Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QzPN6qIvGCDf3lynUt668FETFpM.roa
File:                     QzPN6qIvGCDf3lynUt668FETFpM.roa (raw, json)
Hash identifier:          NzH/j/Us2sj8gYsNBFe+QlY6dEOmAHwvvA+Ib0uDyMo=
Subject key identifier:   43:33:CD:EA:A2:2F:18:20:DF:DE:5C:A7:52:DE:BA:F0:51:13:16:93
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       14FE
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QzPN6qIvGCDf3lynUt668FETFpM.roa
Signing time:             Thu 15 Sep 2022 02:35:40 +0000
ROA not before:           Thu 15 Sep 2022 02:35:40 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24163
IP address blocks:        180.218.240.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5374 (0x14fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 15 02:35:40 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=4333CDEAA22F1820DFDE5CA752DEBAF051131693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:d4:bf:81:f8:28:b9:90:e2:17:0d:74:83:82:
                    ed:99:54:32:d2:4e:e0:17:90:4b:d9:9f:1e:e3:2f:
                    70:b1:59:7c:c5:b7:20:e0:ed:07:73:fe:fe:08:86:
                    27:bb:87:6f:52:bf:db:f6:f9:f0:02:30:c6:72:54:
                    4f:77:9d:dd:6e:95:05:9a:74:95:a2:a9:3e:71:dc:
                    62:61:e0:f0:19:da:95:b0:67:15:cc:2a:23:db:c7:
                    fb:82:67:98:dd:d0:58:26:2a:8c:63:b3:30:e7:ae:
                    99:fa:e2:42:db:f0:3d:2d:53:7a:ff:c4:87:f6:68:
                    18:11:56:a3:b2:89:5d:4f:36:c6:c3:67:25:ef:99:
                    2e:e8:29:3c:af:5b:0f:99:5a:10:78:df:ef:38:8c:
                    62:be:f7:e2:f0:93:71:0e:9b:9c:a1:d9:45:d7:29:
                    8b:4a:af:f8:48:f9:79:fe:15:a6:41:49:c9:26:a7:
                    5e:59:a5:0b:68:c8:89:2b:35:8c:b5:35:79:7a:8e:
                    38:b7:16:c6:1b:4c:a1:ee:63:98:c9:d5:e6:ab:ee:
                    39:e0:ed:40:3b:7c:e6:c3:a0:6f:05:b5:ec:9d:51:
                    c9:c3:e6:a2:2f:db:e4:22:7e:e3:54:d6:cd:59:26:
                    33:52:f5:ec:8f:97:d3:f3:74:54:8e:16:59:54:fd:
                    95:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:33:CD:EA:A2:2F:18:20:DF:DE:5C:A7:52:DE:BA:F0:51:13:16:93
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QzPN6qIvGCDf3lynUt668FETFpM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.218.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         0e:a2:dd:dc:bb:6d:3b:2e:b4:ec:4f:9d:a1:65:e6:f8:ea:86:
         97:dc:0b:98:4c:1c:8a:85:bc:75:04:a9:e1:43:7a:bc:36:dd:
         b5:94:e9:d1:d9:40:2b:c2:65:00:59:c7:bf:52:db:e3:c2:b8:
         3c:8e:33:63:21:05:2e:05:50:73:74:76:c3:7a:10:55:35:ab:
         8a:64:95:d7:2a:6d:92:f0:9b:02:92:dd:64:a4:63:db:89:46:
         30:67:e1:1e:27:2e:1b:ca:9e:7f:b5:cb:d6:fd:f7:0b:da:f6:
         c4:18:ca:13:b3:1f:e3:41:6f:93:27:b3:6b:04:ef:ff:19:bd:
         1d:81:77:d9:93:77:49:c2:56:b6:2b:12:b5:4d:b0:7e:f7:ee:
         a1:e7:25:b2:cc:b3:b0:9f:39:58:35:7a:52:59:45:a3:ce:c9:
         2b:f5:96:e6:2a:e5:ec:6d:f3:4d:94:7a:a0:bf:30:86:0f:30:
         6e:6f:77:eb:f9:23:52:1b:d5:51:47:da:26:80:ff:0f:3b:b9:
         52:8a:2b:00:4c:69:a9:ab:64:89:71:15:b9:5a:65:0a:b9:53:
         a5:ad:bd:5b:14:01:62:ea:33:e4:25:0b:cd:8f:e4:f0:1e:76:
         f5:49:cf:21:db:98:e8:80:53:7c:8a:81:ad:35:af:64:bf:ac:
         3b:eb:b6:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA5MTUw
MjM1NDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQzMzNDREVBQTIyRjE4
MjBERkRFNUNBNzUyREVCQUYwNTExMzE2OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn1L+B+Ci5kOIXDXSDgu2ZVDLSTuAXkEvZnx7jL3CxWXzFtyDg
7Qdz/v4Ihie7h29Sv9v2+fACMMZyVE93nd1ulQWadJWiqT5x3GJh4PAZ2pWwZxXM
KiPbx/uCZ5jd0FgmKoxjszDnrpn64kLb8D0tU3r/xIf2aBgRVqOyiV1PNsbDZyXv
mS7oKTyvWw+ZWhB43+84jGK+9+Lwk3EOm5yh2UXXKYtKr/hI+Xn+FaZBSckmp15Z
pQtoyIkrNYy1NXl6jji3FsYbTKHuY5jJ1ear7jng7UA7fObDoG8FteydUcnD5qIv
2+QifuNU1s1ZJjNS9eyPl9PzdFSOFllU/ZUXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQzPN6qIvGCDf3lynUt668FETFpMwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL1F6UE42cUl2R0NEZjNseW5V
dDY2OEZFVEZwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS0
2vAwDQYJKoZIhvcNAQELBQADggEBAA6i3dy7bTsutOxPnaFl5vjqhpfcC5hMHIqF
vHUEqeFDerw23bWU6dHZQCvCZQBZx79S2+PCuDyOM2MhBS4FUHN0dsN6EFU1q4pk
ldcqbZLwmwKS3WSkY9uJRjBn4R4nLhvKnn+1y9b99wva9sQYyhOzH+NBb5Mns2sE
7/8ZvR2Bd9mTd0nCVrYrErVNsH737qHnJbLMs7CfOVg1elJZRaPOySv1luYq5ext
802UeqC/MIYPMG5vd+v5I1Ib1VFH2iaA/w87uVKKKwBMaamrZIlxFblaZQq5U6Wt
vVsUAWLqM+QlC82P5PAedvVJzyHbmOiAU3yKga01r2S/rDvrtkc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:04 2024 by rpki-client on console-fra.rpki-client.org