Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/9ktN69JmZqXUJL8Q5X6m7ZcHLnw.roa
File:                     9ktN69JmZqXUJL8Q5X6m7ZcHLnw.roa (raw, json)
Hash identifier:          fBYH0DJm3Ro8XSP7k6DEUpzt3wAMIRXWZCzOGgGeQ6k=
Subject key identifier:   F6:4B:4D:EB:D2:66:66:A5:D4:24:BF:10:E5:7E:A6:ED:97:07:2E:7C
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       0FE1
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/9ktN69JmZqXUJL8Q5X6m7ZcHLnw.roa
Signing time:             Sun 07 Feb 2021 12:36:29 +0000
ROA not before:           Sun 07 Feb 2021 12:36:29 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        49.159.120.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4065 (0xfe1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Feb  7 12:36:29 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=F64B4DEBD26666A5D424BF10E57EA6ED97072E7C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:03:d4:49:08:52:7f:5a:cb:d8:c8:6d:87:90:
                    3a:db:d8:41:85:b6:a5:cf:75:89:70:0e:32:b4:ad:
                    69:1a:d3:c5:83:bd:07:75:81:70:79:fe:61:10:6b:
                    a9:52:0f:4d:4d:81:a9:5c:81:ba:63:ab:33:7b:14:
                    37:08:d2:96:05:55:8f:1c:ad:9c:5e:e5:2b:bf:3c:
                    40:d2:64:dc:dd:8d:a6:ae:b5:0f:29:b4:19:d1:2b:
                    52:70:e1:c1:51:07:d2:77:8a:ed:69:fe:a0:59:02:
                    21:b8:ef:42:4b:fa:2d:9e:08:98:57:93:e9:f8:8f:
                    5f:2d:80:eb:d0:3d:a4:c1:4b:0d:d6:9f:f2:d5:fe:
                    2e:9a:3c:b0:e6:39:d9:5c:3a:f2:b7:96:f1:8d:7f:
                    5e:0c:15:36:d9:9e:87:de:e4:a9:ba:29:43:7b:73:
                    4e:b2:58:ed:be:b8:74:b3:95:a2:96:9e:5b:a0:9c:
                    3f:fe:8c:ff:89:26:93:ee:d6:1d:21:82:92:11:32:
                    7e:7f:20:8d:2f:e2:8f:c8:7a:cd:95:98:2b:88:0f:
                    62:fc:08:f1:ac:a5:d3:db:9d:c2:46:82:97:2f:f4:
                    6d:a9:57:26:5a:27:db:5b:a4:9d:8a:f0:93:21:30:
                    c2:fb:62:1b:49:00:6b:a6:7e:96:d9:16:56:b4:f2:
                    91:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:4B:4D:EB:D2:66:66:A5:D4:24:BF:10:E5:7E:A6:ED:97:07:2E:7C
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/9ktN69JmZqXUJL8Q5X6m7ZcHLnw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.159.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1c:40:9f:dc:5d:50:a9:e1:ed:6a:1b:cf:19:82:64:3d:43:90:
         87:9e:a7:b7:7e:dd:52:b1:14:d2:6a:73:be:40:4d:dc:75:0a:
         5e:ab:18:5c:77:ed:8c:d4:f2:a7:5e:90:e4:3e:f5:ab:8b:e6:
         fe:91:25:20:3a:12:2f:51:16:cd:cf:fd:d5:cd:b3:4b:35:88:
         16:07:c5:5e:44:a9:73:bc:d9:e7:44:cd:2d:a6:13:24:25:18:
         ef:1e:ce:e8:d6:0a:8b:10:f5:11:6c:cf:52:45:b4:3a:8f:3a:
         a7:d8:90:ca:17:9f:25:70:24:4d:0e:ac:5c:84:bb:39:e0:e8:
         d6:c5:b9:2e:5b:4e:b8:64:fb:2d:83:db:f7:c5:85:aa:62:93:
         a4:58:3e:47:07:f4:67:7e:df:29:a1:06:56:86:43:0b:b7:ba:
         0f:30:55:cd:a0:46:ab:d4:e3:e3:90:69:24:70:0a:76:2c:62:
         25:a7:51:6c:88:e7:15:00:b8:55:c0:bd:0e:d3:27:52:ca:6c:
         fe:1f:72:3a:1b:8d:c7:aa:fc:c6:c5:59:44:20:07:fd:b0:ec:
         af:e1:e7:04:82:b8:ec:28:30:8d:49:29:12:30:28:73:ad:ec:
         b2:bc:ea:bf:ba:8e:14:a0:13:71:11:4c:7b:5f:da:13:bc:06:
         db:96:a8:91
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICD+EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjM2MjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY2NEI0REVCRDI2NjY2
QTVENDI0QkYxMEU1N0VBNkVEOTcwNzJFN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+A9RJCFJ/WsvYyG2HkDrb2EGFtqXPdYlwDjK0rWka08WDvQd1
gXB5/mEQa6lSD01NgalcgbpjqzN7FDcI0pYFVY8crZxe5Su/PEDSZNzdjaautQ8p
tBnRK1Jw4cFRB9J3iu1p/qBZAiG470JL+i2eCJhXk+n4j18tgOvQPaTBSw3Wn/LV
/i6aPLDmOdlcOvK3lvGNf14MFTbZnofe5Km6KUN7c06yWO2+uHSzlaKWnlugnD/+
jP+JJpPu1h0hgpIRMn5/II0v4o/Ies2VmCuID2L8CPGspdPbncJGgpcv9G2pVyZa
J9tbpJ2K8JMhMML7YhtJAGumfpbZFla08pHRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9ktN69JmZqXUJL8Q5X6m7ZcHLnwwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULzlrdE42OUptWnFYVUpMOFE1
WDZtN1pjSExudy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n3gwDQYJKoZIhvcNAQELBQADggEBABxAn9xdUKnh7WobzxmCZD1DkIeep7d+3VKx
FNJqc75ATdx1Cl6rGFx37YzU8qdekOQ+9auL5v6RJSA6Ei9RFs3P/dXNs0s1iBYH
xV5EqXO82edEzS2mEyQlGO8ezujWCosQ9RFsz1JFtDqPOqfYkMoXnyVwJE0OrFyE
uzng6NbFuS5bTrhk+y2D2/fFhapik6RYPkcH9Gd+3ymhBlaGQwu3ug8wVc2gRqvU
4+OQaSRwCnYsYiWnUWyI5xUAuFXAvQ7TJ1LKbP4fcjobjceq/MbFWUQgB/2w7K/h
5wSCuOwoMI1JKRIwKHOt7LK86r+6jhSgE3ERTHtf2hO8BtuWqJE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:02 2024 by rpki-client on console-fra.rpki-client.org