Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/smOPhiOIswNee3tW9W35EX-AcA4.roa
File:                     smOPhiOIswNee3tW9W35EX-AcA4.roa (raw, json)
Hash identifier:          6jy4d8j7ZvvvS0iJtfUQTTBLSSfVyD//AgIDNTS5UZo=
Subject key identifier:   B2:63:8F:86:23:88:B3:03:5E:7B:7B:56:F5:6D:F9:11:7F:80:70:0E
Certificate issuer:       /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial:       0890
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/smOPhiOIswNee3tW9W35EX-AcA4.roa
Signing time:             Wed 02 Dec 2020 03:39:48 +0000
ROA not before:           Wed 02 Dec 2020 03:39:48 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18018
IP address blocks:        122.255.95.128/25 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2192 (0x890)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
        Validity
            Not Before: Dec  2 03:39:48 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=B2638F862388B3035E7B7B56F56DF9117F80700E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:9d:b4:93:dc:22:a5:aa:5f:64:a1:77:01:cc:
                    5c:14:15:59:aa:b5:28:31:ce:d8:93:a3:81:1c:4e:
                    73:96:f7:ec:b4:b0:01:39:80:05:6e:07:c8:af:48:
                    9f:1d:92:f2:c4:30:4f:0a:c7:37:c8:48:32:c4:81:
                    d9:7d:96:7e:df:a8:58:a0:cd:30:02:18:f4:57:48:
                    e7:b9:46:56:ec:00:53:89:f2:63:21:48:83:43:15:
                    72:65:8e:c8:76:a9:61:d6:31:9a:bd:61:a9:b3:fe:
                    1c:fa:0e:92:40:63:bc:25:3f:a8:ae:e8:05:0d:0b:
                    0d:69:83:15:b9:a8:ff:77:29:6d:06:00:12:2f:04:
                    80:b3:4f:c8:6c:cc:5d:d6:17:5c:ce:37:67:70:07:
                    66:38:83:0f:12:b1:1a:89:32:40:43:ba:dc:a5:0b:
                    c1:8f:55:18:73:b1:91:e9:a0:ad:e4:dd:75:d5:8b:
                    53:6b:e7:3d:02:1c:dd:f3:ea:f2:3a:95:e0:2d:60:
                    f5:58:4f:84:37:4e:0c:34:cd:0d:14:73:ef:1d:5b:
                    82:5f:a4:39:5c:3f:5c:a9:16:00:32:e5:e3:b2:1f:
                    6a:72:8b:4a:7e:29:65:88:c1:ea:ba:26:4d:46:39:
                    27:21:17:ee:d9:34:68:bc:43:9d:f8:b5:e5:24:7a:
                    b0:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:63:8F:86:23:88:B3:03:5E:7B:7B:56:F5:6D:F9:11:7F:80:70:0E
            X509v3 Authority Key Identifier:
                keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/smOPhiOIswNee3tW9W35EX-AcA4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.255.95.128/25

    Signature Algorithm: sha256WithRSAEncryption
         43:90:fa:b5:3a:8e:d6:8e:1b:f4:61:24:c8:f3:90:56:69:7b:
         2e:7e:ec:a4:db:69:44:3e:78:ad:aa:c4:94:6e:3a:70:19:69:
         24:d8:d7:46:0b:5f:3c:8e:4a:0c:2b:e5:9e:76:1e:9a:b9:56:
         f7:21:f1:6d:03:38:cc:99:96:2d:37:c6:f2:fa:a2:03:a6:64:
         2f:a1:13:78:55:ca:83:93:6c:32:3c:e6:24:23:df:fe:44:92:
         b2:85:1d:93:01:11:b3:ac:ea:9f:be:0f:84:83:e6:1f:be:35:
         1d:cc:f4:e8:f9:b5:aa:93:4f:06:57:47:1d:3e:d3:44:87:61:
         10:8a:65:8c:ba:30:65:ab:f5:21:a6:b2:c0:d6:45:0d:0f:2e:
         b6:bd:f7:0e:0a:bd:48:52:c8:fc:4e:c2:fc:20:05:1e:56:d8:
         f6:ee:e4:50:90:8a:46:34:de:9f:04:07:61:fb:96:79:3a:04:
         03:5d:95:32:9c:b5:c0:b7:5c:28:a5:9a:75:c7:9c:21:fb:50:
         c1:6b:f4:ac:ef:46:0e:68:d3:7b:1f:2a:35:c7:15:cb:2e:17:
         ab:a0:1e:b7:07:a7:4e:85:ba:98:ce:d3:e0:68:fb:7a:be:ce:
         54:7e:2f:55:17:0a:45:8d:b8:ba:c9:2b:fd:4d:41:e2:51:32:
         15:ea:76:74
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMDEyMDIw
MzM5NDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEIyNjM4Rjg2MjM4OEIz
MDM1RTdCN0I1NkY1NkRGOTExN0Y4MDcwMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmnbST3CKlql9koXcBzFwUFVmqtSgxztiTo4EcTnOW9+y0sAE5
gAVuB8ivSJ8dkvLEME8KxzfISDLEgdl9ln7fqFigzTACGPRXSOe5RlbsAFOJ8mMh
SINDFXJljsh2qWHWMZq9Yamz/hz6DpJAY7wlP6iu6AUNCw1pgxW5qP93KW0GABIv
BICzT8hszF3WF1zON2dwB2Y4gw8SsRqJMkBDutylC8GPVRhzsZHpoK3k3XXVi1Nr
5z0CHN3z6vI6leAtYPVYT4Q3Tgw0zQ0Uc+8dW4JfpDlcP1ypFgAy5eOyH2pyi0p+
KWWIweq6Jk1GOSchF+7ZNGi8Q534teUkerDfAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUsmOPhiOIswNee3tW9W35EX+AcA4wHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9zbU9QaGlPSXN3TmVlM3RXOVcz
NUVYLUFjQTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHev9f
gDANBgkqhkiG9w0BAQsFAAOCAQEAQ5D6tTqO1o4b9GEkyPOQVml7Ln7spNtpRD54
rarElG46cBlpJNjXRgtfPI5KDCvlnnYemrlW9yHxbQM4zJmWLTfG8vqiA6ZkL6ET
eFXKg5NsMjzmJCPf/kSSsoUdkwERs6zqn74PhIPmH741Hcz06Pm1qpNPBldHHT7T
RIdhEIpljLowZav1IaaywNZFDQ8utr33Dgq9SFLI/E7C/CAFHlbY9u7kUJCKRjTe
nwQHYfuWeToEA12VMpy1wLdcKKWadcecIftQwWv0rO9GDmjTex8qNccVyy4Xq6Ae
twenToW6mM7T4Gj7er7OVH4vVRcKRY24uskr/U1B4lEyFep2dA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org