Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OP5dhxhSi856DaBz_fFkvT9RNv4.roa
File:                     OP5dhxhSi856DaBz_fFkvT9RNv4.roa (raw, json)
Hash identifier:          MvuiknpoCdgeRdBFrrhobrNvdlGtGhDJ9zntSzuTr4Y=
Subject key identifier:   38:FE:5D:87:18:52:8B:CE:7A:0D:A0:73:FD:F1:64:BD:3F:51:36:FE
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       152D
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OP5dhxhSi856DaBz_fFkvT9RNv4.roa
Signing time:             Fri 21 Oct 2022 08:27:13 +0000
ROA not before:           Fri 21 Oct 2022 08:27:13 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        122.100.88.0/21 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5421 (0x152d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Oct 21 08:27:13 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=38FE5D8718528BCE7A0DA073FDF164BD3F5136FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:39:3a:8b:6b:ef:64:5f:89:f6:e3:f0:9a:53:
                    74:38:df:38:72:b5:58:a2:2d:00:b7:c0:d3:b8:1f:
                    b4:33:01:93:71:c5:07:cb:f2:f6:de:21:cc:dc:dc:
                    e8:a5:3e:15:93:25:1a:e5:13:ca:f7:eb:6f:2b:f1:
                    a6:28:29:bc:7f:a8:94:d1:4e:97:24:08:8f:56:96:
                    2a:19:b1:f5:53:f6:1f:e4:2f:e4:bb:f1:34:57:53:
                    ff:4e:4f:9c:3c:98:8b:34:f9:a2:c5:a3:7c:55:55:
                    a6:57:f3:ce:5c:a9:28:d7:4b:bd:16:d5:77:6c:06:
                    98:57:b2:16:39:54:4f:58:fd:66:7a:e3:d5:eb:3d:
                    be:c0:a3:cf:54:3b:25:b4:36:64:7a:a6:b0:ff:40:
                    33:49:6b:93:97:8a:d9:04:7d:1a:be:b8:aa:1b:10:
                    a7:0b:9c:bb:ee:b1:6e:49:cd:46:03:d0:ca:97:d9:
                    3a:d0:d7:81:19:a2:c4:e1:68:18:0f:fd:3b:e6:79:
                    4e:39:08:fc:d8:9f:23:10:f2:ed:79:a0:3d:04:ac:
                    6d:8f:b5:99:f5:1b:72:cd:48:b6:30:72:d6:dc:d9:
                    34:cd:3e:f6:aa:bb:83:f4:67:8f:1a:8b:96:3f:00:
                    e1:32:fb:cd:3d:00:c6:75:9a:e7:23:90:a4:e9:c5:
                    8e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:FE:5D:87:18:52:8B:CE:7A:0D:A0:73:FD:F1:64:BD:3F:51:36:FE
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/OP5dhxhSi856DaBz_fFkvT9RNv4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.100.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         66:72:5c:53:71:d1:08:25:38:91:d4:56:1c:7a:a9:d5:41:59:
         7a:d0:52:0a:dd:eb:62:ed:3f:87:20:19:f6:56:ba:5a:4a:28:
         4a:99:8e:89:ff:e3:47:92:e7:40:86:ca:18:4a:4b:9b:28:83:
         39:e8:55:5a:78:67:d4:da:71:51:57:65:65:f3:a3:fc:73:87:
         fe:e3:69:2b:8d:b1:f8:5a:b4:70:55:0c:3e:78:93:95:81:dc:
         da:0b:72:7d:25:3b:6a:80:28:1f:a6:33:00:90:8a:7d:f2:43:
         0c:2d:8a:1b:d4:68:54:5a:ab:8a:c3:3d:0a:66:96:93:89:f9:
         74:ae:81:03:fc:81:83:88:93:89:03:8d:b8:24:68:50:83:7f:
         f1:5a:74:d2:f2:dd:84:10:a3:a0:15:ec:fd:18:91:4d:40:5e:
         98:1f:7a:05:8d:57:58:f0:f7:51:3a:89:01:52:9b:25:55:9f:
         9f:88:15:d0:10:f3:2a:4a:26:0e:ee:f3:57:29:1b:63:19:6f:
         52:52:fa:50:91:88:ea:e7:64:a2:29:15:6e:23:d2:36:51:37:
         4a:d9:83:65:70:4a:5a:44:3c:1c:6e:ef:aa:08:0a:a8:a5:50:
         fe:20:0c:6a:42:9c:77:95:eb:35:e3:5e:2c:29:c8:6e:c1:c7:
         b3:48:58:59
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFS0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjEw
ODI3MTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM4RkU1RDg3MTg1MjhC
Q0U3QTBEQTA3M0ZERjE2NEJEM0Y1MTM2RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtOTqLa+9kX4n24/CaU3Q43zhytViiLQC3wNO4H7QzAZNxxQfL
8vbeIczc3OilPhWTJRrlE8r3628r8aYoKbx/qJTRTpckCI9WlioZsfVT9h/kL+S7
8TRXU/9OT5w8mIs0+aLFo3xVVaZX885cqSjXS70W1XdsBphXshY5VE9Y/WZ649Xr
Pb7Ao89UOyW0NmR6prD/QDNJa5OXitkEfRq+uKobEKcLnLvusW5JzUYD0MqX2TrQ
14EZosThaBgP/TvmeU45CPzYnyMQ8u15oD0ErG2PtZn1G3LNSLYwctbc2TTNPvaq
u4P0Z48ai5Y/AOEy+809AMZ1mucjkKTpxY6tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOP5dhxhSi856DaBz/fFkvT9RNv4wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL09QNWRoeGhTaTg1NkRhQnpf
ZkZrdlQ5Uk52NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN6
ZFgwDQYJKoZIhvcNAQELBQADggEBAGZyXFNx0QglOJHUVhx6qdVBWXrQUgrd62Lt
P4cgGfZWulpKKEqZjon/40eS50CGyhhKS5sogznoVVp4Z9TacVFXZWXzo/xzh/7j
aSuNsfhatHBVDD54k5WB3NoLcn0lO2qAKB+mMwCQin3yQwwtihvUaFRaq4rDPQpm
lpOJ+XSugQP8gYOIk4kDjbgkaFCDf/FadNLy3YQQo6AV7P0YkU1AXpgfegWNV1jw
91E6iQFSmyVVn5+IFdAQ8ypKJg7u81cpG2MZb1JS+lCRiOrnZKIpFW4j0jZRN0rZ
g2VwSlpEPBxu76oICqilUP4gDGpCnHeV6zXjXiwpyG7Bx7NIWFk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:47 2024 by rpki-client on console-ams.rpki-client.org