Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEx7MazsqNVGcW6KXHp52rAVAHs.roa
File:                     CEx7MazsqNVGcW6KXHp52rAVAHs.roa (raw, json)
Hash identifier:          sAcfKSRdsjrC2C7Eeoba82/F1sZhhXs+HTKwP3/6zxg=
Subject key identifier:   08:4C:7B:31:AC:EC:A8:D5:46:71:6E:8A:5C:7A:79:DA:B0:15:00:7B
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       127D
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEx7MazsqNVGcW6KXHp52rAVAHs.roa
Signing time:             Wed 29 Sep 2021 02:54:38 +0000
ROA not before:           Wed 29 Sep 2021 02:54:38 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        211.76.62.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4733 (0x127d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:54:38 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=084C7B31ACECA8D546716E8A5C7A79DAB015007B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:4d:81:3c:cd:ee:03:f6:3b:20:5d:4a:77:01:
                    94:92:44:8c:8e:7e:fa:b2:b5:02:27:84:7b:db:36:
                    3b:d2:72:d9:84:84:cb:60:10:32:55:3a:47:27:68:
                    16:c5:fc:f4:4c:ff:68:ac:cd:ae:e3:06:3a:5d:f3:
                    c6:35:34:34:42:e6:05:8b:dd:9f:2f:90:f2:30:9f:
                    f3:9d:1e:9b:35:a6:c1:a8:bc:ab:77:00:ee:00:11:
                    fa:fa:73:07:ac:c7:41:e3:a0:e3:bf:0f:a8:7b:1b:
                    38:ef:39:21:21:49:d0:ba:5e:24:95:2f:21:a0:e1:
                    3f:a9:a1:1d:e4:85:68:f1:d4:2a:63:46:e7:3b:dd:
                    52:e7:e7:d5:da:b2:e3:2f:f8:60:5f:3a:be:1f:e7:
                    bf:58:55:bd:04:a5:c4:59:16:99:f2:fc:07:01:b5:
                    00:f4:c3:73:9c:c3:eb:e8:86:c0:4b:f2:81:fe:aa:
                    c9:e0:a0:5d:79:a5:19:c1:c2:54:79:b4:db:8e:bd:
                    61:5d:a5:df:09:c6:eb:e5:19:5a:64:44:1c:d3:30:
                    ba:ae:4e:fc:3c:a6:0d:0d:a1:0a:56:4b:a4:1e:f3:
                    ba:97:03:68:ee:70:21:37:73:6d:09:48:d2:97:fd:
                    f4:6d:69:1d:12:c5:db:04:0f:f1:58:e8:e8:31:cb:
                    aa:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:4C:7B:31:AC:EC:A8:D5:46:71:6E:8A:5C:7A:79:DA:B0:15:00:7B
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEx7MazsqNVGcW6KXHp52rAVAHs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.76.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:30:bc:c3:98:fd:7e:c0:5a:f6:eb:6b:89:6d:00:7f:a0:7e:
         48:59:e9:d1:68:e7:45:b1:60:eb:39:06:16:a8:85:fd:66:cd:
         c2:03:9b:f8:68:72:29:23:76:fe:a3:87:7a:80:7f:8e:9c:04:
         a8:d5:c3:8e:58:fd:81:b4:3f:74:29:84:4e:aa:bf:91:e3:46:
         37:1d:e3:9d:7f:ea:aa:30:e8:c3:73:28:64:cd:6c:f4:99:bb:
         93:e8:ae:87:6d:d6:79:8a:95:ba:96:d0:b2:77:f4:ec:ee:b5:
         f9:97:d5:b4:5a:27:13:59:e0:dd:68:54:9e:cd:e4:2a:53:af:
         59:ae:81:63:5a:ae:3f:af:d1:fb:54:d0:3d:02:3e:bc:f4:90:
         90:88:2b:d2:41:73:b1:dc:a2:b2:aa:d7:e1:29:8c:85:17:1c:
         5d:03:3a:f7:aa:53:7d:e5:28:8e:be:d2:54:4f:ef:93:88:91:
         4b:7f:35:62:8f:34:66:16:69:df:0e:9f:35:23:fe:a7:67:de:
         e7:53:49:f8:34:ed:47:13:59:45:b8:ea:21:ea:3a:7a:9a:53:
         ce:ee:9b:10:2f:06:2e:28:4a:72:53:8e:35:b5:74:91:de:51:
         02:8c:41:bb:97:22:29:f3:93:e7:ca:5e:aa:6e:21:e6:1c:66:
         05:e6:ea:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEn0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0MzhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA4NEM3QjMxQUNFQ0E4
RDU0NjcxNkU4QTVDN0E3OURBQjAxNTAwN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrTYE8ze4D9jsgXUp3AZSSRIyOfvqytQInhHvbNjvSctmEhMtg
EDJVOkcnaBbF/PRM/2isza7jBjpd88Y1NDRC5gWL3Z8vkPIwn/OdHps1psGovKt3
AO4AEfr6cwesx0HjoOO/D6h7GzjvOSEhSdC6XiSVLyGg4T+poR3khWjx1CpjRuc7
3VLn59XasuMv+GBfOr4f579YVb0EpcRZFpny/AcBtQD0w3Ocw+vohsBL8oH+qsng
oF15pRnBwlR5tNuOvWFdpd8JxuvlGVpkRBzTMLquTvw8pg0NoQpWS6Qe87qXA2ju
cCE3c20JSNKX/fRtaR0SxdsED/FY6Ogxy6odAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCEx7MazsqNVGcW6KXHp52rAVAHswHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0NFeDdNYXpzcU5WR2NXNktY
SHA1MnJBVkFIcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADT
TD4wDQYJKoZIhvcNAQELBQADggEBACEwvMOY/X7AWvbra4ltAH+gfkhZ6dFo50Wx
YOs5Bhaohf1mzcIDm/hocikjdv6jh3qAf46cBKjVw45Y/YG0P3QphE6qv5HjRjcd
451/6qow6MNzKGTNbPSZu5Porodt1nmKlbqW0LJ39OzutfmX1bRaJxNZ4N1oVJ7N
5CpTr1mugWNarj+v0ftU0D0CPrz0kJCIK9JBc7HcorKq1+EpjIUXHF0DOveqU33l
KI6+0lRP75OIkUt/NWKPNGYWad8OnzUj/qdn3udTSfg07UcTWUW46iHqOnqaU87u
mxAvBi4oSnJTjjW1dJHeUQKMQbuXIinzk+fKXqpuIeYcZgXm6uw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:45 2024 by rpki-client on console-ams.rpki-client.org