Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-mfcnh25qLrvGvnOZmmF_w5PcV0.roa
File:                     -mfcnh25qLrvGvnOZmmF_w5PcV0.roa (raw, json)
Hash identifier:          bMbWc1Gy1mwCjSsqVZfztQTbRf3sNy8LDfiWq6+190M=
Subject key identifier:   FA:67:DC:9E:1D:B9:A8:BA:EF:1A:F9:CE:66:69:85:FF:0E:4F:71:5D
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       14FE
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-mfcnh25qLrvGvnOZmmF_w5PcV0.roa
Signing time:             Thu 15 Sep 2022 02:35:19 +0000
ROA not before:           Thu 15 Sep 2022 02:35:19 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        49.158.136.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5374 (0x14fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 15 02:35:19 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=FA67DC9E1DB9A8BAEF1AF9CE666985FF0E4F715D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:87:52:4a:d1:02:d9:82:ea:dd:59:64:49:b3:
                    1d:08:01:bf:ea:ab:8a:76:42:76:f0:f2:a8:2b:7f:
                    51:1c:98:cd:19:c9:61:0e:21:85:28:af:1a:0b:3a:
                    c9:2d:09:02:d3:2d:b6:2d:4d:db:b2:d7:9c:72:e3:
                    44:1d:c8:7f:85:23:83:63:ac:8c:c5:8e:2c:c4:22:
                    d7:6a:79:b0:bb:b4:65:b3:4b:a2:1a:23:62:eb:17:
                    b7:37:08:ba:18:5d:9b:a7:3c:5d:e6:85:8b:b1:e4:
                    a2:0c:87:08:c4:f6:8d:1d:72:c1:80:df:86:9d:63:
                    17:02:f1:65:cd:b7:c5:27:f5:30:d9:83:53:61:7c:
                    cc:a6:4c:34:03:fc:9d:30:04:fa:8f:66:ae:2b:c0:
                    92:94:fa:2d:06:96:8f:5d:42:9c:44:cb:88:d9:d1:
                    c7:e1:97:c9:92:ea:fd:39:66:ca:40:e4:04:92:fa:
                    a6:ea:a0:76:5e:b5:67:24:40:c7:39:cf:86:89:7e:
                    33:d8:6b:3e:1a:29:28:90:76:46:0d:1d:81:a7:8a:
                    93:1f:cd:72:32:27:ca:95:4e:a1:54:54:5e:30:23:
                    99:01:56:89:fa:98:7f:d3:8e:a8:3a:ef:c1:0e:e8:
                    f3:4f:b9:3e:6d:0e:e7:c7:75:94:d4:ac:22:ce:b3:
                    fc:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:67:DC:9E:1D:B9:A8:BA:EF:1A:F9:CE:66:69:85:FF:0E:4F:71:5D
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-mfcnh25qLrvGvnOZmmF_w5PcV0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:13:c9:26:06:4e:87:fe:22:16:88:a7:33:25:11:72:a0:87:
         18:9e:3f:f2:8f:6c:04:11:30:72:5b:33:d7:74:ef:3a:9f:43:
         3e:6f:61:c0:0c:10:5b:2c:95:c8:5c:ee:f6:ac:05:ee:2e:cd:
         67:39:93:35:81:4e:b6:a4:fb:e3:d6:0f:fe:59:72:ae:b1:cc:
         ab:1b:8b:80:8a:76:1b:84:aa:73:f7:87:63:58:dc:0c:0c:88:
         c8:77:c4:68:7c:af:f6:e8:4b:5e:73:72:13:45:fb:80:83:02:
         ef:c3:68:b8:41:5d:06:0c:76:d0:a6:9a:4d:83:d6:f4:6c:bc:
         4b:6e:bc:c7:13:9b:74:89:39:d5:88:b6:9c:ed:32:90:a1:be:
         12:45:a5:08:ba:54:50:e2:d1:87:f8:e3:f8:6c:f5:9b:94:ec:
         c6:6b:2b:17:39:12:6c:3a:f3:49:67:49:35:7a:fe:d6:ac:a2:
         b6:8f:19:2a:91:99:6e:15:a4:9b:2c:fb:6d:1f:19:56:db:b7:
         30:c9:b2:7a:35:1a:5c:cc:bb:03:7a:20:da:66:83:8d:bf:61:
         e5:bf:80:a3:e3:d4:66:ac:0a:2c:dd:07:bd:84:b4:aa:91:a7:
         1d:60:9d:89:ae:36:82:0c:aa:d7:6b:39:66:d5:88:55:d1:a7:
         22:98:d0:68
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA5MTUw
MjM1MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZBNjdEQzlFMURCOUE4
QkFFRjFBRjlDRTY2Njk4NUZGMEU0RjcxNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyh1JK0QLZgurdWWRJsx0IAb/qq4p2Qnbw8qgrf1EcmM0ZyWEO
IYUorxoLOsktCQLTLbYtTduy15xy40QdyH+FI4NjrIzFjizEItdqebC7tGWzS6Ia
I2LrF7c3CLoYXZunPF3mhYux5KIMhwjE9o0dcsGA34adYxcC8WXNt8Un9TDZg1Nh
fMymTDQD/J0wBPqPZq4rwJKU+i0Glo9dQpxEy4jZ0cfhl8mS6v05ZspA5ASS+qbq
oHZetWckQMc5z4aJfjPYaz4aKSiQdkYNHYGnipMfzXIyJ8qVTqFUVF4wI5kBVon6
mH/Tjqg678EO6PNPuT5tDufHdZTUrCLOs/xXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+mfcnh25qLrvGvnOZmmF/w5PcV0wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULy1tZmNuaDI1cUxydkd2bk9a
bW1GX3c1UGNWMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAx
nogwDQYJKoZIhvcNAQELBQADggEBAG0TySYGTof+IhaIpzMlEXKghxieP/KPbAQR
MHJbM9d07zqfQz5vYcAMEFsslchc7vasBe4uzWc5kzWBTrak++PWD/5Zcq6xzKsb
i4CKdhuEqnP3h2NY3AwMiMh3xGh8r/boS15zchNF+4CDAu/DaLhBXQYMdtCmmk2D
1vRsvEtuvMcTm3SJOdWItpztMpChvhJFpQi6VFDi0Yf44/hs9ZuU7MZrKxc5Emw6
80lnSTV6/tasoraPGSqRmW4VpJss+20fGVbbtzDJsno1GlzMuwN6INpmg42/YeW/
gKPj1GasCizdB72EtKqRpx1gnYmuNoIMqtdrOWbViFXRpyKY0Gg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org