Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KM0gR028WtydvCFozvwfhnihUM4.roa
File:                     KM0gR028WtydvCFozvwfhnihUM4.roa (raw, json)
Hash identifier:          /stYBSOO6v8Nu7oOuYByqqQYgWJM5vI8y2+y3CcjIVw=
Subject key identifier:   28:CD:20:47:4D:BC:5A:DC:9D:BC:21:68:CE:FC:1F:86:78:A1:50:CE
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       14FE
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KM0gR028WtydvCFozvwfhnihUM4.roa
Signing time:             Thu 15 Sep 2022 02:35:40 +0000
ROA not before:           Thu 15 Sep 2022 02:35:40 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        180.218.172.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5374 (0x14fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 15 02:35:40 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=28CD20474DBC5ADC9DBC2168CEFC1F8678A150CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3d:0d:c9:16:43:69:5d:ab:c5:0b:db:f0:78:
                    39:69:68:ef:f7:ba:27:b8:f9:de:dc:2c:a5:50:e4:
                    32:bc:6b:ef:51:be:8f:3a:2a:25:d1:9a:c1:d4:38:
                    46:3b:0f:1c:7d:8d:c6:a1:70:61:be:ed:a5:aa:b2:
                    2d:92:64:4f:9a:6c:65:15:53:af:4d:c1:3d:e9:81:
                    1e:4f:00:a9:94:ee:65:cb:4e:e9:28:99:03:99:64:
                    cc:e2:99:b8:c4:50:85:e0:f1:72:18:57:4c:bc:1d:
                    fa:24:3a:ab:ba:31:8c:89:c3:8b:1f:ae:b8:95:73:
                    68:93:97:ad:c9:90:72:42:26:c1:5a:34:36:9a:8e:
                    b2:90:1b:5c:93:bc:d3:9c:e2:cc:0e:de:50:33:c2:
                    93:09:85:0c:c5:58:08:98:c6:98:17:bd:e9:0e:6d:
                    54:56:0b:b7:e1:6c:cf:b8:7b:a7:c6:72:0c:ae:42:
                    92:71:ae:b4:47:d2:fe:b0:67:86:38:a9:88:04:a3:
                    8f:55:c4:cf:d6:9a:87:e0:1b:59:40:5a:c9:0b:16:
                    e8:48:0b:54:04:ce:ad:40:c9:38:45:fc:a4:12:5f:
                    51:69:90:ab:ab:55:8e:a6:58:af:b6:cd:1b:7e:d3:
                    60:68:0a:95:4d:88:86:f7:e7:66:4b:08:ce:8c:fe:
                    0c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:CD:20:47:4D:BC:5A:DC:9D:BC:21:68:CE:FC:1F:86:78:A1:50:CE
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KM0gR028WtydvCFozvwfhnihUM4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.218.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:98:f7:a9:be:10:9d:2d:3e:80:0a:2b:9b:f4:71:7e:02:49:
         57:2c:6e:08:f8:7f:be:44:2f:d0:46:90:a2:b9:74:d1:91:fa:
         cf:d2:42:21:e5:2e:c1:9c:b8:ec:64:c1:ef:1e:98:89:c2:0b:
         2a:cf:dd:b9:ea:9b:5c:b8:3c:9c:22:2a:58:28:53:f6:91:21:
         0c:aa:ac:98:df:d8:56:a2:95:b7:51:bd:14:d5:46:8c:54:6b:
         ff:5a:9e:f3:c5:75:c7:71:f9:94:72:c3:40:cc:e8:86:d0:c5:
         71:a3:10:e8:a5:db:e2:bb:a1:c0:63:a3:dd:b5:dc:c4:bd:24:
         b2:ec:15:86:5b:77:60:b2:11:2d:54:35:55:53:29:a2:6e:b4:
         26:a5:f0:ed:6c:7c:24:2c:c2:a7:81:c7:55:bc:34:fd:c6:47:
         6a:dd:cb:d7:80:60:43:d9:2c:de:34:98:77:06:4d:71:7c:72:
         c8:91:15:f5:60:3b:65:74:d7:d4:f0:27:c9:46:73:d6:e6:1a:
         b8:1a:9b:65:78:c3:90:42:0b:22:c0:fb:c1:10:f4:6b:97:ce:
         f9:60:a9:e6:7e:3c:e5:2e:b4:a0:96:89:78:7f:9f:70:1d:92:
         4b:3a:88:40:e7:47:88:ca:70:05:14:58:d9:bc:fc:a9:a2:43:
         6d:c5:da:d1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA5MTUw
MjM1NDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDI4Q0QyMDQ3NERCQzVB
REM5REJDMjE2OENFRkMxRjg2NzhBMTUwQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2PQ3JFkNpXavFC9vweDlpaO/3uie4+d7cLKVQ5DK8a+9Rvo86
KiXRmsHUOEY7Dxx9jcahcGG+7aWqsi2SZE+abGUVU69NwT3pgR5PAKmU7mXLTuko
mQOZZMzimbjEUIXg8XIYV0y8HfokOqu6MYyJw4sfrriVc2iTl63JkHJCJsFaNDaa
jrKQG1yTvNOc4swO3lAzwpMJhQzFWAiYxpgXvekObVRWC7fhbM+4e6fGcgyuQpJx
rrRH0v6wZ4Y4qYgEo49VxM/WmofgG1lAWskLFuhIC1QEzq1AyThF/KQSX1FpkKur
VY6mWK+2zRt+02BoCpVNiIb352ZLCM6M/gz/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKM0gR028WtydvCFozvwfhnihUM4wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0tNMGdSMDI4V3R5ZHZDRm96
dndmaG5paFVNNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK0
2qwwDQYJKoZIhvcNAQELBQADggEBABuY96m+EJ0tPoAKK5v0cX4CSVcsbgj4f75E
L9BGkKK5dNGR+s/SQiHlLsGcuOxkwe8emInCCyrP3bnqm1y4PJwiKlgoU/aRIQyq
rJjf2FailbdRvRTVRoxUa/9anvPFdcdx+ZRyw0DM6IbQxXGjEOil2+K7ocBjo921
3MS9JLLsFYZbd2CyES1UNVVTKaJutCal8O1sfCQswqeBx1W8NP3GR2rdy9eAYEPZ
LN40mHcGTXF8csiRFfVgO2V019TwJ8lGc9bmGrgam2V4w5BCCyLA+8EQ9GuXzvlg
qeZ+POUutKCWiXh/n3Adkks6iEDnR4jKcAUUWNm8/KmiQ23F2tE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:03 2024 by rpki-client on console-fra.rpki-client.org