Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KrhR7TPKAjzGrm8izYKyDVepK0o.roa
File:                     KrhR7TPKAjzGrm8izYKyDVepK0o.roa (raw, json)
Hash identifier:          t8SdxRVqpph4SPsE1uQpKRQrHi0KSA5LaBcsH9aOP74=
Subject key identifier:   2A:B8:51:ED:33:CA:02:3C:C6:AE:6F:22:CD:82:B2:0D:57:A9:2B:4A
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1A95
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KrhR7TPKAjzGrm8izYKyDVepK0o.roa
Signing time:             Fri 16 Dec 2022 04:08:30 +0000
ROA not before:           Fri 16 Dec 2022 04:08:30 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        61.61.208.0/21 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6805 (0x1a95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Dec 16 04:08:30 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=2AB851ED33CA023CC6AE6F22CD82B20D57A92B4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:57:cd:ef:d4:3d:18:80:34:4f:ac:d3:59:42:
                    83:85:c7:15:8b:72:21:9f:a8:07:73:95:96:b8:b6:
                    44:8e:0b:d6:54:11:9e:8b:4a:b6:c0:f3:7c:76:25:
                    b7:39:80:2d:de:09:ae:cb:29:20:b1:07:bb:1d:62:
                    91:93:98:36:ee:5e:6a:db:13:76:71:57:a9:be:4e:
                    ca:5b:fe:ed:61:8c:fc:14:c0:4a:39:4c:4e:19:46:
                    81:ab:cb:13:aa:39:1c:79:76:72:05:ce:5a:2f:48:
                    aa:2c:e2:ab:5a:fa:0a:5a:03:5d:b7:83:f6:78:19:
                    57:0d:a0:19:8f:a7:da:27:01:68:8d:43:5c:58:12:
                    20:af:b7:e4:d3:ed:29:21:01:94:a0:41:8e:49:f8:
                    4b:54:11:9d:c7:bd:ba:8e:aa:61:a4:12:a8:89:75:
                    8c:bb:b4:43:a9:59:90:81:0a:14:69:e8:12:a3:06:
                    1c:05:c6:b6:b5:58:9f:80:1e:dc:17:3e:9b:d1:11:
                    41:95:6a:e0:61:06:b6:a6:fc:c8:76:5b:55:b4:44:
                    f1:32:ce:94:a0:5e:06:18:09:d7:c7:e1:d0:93:91:
                    f6:1c:e0:00:46:6f:ee:45:bc:f5:4b:f4:23:15:d6:
                    54:01:a0:44:19:22:32:94:dc:9b:0e:3d:e8:3a:98:
                    ba:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B8:51:ED:33:CA:02:3C:C6:AE:6F:22:CD:82:B2:0D:57:A9:2B:4A
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KrhR7TPKAjzGrm8izYKyDVepK0o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9a:2c:03:94:bf:0c:cd:21:df:5f:38:5e:97:a0:d5:28:f7:f0:
         2e:02:50:b9:48:63:5f:08:32:bd:b6:f6:32:7c:92:f3:d9:a8:
         5a:fd:43:18:bd:59:1d:bc:a2:72:2f:bc:85:0d:13:96:ca:68:
         66:e8:f5:54:24:09:a5:ec:f0:62:f8:2f:27:54:63:43:96:2f:
         dd:b3:20:00:08:55:c3:92:31:a3:24:95:6a:3e:20:24:ac:ad:
         6d:e1:52:72:79:50:00:bb:c1:5c:90:9a:1c:06:ad:af:ec:bb:
         93:c6:bc:ad:70:ca:ec:8a:be:f4:b1:fd:cb:01:b1:39:43:f4:
         5a:34:aa:16:cf:a8:4c:52:65:96:41:9c:6c:26:19:76:ee:e4:
         8b:bf:fb:1b:ca:da:3b:ed:c0:11:3a:74:86:64:34:bd:6b:76:
         1b:68:2a:6e:8b:35:91:91:9d:77:2c:76:11:f3:ba:e1:d1:29:
         63:a8:49:8d:a7:d3:55:31:61:b0:e4:b3:d5:6e:57:9f:71:10:
         68:08:e4:40:fa:c9:70:a4:7b:34:88:21:32:c5:17:fd:af:1a:
         53:44:cc:9a:9c:8e:f5:07:69:98:e9:36:c3:1a:33:5b:e1:64:
         ea:6e:44:22:61:e5:56:1b:57:ca:ae:32:dc:5e:f2:74:b7:12:
         1c:db:9c:a8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEyMTYw
NDA4MzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJBQjg1MUVEMzNDQTAy
M0NDNkFFNkYyMkNEODJCMjBENTdBOTJCNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEV83v1D0YgDRPrNNZQoOFxxWLciGfqAdzlZa4tkSOC9ZUEZ6L
SrbA83x2Jbc5gC3eCa7LKSCxB7sdYpGTmDbuXmrbE3ZxV6m+Tspb/u1hjPwUwEo5
TE4ZRoGryxOqORx5dnIFzlovSKos4qta+gpaA123g/Z4GVcNoBmPp9onAWiNQ1xY
EiCvt+TT7SkhAZSgQY5J+EtUEZ3HvbqOqmGkEqiJdYy7tEOpWZCBChRp6BKjBhwF
xra1WJ+AHtwXPpvREUGVauBhBram/Mh2W1W0RPEyzpSgXgYYCdfH4dCTkfYc4ABG
b+5FvPVL9CMV1lQBoEQZIjKU3JsOPeg6mLrhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKrhR7TPKAjzGrm8izYKyDVepK0owHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0tyaFI3VFBLQWp6R3JtOGl6
WUt5RFZlcEswby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
PdAwDQYJKoZIhvcNAQELBQADggEBAJosA5S/DM0h3184Xpeg1Sj38C4CULlIY18I
Mr229jJ8kvPZqFr9Qxi9WR28onIvvIUNE5bKaGbo9VQkCaXs8GL4LydUY0OWL92z
IAAIVcOSMaMklWo+ICSsrW3hUnJ5UAC7wVyQmhwGra/su5PGvK1wyuyKvvSx/csB
sTlD9Fo0qhbPqExSZZZBnGwmGXbu5Iu/+xvK2jvtwBE6dIZkNL1rdhtoKm6LNZGR
nXcsdhHzuuHRKWOoSY2n01UxYbDks9VuV59xEGgI5ED6yXCkezSIITLFF/2vGlNE
zJqcjvUHaZjpNsMaM1vhZOpuRCJh5VYbV8quMtxe8nS3EhzbnKg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:03 2024 by rpki-client on console-fra.rpki-client.org