Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Zi_TLi-0h85VXcBmecQP-i23K44.roa
File:                     Zi_TLi-0h85VXcBmecQP-i23K44.roa (raw, json)
Hash identifier:          sXYcxNiYQN4qcyuU359nB8/HAHMac2ObdkT+D9rrMYI=
Subject key identifier:   66:2F:D3:2E:2F:B4:87:CE:55:5D:C0:66:79:C4:0F:FA:2D:B7:2B:8E
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1279
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Zi_TLi-0h85VXcBmecQP-i23K44.roa
Signing time:             Wed 29 Sep 2021 02:54:37 +0000
ROA not before:           Wed 29 Sep 2021 02:54:37 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24163
IP address blocks:        211.76.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4729 (0x1279)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:54:37 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=662FD32E2FB487CE555DC06679C40FFA2DB72B8E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:16:f1:3d:23:bc:4b:e3:a8:8d:9e:a7:31:c0:
                    4b:de:e1:dc:9a:d4:30:70:ca:9f:9d:b3:5c:97:52:
                    59:ea:bb:58:1b:c5:71:a9:8f:75:c4:bc:af:4b:ab:
                    42:1a:d6:f6:91:b1:07:92:ba:8b:4d:e2:75:6f:b7:
                    af:2c:bf:ba:0a:de:21:b1:79:7e:c9:9a:39:04:6b:
                    04:e9:4f:f6:7c:f9:1c:21:83:eb:4d:3c:88:2d:96:
                    3a:9b:6c:15:f6:8e:15:39:77:19:bc:ec:76:c2:a3:
                    2c:ca:d7:34:e6:27:41:cb:8f:5d:cd:e8:eb:2b:9a:
                    88:7b:b0:6d:d6:40:b1:38:4d:88:0e:17:27:37:47:
                    fe:1f:6d:49:b0:b4:cf:a0:11:b2:67:9c:75:1c:13:
                    9d:55:c2:8b:ec:33:29:4c:d5:fc:2c:15:55:51:13:
                    8c:6a:15:a8:21:ab:13:e3:f4:5d:45:36:5d:d7:c2:
                    eb:53:37:88:5a:16:81:42:79:61:4c:45:ba:80:7b:
                    26:77:22:1f:eb:54:76:60:fe:32:61:f1:f8:ee:7a:
                    5c:eb:99:f7:3a:51:12:ff:b1:df:2f:38:bb:66:e1:
                    b0:67:85:82:4f:32:7e:c4:9b:05:c1:4d:83:56:17:
                    d0:17:2e:d2:13:fe:a9:38:95:2f:90:f0:6b:7f:7a:
                    c3:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:2F:D3:2E:2F:B4:87:CE:55:5D:C0:66:79:C4:0F:FA:2D:B7:2B:8E
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/Zi_TLi-0h85VXcBmecQP-i23K44.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.76.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:57:ff:b8:2d:0b:59:92:b0:53:c9:9f:b2:bd:76:a0:9a:1b:
         e1:8b:60:99:ae:96:6d:7b:ff:94:4b:06:f5:44:d6:c5:4c:8d:
         91:d2:1e:e8:1b:f4:1e:e7:65:7a:4e:93:17:f9:af:b2:52:3f:
         e9:96:61:df:8c:72:bf:34:cd:98:69:70:b1:9f:24:61:42:24:
         93:66:44:35:90:0b:3a:fa:cf:b4:9d:61:38:d1:a4:0d:12:98:
         75:c5:24:3d:95:1b:7c:09:b8:79:01:9f:61:49:16:c1:fa:96:
         22:60:f9:dd:c1:1a:ff:fd:54:a8:e2:e6:29:95:49:1d:f4:1e:
         b7:0f:80:b2:27:37:b9:18:bf:42:99:ab:7c:2e:34:07:45:fe:
         ca:7c:6c:bb:20:cb:38:e0:88:e7:72:ad:3e:f4:0e:5f:86:1b:
         c1:34:30:37:8d:ad:7d:82:8d:c1:ad:8f:68:c0:19:b8:06:60:
         54:d0:89:86:90:1a:32:07:d4:ad:1d:04:1b:fd:6b:48:7e:4e:
         99:bf:35:1e:7d:eb:48:84:dc:92:1a:95:8e:09:3d:bc:5f:bf:
         58:88:f3:24:3d:29:e3:28:a8:77:1e:6a:61:2e:1b:ac:13:15:
         0b:18:3b:c0:d2:e1:5b:b9:86:3d:0e:40:71:a1:7f:ef:46:54:
         20:49:b2:6c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEnkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0MzdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY2MkZEMzJFMkZCNDg3
Q0U1NTVEQzA2Njc5QzQwRkZBMkRCNzJCOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1FvE9I7xL46iNnqcxwEve4dya1DBwyp+ds1yXUlnqu1gbxXGp
j3XEvK9Lq0Ia1vaRsQeSuotN4nVvt68sv7oK3iGxeX7JmjkEawTpT/Z8+Rwhg+tN
PIgtljqbbBX2jhU5dxm87HbCoyzK1zTmJ0HLj13N6Osrmoh7sG3WQLE4TYgOFyc3
R/4fbUmwtM+gEbJnnHUcE51VwovsMylM1fwsFVVRE4xqFaghqxPj9F1FNl3XwutT
N4haFoFCeWFMRbqAeyZ3Ih/rVHZg/jJh8fjuelzrmfc6URL/sd8vOLtm4bBnhYJP
Mn7EmwXBTYNWF9AXLtIT/qk4lS+Q8Gt/esNXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZi/TLi+0h85VXcBmecQP+i23K44wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL1ppX1RMaS0waDg1VlhjQm1l
Y1FQLWkyM0s0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADT
TDUwDQYJKoZIhvcNAQELBQADggEBAIFX/7gtC1mSsFPJn7K9dqCaG+GLYJmulm17
/5RLBvVE1sVMjZHSHugb9B7nZXpOkxf5r7JSP+mWYd+Mcr80zZhpcLGfJGFCJJNm
RDWQCzr6z7SdYTjRpA0SmHXFJD2VG3wJuHkBn2FJFsH6liJg+d3BGv/9VKji5imV
SR30HrcPgLInN7kYv0KZq3wuNAdF/sp8bLsgyzjgiOdyrT70Dl+GG8E0MDeNrX2C
jcGtj2jAGbgGYFTQiYaQGjIH1K0dBBv9a0h+Tpm/NR5960iE3JIalY4JPbxfv1iI
8yQ9KeMoqHceamEuG6wTFQsYO8DS4Vu5hj0OQHGhf+9GVCBJsmw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:04 2024 by rpki-client on console-fra.rpki-client.org