Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Kmc8aOxJCZ2yR-VuVsffq2uo-4U.roa
File:                     Kmc8aOxJCZ2yR-VuVsffq2uo-4U.roa (raw, json)
Hash identifier:          gKCl3uF2M68J/dY5LF34MKuseqj9D+1L7koBhxyDXaM=
Subject key identifier:   2A:67:3C:68:EC:49:09:9D:B2:47:E5:6E:56:C7:DF:AB:6B:A8:FB:85
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       192B
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Kmc8aOxJCZ2yR-VuVsffq2uo-4U.roa
Signing time:             Sat 22 Oct 2022 06:06:10 +0000
ROA not before:           Sat 22 Oct 2022 06:06:10 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24163
IP address blocks:        211.76.54.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6443 (0x192b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Oct 22 06:06:10 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=2A673C68EC49099DB247E56E56C7DFAB6BA8FB85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:20:6c:ea:88:5f:9f:ca:87:c0:6a:da:dc:2e:
                    cc:45:33:5f:01:7f:c9:fc:3c:46:c6:25:19:3f:70:
                    1e:a4:f1:7a:17:4b:ba:4e:0f:4c:4b:85:d5:f3:44:
                    f3:63:5e:3c:4f:4b:a3:0d:c8:4a:93:d5:7d:30:45:
                    f4:64:9b:3e:bd:be:e6:26:db:e2:1d:4d:5a:7e:ea:
                    73:58:1b:9f:a7:12:48:9a:78:f7:bc:21:da:9c:2f:
                    10:4c:20:54:13:97:69:04:a2:04:78:8f:62:a3:e3:
                    31:3d:91:fd:fe:bd:d9:4c:eb:38:b4:a1:85:b1:7a:
                    59:f1:27:ae:7d:04:99:1c:a2:90:1e:7e:ac:4d:48:
                    69:58:ca:76:5e:ff:f6:a9:22:83:0a:58:30:be:76:
                    a1:7a:48:5c:3d:a2:37:6f:59:b5:3a:4c:4e:12:c0:
                    ba:c3:3e:e0:1c:35:7f:e3:19:cf:fb:bc:55:fa:2c:
                    c5:33:c4:b5:80:b6:44:aa:c8:2a:f2:77:38:29:40:
                    d2:bd:b1:60:e5:1b:8b:29:33:9c:94:12:1a:4b:07:
                    69:0f:1e:f8:7e:18:5d:d2:cb:f0:7e:61:60:16:2f:
                    8a:8a:c5:7a:c2:9c:5a:da:8f:59:68:60:eb:71:a0:
                    bd:a3:51:8c:f9:2a:de:df:f1:6b:fb:7b:73:49:87:
                    63:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:67:3C:68:EC:49:09:9D:B2:47:E5:6E:56:C7:DF:AB:6B:A8:FB:85
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Kmc8aOxJCZ2yR-VuVsffq2uo-4U.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.76.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:5f:ca:ae:62:b4:3c:b7:cc:08:40:2b:d7:5e:31:bd:81:13:
         42:2c:7d:94:b0:4c:c6:52:47:ed:4b:3d:10:0e:93:03:c3:4b:
         d7:56:4b:87:21:f6:46:58:cf:3e:9b:c1:8a:33:c4:0a:13:3d:
         30:3b:37:42:68:29:a7:2f:01:dd:36:cd:e5:fa:d5:3d:52:b9:
         d2:e3:f9:91:46:e5:64:a7:20:cb:f5:2a:ad:b5:d7:00:77:55:
         54:3d:9c:51:bd:5e:9e:36:1a:ba:11:bd:3a:3a:54:17:eb:fb:
         3b:af:4d:1c:d9:a1:0c:9a:62:64:a4:a4:4f:4c:eb:66:a3:63:
         0e:58:fd:98:54:c0:d3:6d:2b:ff:b5:13:bc:05:82:4d:96:6e:
         af:da:53:fc:97:0e:5b:33:b0:c0:f1:f7:74:24:ff:cc:47:dc:
         50:78:19:b5:cc:2f:b9:56:c4:e2:43:82:93:c5:81:57:62:37:
         55:11:be:0b:d9:11:6e:69:10:ba:5c:db:94:7a:b1:5e:bd:9b:
         d9:d8:d6:46:02:83:b7:02:64:69:c0:cb:c0:8c:b0:3d:5e:94:
         88:a0:ba:d6:66:0d:18:84:7b:1e:b0:da:02:8b:7c:4d:00:bc:
         72:c6:4c:3f:b2:1a:04:b9:1c:c7:25:f0:82:d2:5f:bc:29:bd:
         10:7e:6f:f5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGSswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA2MTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJBNjczQzY4RUM0OTA5
OURCMjQ3RTU2RTU2QzdERkFCNkJBOEZCODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAIGzqiF+fyofAatrcLsxFM18Bf8n8PEbGJRk/cB6k8XoXS7pO
D0xLhdXzRPNjXjxPS6MNyEqT1X0wRfRkmz69vuYm2+IdTVp+6nNYG5+nEkiaePe8
IdqcLxBMIFQTl2kEogR4j2Kj4zE9kf3+vdlM6zi0oYWxelnxJ659BJkcopAefqxN
SGlYynZe//apIoMKWDC+dqF6SFw9ojdvWbU6TE4SwLrDPuAcNX/jGc/7vFX6LMUz
xLWAtkSqyCrydzgpQNK9sWDlG4spM5yUEhpLB2kPHvh+GF3Sy/B+YWAWL4qKxXrC
nFraj1loYOtxoL2jUYz5Kt7f8Wv7e3NJh2NHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKmc8aOxJCZ2yR+VuVsffq2uo+4UwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0ttYzhhT3hKQ1oyeVItVnVW
c2ZmcTJ1by00VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADT
TDYwDQYJKoZIhvcNAQELBQADggEBAGxfyq5itDy3zAhAK9deMb2BE0IsfZSwTMZS
R+1LPRAOkwPDS9dWS4ch9kZYzz6bwYozxAoTPTA7N0JoKacvAd02zeX61T1SudLj
+ZFG5WSnIMv1Kq211wB3VVQ9nFG9Xp42GroRvTo6VBfr+zuvTRzZoQyaYmSkpE9M
62ajYw5Y/ZhUwNNtK/+1E7wFgk2Wbq/aU/yXDlszsMDx93Qk/8xH3FB4GbXML7lW
xOJDgpPFgVdiN1URvgvZEW5pELpc25R6sV69m9nY1kYCg7cCZGnAy8CMsD1elIig
utZmDRiEex6w2gKLfE0AvHLGTD+yGgS5HMcl8ILSX7wpvRB+b/U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:03 2024 by rpki-client on console-fra.rpki-client.org