:f2:8d:
         0c:22:69:c6:88:b4:71:c3:4e:e9:b2:e5:91:9c:71:64:e3:1f:
         1b:73:96:d1:85:98:aa:c2:46:d5:dc:91:3c:95:80:5e:27:4e:
         41:a7:87:df:d6:2c:24:4f:2d:f4:99:9c:ff:8d:b1:77:1e:3e:
         f8:4e:b3:54:d7:c9:6c:12:4b:02:c7:b4:9a:2a:0a:c8:6e:e7:
         98:8e:cb:0d:a5:0e:8b:93:2a:d7:38:56:2f:b5:78:e6:bb:66:
         e8:11:48:34:05:db:f3:a8:25:ef:11:5c:bc:b6:a9:f6:46:54:
         1e:f6:72:6f:a3:d0:1a:7e:b1:95:d4:bc:63:6d:1b:18:f0:82:
         20:e4:3b:fa:1f:9e:d3:f5:14:40:3b:0b:52:27:e1:db:d6:6a:
         a2:eb:39:54:ac:4c:b3:15:df:38:21:77:d0:ac:47:f8:bc:86:
         b6:88:d1:61:78:32:3b:f6:20:f1:07:92:5b:69:cd:52:37:e4:
         74:85:23:35:79:29:a4:39:92:fe:b2:e6:94:9d:3e:bc:4d:6f:
         d4:b9:05:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIeAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQwMzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM5QUU1MTRFMEVBMURD
NjJBOUE0RDU1NTU2QThDRTZCNTczRkE5MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgf2cQC5oqZNoGWtCjhamctZNAwsuLrFMYNDtNsc9YSJSzzrKR
W+mJaCElRBmlwslMrLOiJfTLbwetpWAYn9/xCb1aAGSbQmp4qgDb1V1c4ghC7dks
Qwi9kI1ZaXTAQhVCUOOr4NhHrNr1UDXGQ64BhPisKesjRowTemf7mCWGfczgbnyP
BuaUL2SzvtKAGl0BOXGpPY4r0xoDgM/7APPk27xrw5YRMVNjg1gR0nicqfD14Cbk
ZLp78yCKXUO+kmdut6FSPhaN13N5viaW/6V42myLVNhEuoRHa5If7IER7q16ZrS3
quRUT6K7zPD8TCxI8ICMTvO3fUarsrbSxKepAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUya5RTg6h3GKppNVVVqjOa1c/qRwwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3lhNVJUZzZoM0dLcHBOVlZW
cWpPYTFjX3FSdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6DgwDQYJKoZIhvcNAQELBQADggEBAEm7NN+yMNA+VBFdPjy6nZPU5en3fglVuFWf
p/dp5ikaj23V25rE2iIxcdlwF2MBPqzDNh3yjQwiacaItHHDTumy5ZGccWTjHxtz
ltGFmKrCRtXckTyVgF4nTkGnh9/WLCRPLfSZnP+NsXcePvhOs1TXyWwSSwLHtJoq
Cshu55iOyw2lDouTKtc4Vi+1eOa7ZugRSDQF2/OoJe8RXLy2qfZGVB72cm+j0Bp+
sZXUvGNtGxjwgiDkO/ofntP1FEA7C1In4dvWaqLrOVSsTLMV3zghd9CsR/i8hraI
0WF4Mjv2IPEHkltpzVI35HSFIzV5KaQ5kv6y5pSdPrxNb9S5BQk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:00 2024 by rpki-client on console-fra.rpki-client.org