Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/_Ib46EBz4sXy-84cWPJzCEHvE6Y.roa
File:                     _Ib46EBz4sXy-84cWPJzCEHvE6Y.roa (raw, json)
Hash identifier:          0tGqVtgSKcwKNWgnjPZlxdNZ2sdaR1hI0IYmjTcCKA8=
Subject key identifier:   FC:86:F8:E8:40:73:E2:C5:F2:FB:CE:1C:58:F2:73:08:41:EF:13:A6
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1234
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/_Ib46EBz4sXy-84cWPJzCEHvE6Y.roa
Signing time:             Wed 29 Sep 2021 02:54:19 +0000
ROA not before:           Wed 29 Sep 2021 02:54:19 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        49.158.88.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4660 (0x1234)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:54:19 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=FC86F8E84073E2C5F2FBCE1C58F2730841EF13A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2c:54:da:64:94:0f:1c:b9:1f:40:41:24:f0:
                    0d:3c:30:2e:8a:bc:a7:ea:f3:7e:0f:d8:5e:4f:57:
                    66:77:b8:2a:d2:c1:6b:5b:ea:51:20:d4:7f:5b:e8:
                    d9:10:ff:bc:bc:fa:33:1d:24:c6:ee:4e:44:9f:36:
                    3d:37:af:35:3b:e7:a2:48:69:af:4c:42:09:32:87:
                    07:24:52:29:54:c6:3b:ce:0d:0c:d1:cc:b9:c1:ec:
                    11:09:55:c4:72:54:ad:cf:1d:4c:ad:1c:af:e0:dc:
                    bd:a7:04:70:21:aa:9d:a3:e3:7a:6e:ee:d3:d8:9b:
                    12:a9:2f:07:b0:98:0f:0e:c3:12:51:ac:be:6a:e4:
                    21:a7:ed:2a:14:e0:e9:2a:fb:11:ea:b1:ee:c6:44:
                    d7:d1:52:fe:b4:f9:86:c0:8b:94:f9:15:c7:28:c6:
                    a9:82:ec:1d:6e:fa:e6:ba:84:7e:b8:1e:71:97:f8:
                    03:0a:0c:76:70:4e:01:53:a2:b6:99:5d:25:3d:f5:
                    5c:05:6e:5f:4b:f7:d2:56:92:46:43:6c:e5:9c:1b:
                    c7:f1:35:b7:0c:fc:e6:a2:ef:3a:94:c3:16:43:a1:
                    1a:4a:c5:6d:07:05:b7:1b:f3:16:ac:c3:f3:eb:09:
                    c3:f9:4a:6d:83:b2:63:43:8d:61:45:16:14:6d:cf:
                    47:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:86:F8:E8:40:73:E2:C5:F2:FB:CE:1C:58:F2:73:08:41:EF:13:A6
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/_Ib46EBz4sXy-84cWPJzCEHvE6Y.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         17:cc:b0:0d:df:22:1f:cb:c5:7d:af:c0:5e:66:2f:61:21:ec:
         c3:d0:4c:03:25:16:0b:e6:a3:c7:95:56:98:65:ca:76:c7:56:
         ec:66:2e:ca:b8:77:20:67:e6:f7:eb:ca:41:76:b5:0c:83:24:
         ae:15:73:3e:03:da:8c:c5:77:90:95:9b:28:ba:89:23:69:2f:
         2e:71:9c:35:24:1f:d9:90:60:9e:88:0b:69:c7:6c:81:dc:70:
         77:a2:ed:c1:9b:b5:fc:9a:07:e1:e2:d4:c4:a4:8a:a0:e9:d0:
         2b:68:e2:2a:16:8f:4e:3d:70:c0:99:e5:d6:f5:de:34:6a:ed:
         3f:bf:f3:b9:a5:14:59:7e:51:ed:6a:21:f7:90:0e:13:d7:46:
         40:64:cd:5a:0f:2f:6f:c1:8b:d3:6b:02:83:d8:1d:a0:24:d0:
         2c:08:8c:d4:6b:0b:52:a4:43:d7:92:46:b9:f1:64:3b:cb:bf:
         fd:8e:0f:b4:28:10:47:e8:20:7f:d7:97:ba:34:2c:17:ec:9d:
         30:75:d7:bc:8d:dd:11:2f:47:7c:89:56:73:63:87:24:18:1e:
         dd:a1:d5:b2:75:fd:5a:42:32:c8:18:bc:b5:1c:3c:ca:9b:96:
         eb:c1:cd:a2:15:47:a4:ac:e9:2f:d0:87:ea:49:54:36:53:d2:
         f1:6d:2c:9a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEjQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU0MTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEZDODZGOEU4NDA3M0Uy
QzVGMkZCQ0UxQzU4RjI3MzA4NDFFRjEzQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmLFTaZJQPHLkfQEEk8A08MC6KvKfq834P2F5PV2Z3uCrSwWtb
6lEg1H9b6NkQ/7y8+jMdJMbuTkSfNj03rzU756JIaa9MQgkyhwckUilUxjvODQzR
zLnB7BEJVcRyVK3PHUytHK/g3L2nBHAhqp2j43pu7tPYmxKpLwewmA8OwxJRrL5q
5CGn7SoU4Okq+xHqse7GRNfRUv60+YbAi5T5FccoxqmC7B1u+ua6hH64HnGX+AMK
DHZwTgFToraZXSU99VwFbl9L99JWkkZDbOWcG8fxNbcM/Oai7zqUwxZDoRpKxW0H
Bbcb8xasw/PrCcP5Sm2DsmNDjWFFFhRtz0dlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/Ib46EBz4sXy+84cWPJzCEHvE6YwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL19JYjQ2RUJ6NHNYeS04NGNX
UEp6Q0VIdkU2WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nlgwDQYJKoZIhvcNAQELBQADggEBABfMsA3fIh/LxX2vwF5mL2Eh7MPQTAMlFgvm
o8eVVphlynbHVuxmLsq4dyBn5vfrykF2tQyDJK4Vcz4D2ozFd5CVmyi6iSNpLy5x
nDUkH9mQYJ6IC2nHbIHccHei7cGbtfyaB+Hi1MSkiqDp0Cto4ioWj049cMCZ5db1
3jRq7T+/87mlFFl+Ue1qIfeQDhPXRkBkzVoPL2/Bi9NrAoPYHaAk0CwIjNRrC1Kk
Q9eSRrnxZDvLv/2OD7QoEEfoIH/Xl7o0LBfsnTB117yN3REvR3yJVnNjhyQYHt2h
1bJ1/VpCMsgYvLUcPMqbluvBzaIVR6Ss6S/Qh+pJVDZT0vFtLJo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:48 2024 by rpki-client on console-ams.rpki-client.org