Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KXTNnXSWpuQD3YE7XwLB673qRJg.roa
File:                     KXTNnXSWpuQD3YE7XwLB673qRJg.roa (raw, json)
Hash identifier:          FtwylU1H+PLTpgmpy1uD2FHlLKspJnKVH2duMA+fDZs=
Subject key identifier:   29:74:CD:9D:74:96:A6:E4:03:DD:81:3B:5F:02:C1:EB:BD:EA:44:98
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       134A
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KXTNnXSWpuQD3YE7XwLB673qRJg.roa
Signing time:             Wed 29 Sep 2021 02:55:36 +0000
ROA not before:           Wed 29 Sep 2021 02:55:36 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        49.159.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4938 (0x134a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:55:36 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=2974CD9D7496A6E403DD813B5F02C1EBBDEA4498
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:66:8b:ad:4a:8b:48:10:e3:f5:0a:0c:10:c5:
                    0c:fa:51:5d:99:06:e8:60:a0:de:31:e5:6d:ad:e3:
                    92:91:91:97:a7:1a:8b:76:5f:bb:b3:2d:80:a4:96:
                    15:ca:9c:64:3c:69:0f:bd:d3:5c:26:00:41:25:64:
                    37:eb:21:79:d9:dc:fc:2f:1c:03:94:b5:6b:17:af:
                    4e:db:5c:fa:de:df:b8:2b:22:55:9e:ef:4f:59:7f:
                    ed:2a:61:bf:94:61:1e:20:5c:49:16:fc:7c:ea:64:
                    39:07:60:fb:0c:b0:54:87:64:d9:11:10:35:8f:2b:
                    e7:dd:36:d2:75:b0:e8:34:c6:cf:d0:24:a0:57:4b:
                    5a:c0:93:85:56:a4:db:ac:7d:2d:83:d1:30:bd:f3:
                    2c:c0:59:f6:ef:fc:73:b2:0e:8b:67:4c:8f:a8:e6:
                    f8:32:a1:79:a0:94:a0:63:c7:d6:f4:79:e4:3c:f4:
                    c5:fe:ef:52:30:d2:16:e4:4a:fb:e9:35:16:61:66:
                    19:c6:7b:c4:99:ac:b2:33:88:8a:77:0c:a5:b2:34:
                    89:99:31:5c:50:bc:5a:d7:3b:65:20:b2:2a:d4:6f:
                    47:3a:dd:4f:8c:99:50:49:17:f1:43:e3:bd:64:fc:
                    24:b1:15:2a:d4:1c:65:ed:90:8b:9b:f8:16:02:4f:
                    e4:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:74:CD:9D:74:96:A6:E4:03:DD:81:3B:5F:02:C1:EB:BD:EA:44:98
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KXTNnXSWpuQD3YE7XwLB673qRJg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.159.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:ba:6a:71:3e:12:73:4a:93:e8:a5:fa:3c:56:80:16:98:78:
         20:b4:66:46:12:83:3a:d9:be:ed:35:35:d5:ef:1b:61:91:62:
         8c:00:b0:9c:0a:31:c3:f9:b6:c8:87:0d:ad:bc:70:c1:32:ab:
         ec:4f:51:d0:b3:5b:e8:cc:2d:05:20:f0:97:bd:c7:73:97:77:
         ac:a6:a1:2f:f0:4a:2b:85:4e:17:bc:80:d7:ef:30:4b:7b:04:
         3a:c1:65:69:3c:86:79:d9:9d:8e:90:7c:8d:3a:45:41:32:66:
         a1:ba:26:83:9d:89:17:1c:d2:1d:3a:f2:7f:25:03:20:cf:d5:
         15:1a:19:f5:75:da:9f:01:21:80:28:85:04:96:8d:6f:8a:bc:
         e3:dc:33:1b:7f:b5:fb:e7:c2:4d:51:38:31:e9:57:7a:11:c2:
         af:a0:c3:0d:a7:ff:d1:01:d7:59:25:2c:5a:a8:11:40:53:aa:
         bf:bd:fc:ae:2f:4e:be:6b:8e:fe:ea:81:a5:5e:46:09:c8:01:
         8d:d6:c0:6c:68:3e:04:2f:96:19:f8:bd:12:de:fc:ab:49:e7:
         df:9f:c9:33:53:d6:d9:17:12:97:99:7c:2c:eb:d2:71:e0:60:
         c6:3c:80:01:6c:a1:d4:f3:aa:0d:99:ae:6b:6a:c2:bb:c9:e6:
         69:d7:5e:61
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU1MzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI5NzRDRDlENzQ5NkE2
RTQwM0REODEzQjVGMDJDMUVCQkRFQTQ0OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJZoutSotIEOP1CgwQxQz6UV2ZBuhgoN4x5W2t45KRkZenGot2
X7uzLYCklhXKnGQ8aQ+901wmAEElZDfrIXnZ3PwvHAOUtWsXr07bXPre37grIlWe
709Zf+0qYb+UYR4gXEkW/HzqZDkHYPsMsFSHZNkREDWPK+fdNtJ1sOg0xs/QJKBX
S1rAk4VWpNusfS2D0TC98yzAWfbv/HOyDotnTI+o5vgyoXmglKBjx9b0eeQ89MX+
71Iw0hbkSvvpNRZhZhnGe8SZrLIziIp3DKWyNImZMVxQvFrXO2UgsirUb0c63U+M
mVBJF/FD471k/CSxFSrUHGXtkIub+BYCT+QfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKXTNnXSWpuQD3YE7XwLB673qRJgwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0tYVE5uWFNXcHVRRDNZRTdY
d0xCNjczcVJKZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
nwQwDQYJKoZIhvcNAQELBQADggEBABu6anE+EnNKk+il+jxWgBaYeCC0ZkYSgzrZ
vu01NdXvG2GRYowAsJwKMcP5tsiHDa28cMEyq+xPUdCzW+jMLQUg8Je9x3OXd6ym
oS/wSiuFThe8gNfvMEt7BDrBZWk8hnnZnY6QfI06RUEyZqG6JoOdiRcc0h068n8l
AyDP1RUaGfV12p8BIYAohQSWjW+KvOPcMxt/tfvnwk1RODHpV3oRwq+gww2n/9EB
11klLFqoEUBTqr+9/K4vTr5rjv7qgaVeRgnIAY3WwGxoPgQvlhn4vRLe/KtJ59+f
yTNT1tkXEpeZfCzr0nHgYMY8gAFsodTzqg2ZrmtqwrvJ5mnXXmE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:03 2024 by rpki-client on console-fra.rpki-client.org