Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/BZb3lJC4XZSjRi5_NEZfZWbds6c.roa
File:                     BZb3lJC4XZSjRi5_NEZfZWbds6c.roa (raw, json)
Hash identifier:          Ktenkl28voc/Wv6bNpeO4wyFHoyE99AA4aD0qchYSi4=
Subject key identifier:   05:96:F7:94:90:B8:5D:94:A3:46:2E:7F:34:46:5F:65:66:DD:B3:A7
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       140F
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/BZb3lJC4XZSjRi5_NEZfZWbds6c.roa
Signing time:             Fri 29 Apr 2022 10:22:06 +0000
ROA not before:           Fri 29 Apr 2022 10:22:06 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        49.158.56.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5135 (0x140f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Apr 29 10:22:06 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=0596F79490B85D94A3462E7F34465F6566DDB3A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:71:58:0e:c9:b5:1d:18:9a:52:4d:57:53:08:
                    6a:31:73:72:9a:64:8a:41:99:c2:e8:13:a6:29:01:
                    e2:7d:44:d3:32:d7:03:4c:3f:ae:a4:22:29:3e:44:
                    d8:ed:00:18:4c:6e:e8:d4:67:d3:66:9e:c4:46:93:
                    5a:ca:6d:51:1e:0f:4b:ea:a1:7a:83:af:d8:ca:1b:
                    e3:a3:85:28:08:d2:f8:18:a2:75:e2:44:fc:2a:9a:
                    48:03:84:5d:bc:b0:7a:aa:77:bc:75:1f:66:d0:d9:
                    07:e8:5d:44:0f:1e:2f:df:0d:b1:d5:c1:d8:88:41:
                    48:a9:22:a8:4a:44:84:df:d7:2e:e2:db:9a:1b:02:
                    89:3c:cd:e9:1a:34:bc:01:34:71:d8:6b:05:55:41:
                    2e:df:c9:ef:cd:94:d0:5a:26:b7:bc:2d:70:e4:87:
                    bb:66:71:cb:52:07:b4:03:6d:e5:44:e5:f7:20:0c:
                    bb:c6:d4:a5:9d:6d:f0:7a:11:3f:83:7f:da:f9:30:
                    8e:ad:ed:48:ea:bf:e3:e5:f2:0c:e1:06:54:c1:91:
                    4d:c8:e2:c2:f9:f9:60:c9:fa:f8:38:75:da:02:45:
                    4e:ad:f2:12:d8:8f:9a:20:f1:bb:c0:4d:1a:9a:d1:
                    2f:e4:79:7f:4d:6b:27:4a:90:b2:92:a1:79:eb:c5:
                    2f:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:96:F7:94:90:B8:5D:94:A3:46:2E:7F:34:46:5F:65:66:DD:B3:A7
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/BZb3lJC4XZSjRi5_NEZfZWbds6c.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2e:cf:15:b7:6c:7b:62:3e:0f:75:3e:34:0c:c1:56:7f:cc:e1:
         7a:04:3a:77:0b:bc:93:c0:61:2c:03:40:c7:38:53:62:c9:d4:
         90:a4:e7:56:9d:38:b9:32:37:1e:80:c6:10:2c:36:b4:31:e2:
         55:a7:c9:68:60:87:cd:51:d0:a9:76:17:cc:d6:45:9a:db:0e:
         e9:77:40:4d:78:23:40:78:2d:f5:9e:2b:4d:be:31:20:26:09:
         11:df:f2:d5:22:d6:b4:a1:df:54:67:e0:0d:bd:10:b6:9d:03:
         e6:39:6e:a8:22:7f:de:ef:e5:8c:a8:6e:1e:89:c6:01:4e:60:
         cd:3a:c3:e4:e9:a1:e1:bc:6b:2d:d5:85:40:01:8b:6c:47:e0:
         a6:fb:6a:0f:e0:2d:f3:ea:91:40:32:9d:d6:ff:15:8e:61:59:
         ce:53:2e:b6:20:cc:cb:d7:df:15:06:49:44:d9:64:75:fa:f0:
         04:3f:84:71:d2:84:b2:60:e7:93:90:01:00:24:a8:05:6a:0c:
         65:af:d2:68:c3:4b:b5:d9:ca:cb:e3:00:28:54:aa:b2:c1:30:
         2d:31:0c:ab:29:c1:58:9c:64:fa:84:22:fe:54:f3:e9:90:03:
         df:f7:3b:84:60:ea:3b:9c:fc:60:e7:0f:15:9c:56:6b:2c:7b:
         39:bb:e4:0f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFA8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA0Mjkx
MDIyMDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA1OTZGNzk0OTBCODVE
OTRBMzQ2MkU3RjM0NDY1RjY1NjZEREIzQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDicVgOybUdGJpSTVdTCGoxc3KaZIpBmcLoE6YpAeJ9RNMy1wNM
P66kIik+RNjtABhMbujUZ9NmnsRGk1rKbVEeD0vqoXqDr9jKG+OjhSgI0vgYonXi
RPwqmkgDhF28sHqqd7x1H2bQ2QfoXUQPHi/fDbHVwdiIQUipIqhKRITf1y7i25ob
Aok8zekaNLwBNHHYawVVQS7fye/NlNBaJre8LXDkh7tmcctSB7QDbeVE5fcgDLvG
1KWdbfB6ET+Df9r5MI6t7Ujqv+Pl8gzhBlTBkU3I4sL5+WDJ+vg4ddoCRU6t8hLY
j5og8bvATRqa0S/keX9NaydKkLKSoXnrxS+JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBZb3lJC4XZSjRi5/NEZfZWbds6cwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0JaYjNsSkM0WFpTalJpNV9O
RVpmWldiZHM2Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
njgwDQYJKoZIhvcNAQELBQADggEBAC7PFbdse2I+D3U+NAzBVn/M4XoEOncLvJPA
YSwDQMc4U2LJ1JCk51adOLkyNx6AxhAsNrQx4lWnyWhgh81R0Kl2F8zWRZrbDul3
QE14I0B4LfWeK02+MSAmCRHf8tUi1rSh31Rn4A29ELadA+Y5bqgif97v5Yyobh6J
xgFOYM06w+TpoeG8ay3VhUABi2xH4Kb7ag/gLfPqkUAyndb/FY5hWc5TLrYgzMvX
3xUGSUTZZHX68AQ/hHHShLJg55OQAQAkqAVqDGWv0mjDS7XZysvjAChUqrLBMC0x
DKspwVicZPqEIv5U8+mQA9/3O4Rg6juc/GDnDxWcVmssezm75A8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:02 2024 by rpki-client on console-fra.rpki-client.org