Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-oqKxPL3fz9l6VtcepX3CVvPD4E.roa
File:                     -oqKxPL3fz9l6VtcepX3CVvPD4E.roa (raw, json)
Hash identifier:          aRYuMbPMM/c9GC3k/r3JVzP87D+V4AfLkbi8RXxkZyc=
Subject key identifier:   FA:8A:8A:C4:F2:F7:7F:3F:65:E9:5B:5C:7A:95:F7:09:5B:CF:0F:81
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       12C6
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-oqKxPL3fz9l6VtcepX3CVvPD4E.roa
Signing time:             Wed 29 Sep 2021 02:54:58 +0000
ROA not before:           Wed 29 Sep 2021 02:54:58 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24163
IP address blocks:        49.159.88.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4806 (0x12c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:54:58 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=FA8A8AC4F2F77F3F65E95B5C7A95F7095BCF0F81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:84:52:4b:bf:ed:ca:13:fd:ac:ef:01:fb:d2:
                    3f:48:64:bc:da:08:dd:0a:a5:43:ff:49:7b:99:51:
                    2e:fd:24:7e:1d:a9:ea:df:b3:0c:1b:9f:ad:aa:fa:
                    73:28:fd:14:91:e0:fe:ad:e3:53:f6:4b:27:b0:6b:
                    8c:c1:c5:26:1e:f3:52:eb:cf:8a:d3:ac:9d:bf:6c:
                    ef:3b:1b:e9:48:c3:33:9d:e3:1b:33:51:d1:c4:7f:
                    7b:db:29:8d:fa:f0:89:78:f8:f1:cc:1f:47:39:3a:
                    bc:0a:5a:0d:62:dd:c2:0a:b8:d9:9e:d0:36:fc:22:
                    0c:1c:b3:24:c7:19:31:5c:a0:90:ae:d7:68:07:3b:
                    ae:1c:8e:34:ff:8e:d4:9f:22:9a:cb:ca:b5:ac:83:
                    e2:a3:be:84:f6:31:43:2f:6b:50:6c:2d:6b:1f:fd:
                    01:84:63:9e:fd:a8:55:aa:80:fe:a7:41:14:1c:55:
                    8d:c8:ed:8e:69:e0:97:38:5d:9d:e9:4b:d2:94:93:
                    e0:6a:12:18:e4:c3:de:c6:2a:30:56:51:58:e4:4c:
                    3d:72:06:4f:01:51:c2:1d:ed:53:12:b1:28:e3:0a:
                    7b:53:e9:89:42:81:21:60:d2:f4:83:be:97:5f:63:
                    e2:b6:68:56:f5:11:01:39:b2:e9:c0:2b:7f:2a:ee:
                    c1:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:8A:8A:C4:F2:F7:7F:3F:65:E9:5B:5C:7A:95:F7:09:5B:CF:0F:81
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/-oqKxPL3fz9l6VtcepX3CVvPD4E.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.159.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1f:fc:c1:91:33:ea:79:1b:d2:91:a3:d6:f7:72:b2:b1:70:a5:
         6b:4b:44:46:63:86:c2:44:59:06:c0:91:67:a9:1d:9f:11:e1:
         04:80:4c:19:5a:5f:db:45:9c:c2:f7:e9:1e:ff:48:fb:d0:84:
         a1:85:2c:c9:85:8f:d9:03:35:56:86:e7:1b:01:3d:8e:80:49:
         20:a6:ce:95:c0:d0:a4:45:83:7e:be:de:1d:c7:fb:80:aa:5b:
         ea:2a:11:4b:6a:8b:20:08:2b:de:dd:8a:d0:80:b8:53:18:89:
         4a:96:45:8e:fd:5a:bf:9c:ac:d9:45:54:f6:51:20:7a:89:dc:
         5b:bb:4e:fa:b8:fc:a1:58:2c:4f:8e:c2:9c:9c:3b:b0:f0:03:
         93:25:d0:c1:8c:8f:c3:1b:1e:79:2a:2b:a7:73:8c:a8:70:d1:
         d2:fc:bf:9e:33:93:bc:8e:86:d4:ca:6e:37:77:59:f7:f9:ce:
         ba:46:92:15:6f:76:e2:8e:48:20:0a:27:7f:a9:fa:2b:6a:e1:
         bd:93:22:2c:dd:89:68:ed:e2:9d:98:7b:04:8b:73:f9:9e:13:
         8e:2a:b7:46:b2:6b:1d:3a:b1:71:96:30:7f:27:09:af:67:49:
         ac:a2:16:8c:0e:05:b6:92:e9:7e:2f:e7:fe:79:92:e5:5d:13:
         41:ac:8b:05
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0NThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEZBOEE4QUM0RjJGNzdG
M0Y2NUU5NUI1QzdBOTVGNzA5NUJDRjBGODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbhFJLv+3KE/2s7wH70j9IZLzaCN0KpUP/SXuZUS79JH4dqerf
swwbn62q+nMo/RSR4P6t41P2Syewa4zBxSYe81Lrz4rTrJ2/bO87G+lIwzOd4xsz
UdHEf3vbKY368Il4+PHMH0c5OrwKWg1i3cIKuNme0Db8IgwcsyTHGTFcoJCu12gH
O64cjjT/jtSfIprLyrWsg+KjvoT2MUMva1BsLWsf/QGEY579qFWqgP6nQRQcVY3I
7Y5p4Jc4XZ3pS9KUk+BqEhjkw97GKjBWUVjkTD1yBk8BUcId7VMSsSjjCntT6YlC
gSFg0vSDvpdfY+K2aFb1EQE5sunAK38q7sFrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+oqKxPL3fz9l6VtcepX3CVvPD4EwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULy1vcUt4UEwzZno5bDZWdGNl
cFgzQ1Z2UEQ0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n1gwDQYJKoZIhvcNAQELBQADggEBAB/8wZEz6nkb0pGj1vdysrFwpWtLREZjhsJE
WQbAkWepHZ8R4QSATBlaX9tFnML36R7/SPvQhKGFLMmFj9kDNVaG5xsBPY6ASSCm
zpXA0KRFg36+3h3H+4CqW+oqEUtqiyAIK97ditCAuFMYiUqWRY79Wr+crNlFVPZR
IHqJ3Fu7Tvq4/KFYLE+OwpycO7DwA5Ml0MGMj8MbHnkqK6dzjKhw0dL8v54zk7yO
htTKbjd3Wff5zrpGkhVvduKOSCAKJ3+p+itq4b2TIizdiWjt4p2YewSLc/meE44q
t0ayax06sXGWMH8nCa9nSayiFowOBbaS6X4v5/55kuVdE0GsiwU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org