Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/I2yjdaAMEqRav0QGjrOeOry3cgw.roa
File:                     I2yjdaAMEqRav0QGjrOeOry3cgw.roa (raw, json)
Hash identifier:          pQH522Wop1soddV5qW5EVW2DXR0qZOko0rOTPgmzZGk=
Subject key identifier:   23:6C:A3:75:A0:0C:12:A4:5A:BF:44:06:8E:B3:9E:3A:BC:B7:72:0C
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       141F
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/I2yjdaAMEqRav0QGjrOeOry3cgw.roa
Signing time:             Fri 29 Apr 2022 10:27:49 +0000
ROA not before:           Fri 29 Apr 2022 10:27:49 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        49.159.56.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5151 (0x141f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Apr 29 10:27:49 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=236CA375A00C12A45ABF44068EB39E3ABCB7720C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0f:d4:fc:f4:dc:48:69:bb:bc:e9:bb:e9:1a:
                    f3:bf:0b:01:b6:0e:5b:0e:ba:c3:d8:ab:d8:6c:43:
                    0e:ab:5f:c9:3e:3f:c6:0c:8b:25:23:f0:52:85:cb:
                    4b:fd:a3:79:ca:61:6d:87:b2:e9:b4:77:7c:b7:63:
                    c4:13:a2:0b:e2:a8:3a:1c:fc:34:54:95:0a:c8:9e:
                    8f:31:70:59:c6:03:58:aa:b0:a0:11:2e:1d:d9:5d:
                    a6:e4:34:1b:db:50:20:5a:71:2f:81:34:e5:85:3f:
                    20:e7:29:eb:b4:ee:99:eb:22:9a:93:9c:3c:28:55:
                    38:4b:c1:0b:fb:39:0e:07:2f:bd:9a:c2:5c:b3:d4:
                    01:4d:0e:62:5a:99:1c:c5:93:bd:10:0a:85:5c:f6:
                    ff:da:c7:eb:90:99:f7:1b:3b:ed:81:d1:04:97:b5:
                    d5:7f:2b:4a:d5:d9:c0:d1:60:93:91:95:47:a5:62:
                    43:ca:43:28:21:f0:e0:43:0a:56:28:d1:29:ec:74:
                    4d:8f:cd:d1:25:f5:f5:89:6b:30:b1:68:6c:21:62:
                    5b:8b:28:6a:07:0c:23:70:3f:44:1a:41:25:db:3f:
                    41:26:01:a1:02:91:dc:c0:5a:91:d2:1b:74:06:5f:
                    17:49:2c:a4:17:e4:e0:5d:df:90:a5:66:f3:9e:e3:
                    f9:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:6C:A3:75:A0:0C:12:A4:5A:BF:44:06:8E:B3:9E:3A:BC:B7:72:0C
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/I2yjdaAMEqRav0QGjrOeOry3cgw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.159.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0e:a0:b5:23:15:ac:6e:9a:5f:3e:0c:e4:23:26:a6:14:d8:6a:
         45:f2:78:aa:69:bf:5c:0d:7b:f6:72:68:57:65:e7:0d:31:6b:
         45:db:4c:71:68:aa:5f:bf:04:06:20:7e:ed:90:ef:f0:8f:65:
         e8:2e:85:63:13:23:5a:ff:6d:15:12:b6:6a:8a:3b:7c:c4:db:
         e1:2c:c4:71:5f:1d:26:4a:8e:8f:0b:b4:25:8e:b1:f7:3f:85:
         32:83:e6:0b:bb:ca:f8:aa:9d:6b:44:a4:57:b3:f8:0c:6b:9d:
         32:51:65:12:3c:09:ad:b0:04:4c:4c:5f:84:04:2a:07:93:14:
         3e:88:e0:9c:25:3d:07:fe:91:f0:82:7c:56:65:1b:4d:ee:d1:
         98:a6:85:a9:6e:59:77:d9:02:11:e2:37:80:c0:4c:ce:42:13:
         c1:36:5f:42:48:b2:11:ba:30:d5:f4:46:83:6d:9e:95:a4:67:
         20:ee:e4:a5:9b:fd:5b:5d:75:39:b0:61:92:3e:40:8e:bd:6e:
         df:90:97:9f:b4:f8:46:32:a2:73:ce:57:b3:86:63:70:de:23:
         cb:51:dd:23:71:e2:ec:93:43:17:eb:45:7d:4d:04:3c:d5:44:
         c2:9e:61:9e:30:34:33:a6:5a:f5:89:e8:53:b8:53:94:43:85:
         ba:c5:76:6a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFB8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA0Mjkx
MDI3NDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDIzNkNBMzc1QTAwQzEy
QTQ1QUJGNDQwNjhFQjM5RTNBQkNCNzcyMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHD9T89NxIabu86bvpGvO/CwG2DlsOusPYq9hsQw6rX8k+P8YM
iyUj8FKFy0v9o3nKYW2Hsum0d3y3Y8QTogviqDoc/DRUlQrIno8xcFnGA1iqsKAR
Lh3ZXabkNBvbUCBacS+BNOWFPyDnKeu07pnrIpqTnDwoVThLwQv7OQ4HL72awlyz
1AFNDmJamRzFk70QCoVc9v/ax+uQmfcbO+2B0QSXtdV/K0rV2cDRYJORlUelYkPK
Qygh8OBDClYo0SnsdE2PzdEl9fWJazCxaGwhYluLKGoHDCNwP0QaQSXbP0EmAaEC
kdzAWpHSG3QGXxdJLKQX5OBd35ClZvOe4/kJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUI2yjdaAMEqRav0QGjrOeOry3cgwwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0kyeWpkYUFNRXFSYXYwUUdq
ck9lT3J5M2Nndy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nzgwDQYJKoZIhvcNAQELBQADggEBAA6gtSMVrG6aXz4M5CMmphTYakXyeKppv1wN
e/ZyaFdl5w0xa0XbTHFoql+/BAYgfu2Q7/CPZeguhWMTI1r/bRUStmqKO3zE2+Es
xHFfHSZKjo8LtCWOsfc/hTKD5gu7yviqnWtEpFez+AxrnTJRZRI8Ca2wBExMX4QE
KgeTFD6I4JwlPQf+kfCCfFZlG03u0ZimhaluWXfZAhHiN4DATM5CE8E2X0JIshG6
MNX0RoNtnpWkZyDu5KWb/VtddTmwYZI+QI69bt+Ql5+0+EYyonPOV7OGY3DeI8tR
3SNx4uyTQxfrRX1NBDzVRMKeYZ4wNDOmWvWJ6FO4U5RDhbrFdmo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:46 2024 by rpki-client on console-ams.rpki-client.org