Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/4JwmZUn7v6KAk9LlCPn3nOJSiy4.roa
File:                     4JwmZUn7v6KAk9LlCPn3nOJSiy4.roa (raw, json)
Hash identifier:          bVhf9pXsoivoUgIAO6mVpj7CdNJ1gO8JfVZ7yD4FRhE=
Subject key identifier:   E0:9C:26:65:49:FB:BF:A2:80:93:D2:E5:08:F9:F7:9C:E2:52:8B:2E
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       0EF9
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/4JwmZUn7v6KAk9LlCPn3nOJSiy4.roa
Signing time:             Sun 07 Feb 2021 12:31:00 +0000
ROA not before:           Sun 07 Feb 2021 12:31:00 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        49.158.48.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3833 (0xef9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Feb  7 12:31:00 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E09C266549FBBFA28093D2E508F9F79CE2528B2E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ca:56:84:8a:02:4a:56:7d:f0:83:bb:bb:76:
                    b7:5e:30:58:2c:76:b6:db:86:a8:4b:53:52:93:b1:
                    35:6c:65:20:d0:09:c2:2f:bb:6f:d4:66:5f:ec:aa:
                    ea:58:73:c5:6c:fc:f7:cb:a7:93:68:cc:57:80:3a:
                    a5:17:ba:7e:8c:7a:46:4a:de:52:5b:de:28:5a:05:
                    09:5a:99:38:cd:1c:2d:06:05:14:43:1d:b7:55:77:
                    3c:12:ea:a3:7d:f0:20:13:66:da:c0:f2:59:9d:dc:
                    32:5d:e1:2c:c6:29:4a:aa:ae:3e:b8:76:fa:70:01:
                    57:98:e4:c9:91:95:ce:e2:56:99:7d:de:4e:59:2f:
                    44:e0:0c:45:e1:c9:66:2d:63:9a:6b:97:07:4d:c8:
                    36:38:ad:65:32:33:af:8e:85:f4:e5:6c:c6:68:e5:
                    11:66:fa:c2:3e:d6:85:b5:bb:e6:9b:67:a5:47:40:
                    20:86:01:35:e0:b7:74:43:4d:b9:8c:53:6d:f7:58:
                    b3:24:d7:12:1b:84:bf:35:5f:fb:a7:06:bb:0e:38:
                    e7:2c:75:b5:d8:9e:5e:8c:1b:4a:32:b6:ae:e8:b8:
                    bb:e1:07:d8:3a:f3:34:9b:2e:fc:d6:a7:35:b0:42:
                    b7:08:5d:fa:65:0f:ff:92:0e:bd:a5:79:17:1b:6f:
                    4b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:9C:26:65:49:FB:BF:A2:80:93:D2:E5:08:F9:F7:9C:E2:52:8B:2E
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/4JwmZUn7v6KAk9LlCPn3nOJSiy4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         59:20:b2:fe:98:dc:12:e4:aa:60:c6:0a:cb:53:73:64:d9:cd:
         1f:64:ca:5b:0f:f4:8d:73:28:63:b6:78:ca:3a:61:de:89:1f:
         ee:48:5b:a7:50:2b:d8:00:40:a1:dc:bb:91:67:7e:23:5a:40:
         16:a0:f8:66:b8:f2:48:91:5d:fd:a2:f4:fc:d4:e0:bf:1a:36:
         48:92:c9:80:e4:6a:3a:5b:94:6f:99:1d:f6:4a:31:3f:14:01:
         b1:da:52:05:45:c3:51:b7:b4:bb:4c:f9:cd:e2:43:36:27:b0:
         3c:c2:7b:17:3d:c2:39:53:47:93:a5:3b:a4:de:a2:92:a0:f9:
         82:c1:fb:7d:68:16:3a:7d:6e:fc:b4:64:1a:f8:e0:1b:a4:3a:
         b8:45:3e:26:6c:bb:a3:48:a8:6f:51:96:db:ae:e8:08:b6:8a:
         2a:a1:54:d2:bf:77:c3:22:4f:99:08:77:dc:d0:cb:bf:00:eb:
         7f:fd:af:22:ad:2e:26:50:1f:d3:8d:e0:c4:91:9a:66:9b:60:
         fc:d3:f6:59:33:94:08:d6:5c:a7:7e:4a:4f:1e:9a:cb:03:d7:
         44:61:70:f9:31:01:2b:d2:7b:eb:07:96:c7:e3:6b:b2:b7:3b:
         e5:2f:52:8c:72:9b:d1:18:74:3d:de:dd:9c:71:2d:66:42:10:
         58:30:b2:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDvkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjMxMDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEUwOUMyNjY1NDlGQkJG
QTI4MDkzRDJFNTA4RjlGNzlDRTI1MjhCMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1ylaEigJKVn3wg7u7drdeMFgsdrbbhqhLU1KTsTVsZSDQCcIv
u2/UZl/squpYc8Vs/PfLp5NozFeAOqUXun6MekZK3lJb3ihaBQlamTjNHC0GBRRD
HbdVdzwS6qN98CATZtrA8lmd3DJd4SzGKUqqrj64dvpwAVeY5MmRlc7iVpl93k5Z
L0TgDEXhyWYtY5prlwdNyDY4rWUyM6+OhfTlbMZo5RFm+sI+1oW1u+abZ6VHQCCG
ATXgt3RDTbmMU233WLMk1xIbhL81X/unBrsOOOcsdbXYnl6MG0oytq7ouLvhB9g6
8zSbLvzWpzWwQrcIXfplD/+SDr2leRcbb0uFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4JwmZUn7v6KAk9LlCPn3nOJSiy4wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULzRKd21aVW43djZLQWs5TGxD
UG4zbk9KU2l5NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQx
njAwDQYJKoZIhvcNAQELBQADggEBAFkgsv6Y3BLkqmDGCstTc2TZzR9kylsP9I1z
KGO2eMo6Yd6JH+5IW6dQK9gAQKHcu5FnfiNaQBag+Ga48kiRXf2i9PzU4L8aNkiS
yYDkajpblG+ZHfZKMT8UAbHaUgVFw1G3tLtM+c3iQzYnsDzCexc9wjlTR5OlO6Te
opKg+YLB+31oFjp9bvy0ZBr44BukOrhFPiZsu6NIqG9Rltuu6Ai2iiqhVNK/d8Mi
T5kId9zQy78A63/9ryKtLiZQH9ON4MSRmmabYPzT9lkzlAjWXKd+Sk8emssD10Rh
cPkxASvSe+sHlsfja7K3O+UvUoxym9EYdD3e3ZxxLWZCEFgwsuw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org