Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/GqGVmiluC8WYScEzS1ttR-R5zyQ.roa
File:                     GqGVmiluC8WYScEzS1ttR-R5zyQ.roa (raw, json)
Hash identifier:          DUYzulJ3VBio/tqXSIOnEevh3cRHpRQNVciPtMageOU=
Subject key identifier:   1A:A1:95:9A:29:6E:0B:C5:98:49:C1:33:4B:5B:6D:47:E4:79:CF:24
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       134B
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/GqGVmiluC8WYScEzS1ttR-R5zyQ.roa
Signing time:             Wed 29 Sep 2021 02:55:36 +0000
ROA not before:           Wed 29 Sep 2021 02:55:36 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        61.64.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4939 (0x134b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:55:36 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=1AA1959A296E0BC59849C1334B5B6D47E479CF24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6a:0b:0f:7e:82:75:b5:10:2f:c2:4a:58:44:
                    85:a0:39:02:f9:bf:5a:3d:ec:17:4f:e2:08:86:e9:
                    90:65:fb:c9:e1:2b:9e:10:69:f7:c4:22:89:61:ae:
                    dd:50:ae:90:67:7a:9a:94:b2:f1:4b:ad:43:d4:f0:
                    1b:6d:eb:04:14:9a:58:8c:c1:67:53:91:24:3c:a9:
                    1d:c2:8b:f0:b2:8d:4d:fe:4c:8d:f4:95:72:35:89:
                    c5:87:62:dc:00:5c:fe:23:95:71:07:08:d4:3a:63:
                    ec:f6:80:ab:c4:22:a6:5f:f1:39:dd:51:00:62:ae:
                    5c:fc:37:ed:b4:f1:43:13:16:69:8e:7b:f5:31:b5:
                    c0:eb:79:79:8c:9c:af:28:19:a4:92:7a:e9:14:47:
                    e4:32:80:69:b7:39:0f:ae:c9:5d:fc:cb:5a:b5:56:
                    f8:73:25:42:db:b1:a9:24:87:a1:df:7a:6a:6a:8f:
                    95:61:bd:32:1e:41:df:4c:c8:7d:1f:c2:8e:86:09:
                    5d:85:49:9f:df:56:2d:37:f5:4c:19:1d:73:7c:bb:
                    ef:1a:31:0d:f2:69:a2:9f:f4:5f:ee:ed:59:0b:6d:
                    c1:a4:7c:4c:83:3c:c1:e8:79:c1:48:e2:df:80:b9:
                    e5:a8:2f:30:7e:11:5a:14:25:27:ad:bb:8a:b8:4e:
                    51:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:A1:95:9A:29:6E:0B:C5:98:49:C1:33:4B:5B:6D:47:E4:79:CF:24
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/GqGVmiluC8WYScEzS1ttR-R5zyQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.64.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:e1:f2:19:a8:ab:18:df:ab:7c:1e:55:62:26:90:5e:42:6f:
         85:7f:c1:ad:3e:3e:50:79:3d:32:61:c3:9e:6b:4b:a7:23:3d:
         03:b1:21:69:2d:f7:62:ed:b3:79:d5:b1:7b:9a:d1:90:5f:20:
         89:dd:d5:63:08:23:2a:16:5a:e7:b9:75:3c:17:51:f6:b8:25:
         0e:ef:9d:5f:1a:6e:24:31:6e:ed:a2:f2:22:29:db:d9:f0:3e:
         94:f2:cd:ae:76:f7:ad:0f:55:e5:99:83:85:fa:95:ca:06:9e:
         cb:40:ab:43:11:ce:60:3c:e6:c3:fc:a1:2e:62:25:10:01:cc:
         6a:c9:62:43:00:0a:09:c8:9a:15:53:60:70:ac:45:9f:7c:21:
         64:73:2e:43:27:ed:db:17:84:80:18:62:01:73:e5:8a:9b:e9:
         1b:c2:90:40:9e:20:3a:6a:d4:b0:b2:57:ac:0d:39:32:d5:a6:
         fe:cd:23:7f:24:d8:44:0d:00:51:c8:e5:3b:e4:3c:d2:72:8d:
         a4:4a:c1:ca:4e:90:bf:0b:99:72:5a:fa:e0:83:70:65:d3:84:
         f7:98:53:80:b4:14:df:f9:0e:e8:0b:ef:90:e6:70:f0:9c:8c:
         d5:25:dd:49:1d:57:72:ba:9e:9c:ac:48:d9:f6:9e:87:a2:c6:
         f6:c0:11:4e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE0swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU1MzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFBQTE5NTlBMjk2RTBC
QzU5ODQ5QzEzMzRCNUI2RDQ3RTQ3OUNGMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqagsPfoJ1tRAvwkpYRIWgOQL5v1o97BdP4giG6ZBl+8nhK54Q
affEIolhrt1QrpBnepqUsvFLrUPU8Btt6wQUmliMwWdTkSQ8qR3Ci/CyjU3+TI30
lXI1icWHYtwAXP4jlXEHCNQ6Y+z2gKvEIqZf8TndUQBirlz8N+208UMTFmmOe/Ux
tcDreXmMnK8oGaSSeukUR+QygGm3OQ+uyV38y1q1VvhzJULbsakkh6Hfempqj5Vh
vTIeQd9MyH0fwo6GCV2FSZ/fVi039UwZHXN8u+8aMQ3yaaKf9F/u7VkLbcGkfEyD
PMHoecFI4t+AueWoLzB+EVoUJSetu4q4TlGJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGqGVmiluC8WYScEzS1ttR+R5zyQwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0dxR1ZtaWx1QzhXWVNjRXpT
MXR0Ui1SNXp5US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9
QAQwDQYJKoZIhvcNAQELBQADggEBAGLh8hmoqxjfq3weVWImkF5Cb4V/wa0+PlB5
PTJhw55rS6cjPQOxIWkt92Lts3nVsXua0ZBfIInd1WMIIyoWWue5dTwXUfa4JQ7v
nV8abiQxbu2i8iIp29nwPpTyza52960PVeWZg4X6lcoGnstAq0MRzmA85sP8oS5i
JRABzGrJYkMACgnImhVTYHCsRZ98IWRzLkMn7dsXhIAYYgFz5Yqb6RvCkECeIDpq
1LCyV6wNOTLVpv7NI38k2EQNAFHI5TvkPNJyjaRKwcpOkL8LmXJa+uCDcGXThPeY
U4C0FN/5DugL75DmcPCcjNUl3UkdV3K6npysSNn2noeixvbAEU4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:02 2024 by rpki-client on console-fra.rpki-client.org