Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Q2ymv5AyVxO-Sb2hi0H0eyWd9k8.roa
File:                     Q2ymv5AyVxO-Sb2hi0H0eyWd9k8.roa (raw, json)
Hash identifier:          PsFOuYkkNeel69RMve8O+r0QMvTFf6pOZrKro3kQjyM=
Subject key identifier:   43:6C:A6:BF:90:32:57:13:BE:49:BD:A1:8B:41:F4:7B:25:9D:F6:4F
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1481
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Q2ymv5AyVxO-Sb2hi0H0eyWd9k8.roa
Signing time:             Mon 20 Jun 2022 08:04:15 +0000
ROA not before:           Mon 20 Jun 2022 08:04:15 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24165
IP address blocks:        49.158.232.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5249 (0x1481)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Jun 20 08:04:15 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=436CA6BF90325713BE49BDA18B41F47B259DF64F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:28:e4:18:bf:b5:ce:72:35:1d:19:78:a9:20:
                    4a:b1:b9:25:a3:04:a9:03:f2:bc:3a:a5:c9:84:da:
                    e5:77:85:04:2e:d5:c8:a9:13:47:3f:a0:74:cc:6a:
                    30:46:8b:dd:ad:1d:b9:59:d4:0d:b9:3e:cb:1b:f9:
                    8b:09:34:5e:ef:9f:0d:fd:75:be:f4:9b:74:24:e8:
                    f2:fc:c0:66:19:aa:12:44:18:e0:5f:b1:20:49:34:
                    32:de:d1:0b:e7:cf:19:b0:53:a3:26:8a:6f:fa:de:
                    16:c6:50:bf:7a:0c:c6:cb:75:04:7a:53:9e:91:58:
                    2a:9c:8a:d1:70:a0:f5:9a:8f:72:87:6d:4a:51:a6:
                    cb:df:0d:e1:15:ec:71:95:65:d5:a5:22:88:4b:03:
                    23:01:1d:7d:39:e3:ca:6f:6f:7b:ae:21:ee:66:81:
                    ba:79:35:08:b6:89:4c:f2:e0:c8:6e:1c:38:0c:73:
                    ee:f7:4e:e8:f4:d8:29:52:d4:14:fb:c4:bb:73:f9:
                    ff:b3:06:f1:fc:72:fc:84:75:ea:b4:75:8d:98:ca:
                    b2:78:58:1b:14:64:5e:c4:20:d0:67:d1:39:98:36:
                    11:f4:15:5c:b4:cf:ab:77:91:7f:65:7f:21:ef:d8:
                    51:ca:a4:3d:36:a4:9a:f6:59:9c:ed:56:e1:f2:73:
                    e4:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:6C:A6:BF:90:32:57:13:BE:49:BD:A1:8B:41:F4:7B:25:9D:F6:4F
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Q2ymv5AyVxO-Sb2hi0H0eyWd9k8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         56:28:c8:66:3c:92:ec:1b:66:19:ee:21:6b:31:05:c8:9b:6b:
         4a:8d:b2:05:9e:0e:2a:e4:0d:24:ca:cc:a0:9a:08:06:d5:d7:
         39:bc:af:76:78:b6:04:e6:f7:54:73:7f:1f:45:03:23:d4:74:
         01:b0:2d:2d:9f:1c:20:f9:0a:aa:7f:5d:98:41:99:39:4c:2d:
         38:d1:eb:9e:b0:8e:82:c2:e7:a9:96:cd:2d:90:62:75:1f:f7:
         20:e9:e2:c6:67:96:21:cc:02:b9:95:a4:ad:09:d9:06:f5:45:
         44:81:e3:0d:d6:db:d3:53:3b:c4:89:b4:f5:ef:d9:87:ec:f4:
         5c:84:a0:65:8d:5c:78:fc:62:88:9e:a8:07:5d:20:88:f1:cb:
         80:34:9a:1d:cd:f3:ff:f4:49:6d:3a:85:8e:9a:4c:1e:be:9f:
         53:79:58:aa:ca:58:47:dd:67:3e:ef:5e:82:a3:ab:1f:a1:a3:
         d2:f0:8e:d3:17:5c:1f:ca:48:8b:a0:57:b5:58:68:c3:98:27:
         2a:ba:03:cc:a3:f8:52:b1:00:8c:63:08:80:6d:d7:96:bf:c1:
         31:ec:5c:87:a9:d7:82:b8:8e:cd:4e:62:35:f0:7f:d3:46:f4:
         a5:74:98:16:ac:a8:3f:75:28:67:62:20:5b:a8:32:cf:ba:be:
         38:49:fa:8b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA2MjAw
ODA0MTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQzNkNBNkJGOTAzMjU3
MTNCRTQ5QkRBMThCNDFGNDdCMjU5REY2NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXKOQYv7XOcjUdGXipIEqxuSWjBKkD8rw6pcmE2uV3hQQu1cip
E0c/oHTMajBGi92tHblZ1A25Pssb+YsJNF7vnw39db70m3Qk6PL8wGYZqhJEGOBf
sSBJNDLe0QvnzxmwU6Mmim/63hbGUL96DMbLdQR6U56RWCqcitFwoPWaj3KHbUpR
psvfDeEV7HGVZdWlIohLAyMBHX0548pvb3uuIe5mgbp5NQi2iUzy4MhuHDgMc+73
Tuj02ClS1BT7xLtz+f+zBvH8cvyEdeq0dY2YyrJ4WBsUZF7EINBn0TmYNhH0FVy0
z6t3kX9lfyHv2FHKpD02pJr2WZztVuHyc+SjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQ2ymv5AyVxO+Sb2hi0H0eyWd9k8wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL1EyeW12NUF5VnhPLVNiMmhp
MEgwZXlXZDlrOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEx
nugwDQYJKoZIhvcNAQELBQADggEBAFYoyGY8kuwbZhnuIWsxBciba0qNsgWeDirk
DSTKzKCaCAbV1zm8r3Z4tgTm91Rzfx9FAyPUdAGwLS2fHCD5Cqp/XZhBmTlMLTjR
656wjoLC56mWzS2QYnUf9yDp4sZnliHMArmVpK0J2Qb1RUSB4w3W29NTO8SJtPXv
2Yfs9FyEoGWNXHj8YoieqAddIIjxy4A0mh3N8//0SW06hY6aTB6+n1N5WKrKWEfd
Zz7vXoKjqx+ho9LwjtMXXB/KSIugV7VYaMOYJyq6A8yj+FKxAIxjCIBt15a/wTHs
XIep14K4js1OYjXwf9NG9KV0mBasqD91KGdiIFuoMs+6vjhJ+os=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:03 2024 by rpki-client on console-fra.rpki-client.org