Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-hEvvsmN2YmY5loOFPmhbxYAR6E.roa
File:                     -hEvvsmN2YmY5loOFPmhbxYAR6E.roa (raw, json)
Hash identifier:          nmTWxV3JBjhtWCVGhvA1khBimrcMGre49C3vggSkB7U=
Subject key identifier:   FA:11:2F:BE:C9:8D:D9:89:98:E6:5A:0E:14:F9:A1:6F:16:00:47:A1
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       12AC
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-hEvvsmN2YmY5loOFPmhbxYAR6E.roa
Signing time:             Wed 29 Sep 2021 02:54:50 +0000
ROA not before:           Wed 29 Sep 2021 02:54:50 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        49.158.96.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4780 (0x12ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:54:50 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=FA112FBEC98DD98998E65A0E14F9A16F160047A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:00:94:23:81:f8:55:ec:07:b6:68:d7:f5:1a:
                    e6:b5:90:7b:da:b8:89:4f:f5:6c:11:c3:67:99:48:
                    db:c1:f6:84:03:33:fa:77:9d:18:ce:81:bc:68:24:
                    2d:67:36:75:5f:aa:c2:7d:28:20:60:ea:fd:0a:b7:
                    1f:7e:03:81:08:1c:86:50:57:0d:e3:ab:19:6e:ec:
                    91:55:22:fb:da:21:b1:0f:8c:a7:48:fa:cb:f9:08:
                    af:36:fe:17:c7:ef:63:9d:bb:00:e3:0b:0c:2f:da:
                    b4:64:c4:56:eb:bf:05:b4:50:2b:0e:a0:99:ee:95:
                    7c:e4:14:b3:f0:3e:a1:1e:70:67:2d:d0:72:c1:67:
                    51:c3:05:bc:1f:32:2e:ce:46:9e:0a:a2:f3:a8:f5:
                    88:e5:fb:73:2f:50:24:cd:52:fa:92:ad:c3:62:68:
                    7f:41:90:03:34:5d:aa:91:7e:d3:08:40:9d:45:32:
                    f2:47:be:39:94:21:7e:30:ea:c7:3e:62:26:96:4d:
                    7c:44:24:4e:11:75:f6:25:79:fc:70:19:5e:ee:ec:
                    96:60:98:ef:79:3f:8f:06:5e:dc:fc:2f:4a:cd:18:
                    c9:ea:1a:52:20:cf:e4:3a:f7:14:1f:89:29:0d:66:
                    ff:3e:ac:9c:05:34:e2:7c:b8:08:ca:99:80:02:9d:
                    c5:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:11:2F:BE:C9:8D:D9:89:98:E6:5A:0E:14:F9:A1:6F:16:00:47:A1
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-hEvvsmN2YmY5loOFPmhbxYAR6E.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:41:7c:b9:8e:54:50:90:dd:10:61:59:ab:55:8a:4a:86:78:
         40:41:2b:cc:b4:68:6b:89:d4:71:12:a2:1a:e5:a6:d1:4f:a6:
         00:7c:b5:6a:78:a8:e7:3b:0b:c3:ea:fc:b9:98:b5:f4:ba:1b:
         be:b3:fd:5c:3b:92:7e:5a:e7:11:7d:f4:e8:53:36:d1:a5:c3:
         2a:63:e7:4d:ec:e1:58:86:e2:97:7d:97:0c:3d:a8:ff:c3:9b:
         b7:4a:67:c4:f5:95:d9:95:3e:31:27:c3:a6:de:81:1d:e4:19:
         49:ce:74:4f:61:8a:67:c2:67:db:b6:b3:95:df:55:f8:16:71:
         0f:80:4b:06:35:bc:8d:41:8e:1b:a2:a9:f7:5d:2b:13:4d:f9:
         08:d5:28:6e:3d:f2:b0:06:ad:23:d2:9b:be:7e:36:77:95:e6:
         bc:0a:f1:50:d5:c4:8a:2b:8e:3e:77:9d:74:a5:bd:0f:f8:2d:
         0b:93:04:39:5e:28:63:fe:f4:8a:08:9d:90:67:1e:47:de:f4:
         1d:41:93:0a:34:ef:8a:54:5b:f7:78:2d:ea:bb:ec:fa:25:c2:
         28:7c:c1:2c:e4:d3:6b:5e:15:f9:12:52:9a:ea:cf:67:12:6e:
         71:1e:25:39:4d:2b:b6:66:7d:d7:7c:64:7e:a0:a0:4c:5b:3a:
         81:61:26:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0NTBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEZBMTEyRkJFQzk4REQ5
ODk5OEU2NUEwRTE0RjlBMTZGMTYwMDQ3QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcAJQjgfhV7Ae2aNf1Gua1kHvauIlP9WwRw2eZSNvB9oQDM/p3
nRjOgbxoJC1nNnVfqsJ9KCBg6v0Ktx9+A4EIHIZQVw3jqxlu7JFVIvvaIbEPjKdI
+sv5CK82/hfH72OduwDjCwwv2rRkxFbrvwW0UCsOoJnulXzkFLPwPqEecGct0HLB
Z1HDBbwfMi7ORp4KovOo9Yjl+3MvUCTNUvqSrcNiaH9BkAM0XaqRftMIQJ1FMvJH
vjmUIX4w6sc+YiaWTXxEJE4RdfYlefxwGV7u7JZgmO95P48GXtz8L0rNGMnqGlIg
z+Q69xQfiSkNZv8+rJwFNOJ8uAjKmYACncUjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+hEvvsmN2YmY5loOFPmhbxYAR6EwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULy1oRXZ2c21OMlltWTVsb09G
UG1oYnhZQVI2RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
nmAwDQYJKoZIhvcNAQELBQADggEBAFBBfLmOVFCQ3RBhWatVikqGeEBBK8y0aGuJ
1HESohrlptFPpgB8tWp4qOc7C8Pq/LmYtfS6G76z/Vw7kn5a5xF99OhTNtGlwypj
503s4ViG4pd9lww9qP/Dm7dKZ8T1ldmVPjEnw6begR3kGUnOdE9himfCZ9u2s5Xf
VfgWcQ+ASwY1vI1BjhuiqfddKxNN+QjVKG498rAGrSPSm75+NneV5rwK8VDVxIor
jj53nXSlvQ/4LQuTBDleKGP+9IoInZBnHkfe9B1Bkwo074pUW/d4Leq77Polwih8
wSzk02teFfkSUprqz2cSbnEeJTlNK7Zmfdd8ZH6goExbOoFhJuw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org