Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/2b_tfHEhE8j7r9L7lZuI0Zm5IQY.roa
File:                     2b_tfHEhE8j7r9L7lZuI0Zm5IQY.roa (raw, json)
Hash identifier:          VCDtNoLtpd9nBYnIiCxVwXUF7go3SpvjjGs3Y6FFogM=
Subject key identifier:   D9:BF:ED:7C:71:21:13:C8:FB:AF:D2:FB:95:9B:88:D1:99:B9:21:06
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       113F
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/2b_tfHEhE8j7r9L7lZuI0Zm5IQY.roa
Signing time:             Sun 07 Feb 2021 13:14:37 +0000
ROA not before:           Sun 07 Feb 2021 13:14:37 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24165
IP address blocks:        49.158.244.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4415 (0x113f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Feb  7 13:14:37 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=D9BFED7C712113C8FBAFD2FB959B88D199B92106
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:cb:22:43:22:c6:4c:dc:ab:d7:69:77:fa:56:
                    1e:bf:53:da:5d:e0:f7:46:09:64:7e:90:fa:80:2a:
                    e8:85:64:de:2c:fd:61:83:57:56:a0:95:6b:11:ad:
                    c1:f0:89:a3:f5:1a:99:72:de:ee:f7:11:5a:fc:d8:
                    71:44:38:67:63:06:c6:31:95:a2:d0:f5:76:19:3c:
                    ec:a4:68:10:86:41:15:24:f1:9d:ae:9a:53:30:65:
                    93:11:f3:0f:c5:97:ca:c6:38:e0:94:98:9e:3e:94:
                    62:ff:4e:91:ce:b0:78:dc:6a:bd:0e:55:fc:bf:81:
                    48:c5:bc:23:c3:ef:31:3c:02:cb:62:62:ab:19:27:
                    4e:a4:3e:96:53:5f:aa:23:8a:52:57:da:ef:f0:7f:
                    be:66:00:e9:25:d6:ef:3f:c9:0b:5b:b6:8f:02:8d:
                    8e:60:34:8c:ab:17:7f:2d:5b:9f:f1:80:0e:9a:60:
                    ce:df:f6:4a:0f:07:56:50:eb:68:33:e0:15:d8:c1:
                    7e:00:96:ba:9d:e2:84:19:d1:aa:c9:8a:98:0a:c8:
                    95:aa:bb:6d:ce:84:fa:fc:28:34:d3:d3:60:43:0b:
                    39:13:86:00:1d:7d:0c:e2:0d:eb:d1:fa:2c:de:07:
                    4e:c8:98:2d:69:b1:ac:32:66:56:14:d8:a7:1e:17:
                    a0:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:BF:ED:7C:71:21:13:C8:FB:AF:D2:FB:95:9B:88:D1:99:B9:21:06
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/2b_tfHEhE8j7r9L7lZuI0Zm5IQY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:71:27:c4:a0:db:12:37:45:a0:7a:a1:b0:6b:3c:c6:11:b5:
         99:c1:f0:bc:2a:97:e0:02:d6:c8:b1:1b:6d:a7:57:71:c2:97:
         43:34:91:d7:6a:a1:70:f7:61:57:03:83:67:47:86:7c:e6:8c:
         72:ab:53:27:0c:46:14:f2:4b:62:d6:af:8b:9d:98:f8:41:59:
         9d:76:c0:2c:35:f8:d4:e1:9c:ab:10:13:74:1c:e7:30:15:60:
         4b:c0:04:1b:93:55:ed:ba:56:7f:4b:39:77:ec:ca:6e:52:15:
         3f:43:51:96:42:83:ca:52:d4:3d:72:69:d2:1e:4b:50:b4:34:
         88:54:80:eb:28:db:ff:7e:b1:c7:a6:24:2a:f1:51:e6:dd:8e:
         59:00:e1:48:de:d2:29:1b:d4:a6:bb:72:72:62:ae:bc:37:a0:
         ce:4f:26:d4:24:57:7a:9c:1a:41:41:fb:79:2a:55:10:e9:38:
         8d:ff:5a:fb:d8:18:38:e5:93:36:96:b1:d0:2c:65:f1:c9:4f:
         3b:c0:d7:98:05:81:e6:d6:a2:7a:09:0e:7b:ae:fb:75:70:ca:
         b1:af:02:4f:95:f6:90:25:e8:22:c5:b8:fc:10:53:af:fe:b1:
         d4:4c:9b:d1:4d:0a:5b:06:fb:84:d6:13:de:57:d5:05:73:8b:
         d4:d0:2e:9f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICET8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MzE0MzdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ5QkZFRDdDNzEyMTEz
QzhGQkFGRDJGQjk1OUI4OEQxOTlCOTIxMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5yyJDIsZM3KvXaXf6Vh6/U9pd4PdGCWR+kPqAKuiFZN4s/WGD
V1aglWsRrcHwiaP1Gply3u73EVr82HFEOGdjBsYxlaLQ9XYZPOykaBCGQRUk8Z2u
mlMwZZMR8w/Fl8rGOOCUmJ4+lGL/TpHOsHjcar0OVfy/gUjFvCPD7zE8AstiYqsZ
J06kPpZTX6ojilJX2u/wf75mAOkl1u8/yQtbto8CjY5gNIyrF38tW5/xgA6aYM7f
9koPB1ZQ62gz4BXYwX4Alrqd4oQZ0arJipgKyJWqu23OhPr8KDTT02BDCzkThgAd
fQziDevR+izeB07ImC1psawyZlYU2KceF6ChAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2b/tfHEhE8j7r9L7lZuI0Zm5IQYwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULzJiX3RmSEVoRThqN3I5TDds
WnVJMFptNUlRWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
nvQwDQYJKoZIhvcNAQELBQADggEBAJJxJ8Sg2xI3RaB6obBrPMYRtZnB8Lwql+AC
1sixG22nV3HCl0M0kddqoXD3YVcDg2dHhnzmjHKrUycMRhTyS2LWr4udmPhBWZ12
wCw1+NThnKsQE3Qc5zAVYEvABBuTVe26Vn9LOXfsym5SFT9DUZZCg8pS1D1yadIe
S1C0NIhUgOso2/9+scemJCrxUebdjlkA4Uje0ikb1Ka7cnJirrw3oM5PJtQkV3qc
GkFB+3kqVRDpOI3/WvvYGDjlkzaWsdAsZfHJTzvA15gFgebWonoJDnuu+3VwyrGv
Ak+V9pAl6CLFuPwQU6/+sdRMm9FNClsG+4TWE95X1QVzi9TQLp8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org