Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/IdF9riuIjKDat_QsNwarSzXFeQ4.roa
File:                     IdF9riuIjKDat_QsNwarSzXFeQ4.roa (raw, json)
Hash identifier:          P+KKDgJSXSIqsJkLkhKB/FM0SLwqHBjDvkrIkRMy7DQ=
Subject key identifier:   21:D1:7D:AE:2B:88:8C:A0:DA:B7:F4:2C:37:06:AB:4B:35:C5:79:0E
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       123A
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/IdF9riuIjKDat_QsNwarSzXFeQ4.roa
Signing time:             Wed 29 Sep 2021 02:54:21 +0000
ROA not before:           Wed 29 Sep 2021 02:54:21 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        61.60.216.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4666 (0x123a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:54:21 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=21D17DAE2B888CA0DAB7F42C3706AB4B35C5790E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d1:b0:60:e7:14:18:58:1c:91:46:a7:2e:e7:
                    5d:04:bf:00:b1:64:25:8e:95:f4:bd:0b:44:7b:68:
                    94:f7:38:fd:82:df:d2:c8:74:d2:b5:40:df:58:23:
                    cd:4f:dd:cb:ac:46:ae:6c:1b:9d:9e:32:1f:2b:80:
                    00:1e:91:d2:3b:ee:7a:38:4f:ea:95:6d:21:36:a8:
                    5a:ce:26:97:33:49:84:10:a2:1b:d0:45:ed:7c:c6:
                    90:ab:0e:45:d8:85:90:ce:6f:1a:24:7a:34:6f:22:
                    ad:b8:e0:80:87:ed:00:6a:3b:34:75:f3:28:20:a5:
                    09:ce:51:2a:c6:f7:64:b6:b0:ae:cb:65:7b:fe:39:
                    38:0e:3f:a5:e8:dd:4e:8a:44:be:c8:96:3c:15:4c:
                    39:f2:ac:d4:81:9a:8f:87:78:7b:34:25:db:4f:c1:
                    e8:e2:4c:5a:fc:dc:14:eb:82:24:05:78:eb:74:57:
                    dc:2d:45:f2:10:47:f4:ee:d7:99:52:c8:53:46:5b:
                    3c:69:9e:83:05:95:2d:df:8b:12:34:43:69:7f:dd:
                    80:7c:99:45:7d:89:00:34:3c:df:43:be:ec:19:6e:
                    22:c7:af:56:bc:c8:49:08:ae:07:52:23:7d:96:f5:
                    1b:51:9a:90:bc:98:b5:0f:4b:54:c9:d2:ff:6f:3f:
                    50:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:D1:7D:AE:2B:88:8C:A0:DA:B7:F4:2C:37:06:AB:4B:35:C5:79:0E
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/IdF9riuIjKDat_QsNwarSzXFeQ4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.60.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         91:18:c8:c5:eb:cc:56:23:51:68:8e:45:29:d2:d6:f3:a0:23:
         b0:f3:9b:fb:7e:44:af:a9:30:7d:46:26:63:78:d0:1d:f3:bd:
         4a:54:83:53:fe:aa:9e:15:1f:88:11:2c:ee:fe:d9:6d:9c:d6:
         38:a9:71:cb:e9:b6:5e:e5:5d:5a:ab:ef:de:c1:5f:53:e7:9b:
         ef:b8:b1:78:be:8f:1f:ba:bc:ca:33:7e:a5:b0:34:f4:6a:db:
         0e:64:e8:bd:fc:d4:14:96:f0:74:bb:84:df:87:ee:b1:4a:2b:
         f9:39:9c:6f:1c:df:a6:dc:27:24:25:19:2c:34:77:32:04:39:
         25:93:c4:bc:1f:e2:4b:bf:44:10:63:91:2a:93:60:9b:8a:53:
         02:41:fd:08:21:55:12:98:bf:62:43:b9:f5:28:6c:68:d7:a0:
         8f:3a:3b:f4:40:cc:46:34:cc:62:2d:b2:71:74:b4:9b:b2:a8:
         ba:25:56:a3:02:ec:fb:c3:4a:eb:d9:66:d1:3d:66:1e:52:72:
         8e:5c:78:18:b2:f9:69:34:fa:ad:a8:1d:01:ef:d0:b1:93:cf:
         42:43:4b:e0:4e:72:3e:0b:cc:19:a7:fd:ce:75:98:74:d3:81:
         42:03:fb:bf:4e:23:61:e1:75:35:35:a5:33:3d:ca:b6:34:98:
         33:fb:df:53
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0MjFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDIxRDE3REFFMkI4ODhD
QTBEQUI3RjQyQzM3MDZBQjRCMzVDNTc5MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL0bBg5xQYWByRRqcu510EvwCxZCWOlfS9C0R7aJT3OP2C39LI
dNK1QN9YI81P3cusRq5sG52eMh8rgAAekdI77no4T+qVbSE2qFrOJpczSYQQohvQ
Re18xpCrDkXYhZDObxokejRvIq244ICH7QBqOzR18yggpQnOUSrG92S2sK7LZXv+
OTgOP6Xo3U6KRL7IljwVTDnyrNSBmo+HeHs0JdtPwejiTFr83BTrgiQFeOt0V9wt
RfIQR/Tu15lSyFNGWzxpnoMFlS3fixI0Q2l/3YB8mUV9iQA0PN9DvuwZbiLHr1a8
yEkIrgdSI32W9RtRmpC8mLUPS1TJ0v9vP1DnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIdF9riuIjKDat/QsNwarSzXFeQ4wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0lkRjlyaXVJaktEYXRfUXNO
d2FyU3pYRmVRNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
PNgwDQYJKoZIhvcNAQELBQADggEBAJEYyMXrzFYjUWiORSnS1vOgI7Dzm/t+RK+p
MH1GJmN40B3zvUpUg1P+qp4VH4gRLO7+2W2c1jipccvptl7lXVqr797BX1Pnm++4
sXi+jx+6vMozfqWwNPRq2w5k6L381BSW8HS7hN+H7rFKK/k5nG8c36bcJyQlGSw0
dzIEOSWTxLwf4ku/RBBjkSqTYJuKUwJB/QghVRKYv2JDufUobGjXoI86O/RAzEY0
zGItsnF0tJuyqLolVqMC7PvDSuvZZtE9Zh5Sco5ceBiy+Wk0+q2oHQHv0LGTz0JD
S+BOcj4LzBmn/c51mHTTgUID+79OI2HhdTU1pTM9yrY0mDP731M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:46 2024 by rpki-client on console-ams.rpki-client.org