Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/AGKqb5Ztyk5FhKWhw1IOusx8hvI.roa
File:                     AGKqb5Ztyk5FhKWhw1IOusx8hvI.roa (raw, json)
Hash identifier:          eFLr1LM3nYgoCvwfjTzotYZ3NRGO7yOn9sSBcPtwpAA=
Subject key identifier:   00:62:AA:6F:96:6D:CA:4E:45:84:A5:A1:C3:52:0E:BA:CC:7C:86:F2
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       0F91
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/AGKqb5Ztyk5FhKWhw1IOusx8hvI.roa
Signing time:             Sun 07 Feb 2021 12:34:47 +0000
ROA not before:           Sun 07 Feb 2021 12:34:47 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24163
IP address blocks:        211.76.72.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3985 (0xf91)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Feb  7 12:34:47 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=0062AA6F966DCA4E4584A5A1C3520EBACC7C86F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c6:5d:55:e0:af:ea:1d:58:53:fe:76:6e:06:
                    66:1f:17:a4:b1:65:c5:99:b5:b0:05:52:19:05:d6:
                    3b:06:fa:8d:49:7a:d2:16:41:3a:4b:20:b7:f8:f7:
                    1a:7f:81:1e:d7:92:e4:45:03:cf:cf:3c:82:e5:12:
                    61:06:5e:11:19:86:92:54:64:88:d1:24:8f:55:03:
                    88:b2:fd:bf:b2:ed:64:ea:0c:ef:7e:7a:c4:53:44:
                    36:3d:4c:2e:03:e6:bc:b6:d4:dc:5a:f5:dc:5e:79:
                    91:82:97:37:a9:48:cb:ab:04:76:ee:aa:04:0f:8c:
                    3b:66:06:7f:fc:5b:08:3c:35:e9:2c:b5:2f:46:26:
                    5d:41:77:41:46:39:1a:61:31:14:22:e5:66:19:f2:
                    ee:05:3b:0c:e8:50:93:28:d9:97:58:29:a9:88:7c:
                    14:63:f1:20:f3:0a:cb:9d:8c:cf:d4:eb:65:1c:0e:
                    92:f8:75:9d:df:1e:09:a9:44:2b:86:41:7c:05:aa:
                    c9:c9:70:2b:d5:c8:a7:6b:b2:d1:08:30:64:90:99:
                    68:7c:c4:53:c7:d7:19:df:67:9e:e2:d4:65:1d:16:
                    20:78:5e:58:fe:5f:84:1e:ac:87:ac:34:76:95:4b:
                    85:28:f8:99:61:a6:9b:06:c0:ff:0d:e9:95:c3:64:
                    26:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:62:AA:6F:96:6D:CA:4E:45:84:A5:A1:C3:52:0E:BA:CC:7C:86:F2
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/AGKqb5Ztyk5FhKWhw1IOusx8hvI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.76.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:46:fb:44:fe:6c:cd:e0:4e:da:e7:02:b7:e2:5f:85:93:4e:
         5a:26:4e:5b:7e:36:c6:e6:0a:e8:8d:d4:54:6b:b3:97:72:8e:
         d0:53:83:19:77:50:dc:e5:e8:12:34:d4:09:61:50:26:ae:3f:
         38:c6:96:71:64:dd:0a:0f:ec:07:ab:c3:d1:7b:dd:66:7a:83:
         1b:40:c6:d1:ae:db:3c:67:e8:06:e4:28:03:6c:b1:6c:67:a1:
         e9:02:bc:b5:34:f0:92:e5:ff:ab:86:0c:9e:9b:3d:96:98:d0:
         c9:80:24:49:9e:94:91:e2:70:20:15:3f:64:6e:70:26:ed:0a:
         13:12:e7:46:3b:96:66:cb:fb:b3:dd:c4:98:d6:3b:43:6a:14:
         ea:95:ef:a0:69:01:50:14:37:df:b7:88:a6:06:95:b3:4f:09:
         53:30:cf:d5:34:a3:0a:a8:f6:8f:7a:33:df:6f:f3:81:20:fc:
         1d:d0:0b:dd:66:9c:1d:4a:b4:f8:03:64:e3:d6:fc:ef:6f:c2:
         38:e0:9f:f8:65:84:fe:0a:7a:65:43:01:e3:0f:c7:4b:bb:d7:
         8d:0a:c6:92:ca:06:f3:1e:3e:42:bc:6f:ed:58:37:93:f2:2f:
         d5:71:4f:44:7b:01:99:a0:db:16:0f:af:5e:e1:d3:c3:ee:c8:
         5a:c7:a7:32
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICD5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjM0NDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDAwNjJBQTZGOTY2RENB
NEU0NTg0QTVBMUMzNTIwRUJBQ0M3Qzg2RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcxl1V4K/qHVhT/nZuBmYfF6SxZcWZtbAFUhkF1jsG+o1JetIW
QTpLILf49xp/gR7XkuRFA8/PPILlEmEGXhEZhpJUZIjRJI9VA4iy/b+y7WTqDO9+
esRTRDY9TC4D5ry21Nxa9dxeeZGClzepSMurBHbuqgQPjDtmBn/8Wwg8NekstS9G
Jl1Bd0FGORphMRQi5WYZ8u4FOwzoUJMo2ZdYKamIfBRj8SDzCsudjM/U62UcDpL4
dZ3fHgmpRCuGQXwFqsnJcCvVyKdrstEIMGSQmWh8xFPH1xnfZ57i1GUdFiB4Xlj+
X4QerIesNHaVS4Uo+JlhppsGwP8N6ZXDZCbNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAGKqb5Ztyk5FhKWhw1IOusx8hvIwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0FHS3FiNVp0eWs1RmhLV2h3
MUlPdXN4OGh2SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALT
TEgwDQYJKoZIhvcNAQELBQADggEBAJJG+0T+bM3gTtrnArfiX4WTTlomTlt+Nsbm
CuiN1FRrs5dyjtBTgxl3UNzl6BI01AlhUCauPzjGlnFk3QoP7Aerw9F73WZ6gxtA
xtGu2zxn6AbkKANssWxnoekCvLU08JLl/6uGDJ6bPZaY0MmAJEmelJHicCAVP2Ru
cCbtChMS50Y7lmbL+7PdxJjWO0NqFOqV76BpAVAUN9+3iKYGlbNPCVMwz9U0owqo
9o96M99v84Eg/B3QC91mnB1KtPgDZOPW/O9vwjjgn/hlhP4KemVDAeMPx0u7140K
xpLKBvMePkK8b+1YN5PyL9VxT0R7AZmg2xYPr17h08PuyFrHpzI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:45 2024 by rpki-client on console-ams.rpki-client.org