Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/aTMq4cnJYBZYsaQmFwsXMmHIYXY.roa
File:                     aTMq4cnJYBZYsaQmFwsXMmHIYXY.roa (raw, json)
Hash identifier:          CurSZULw1N1WirUPMSsOvWQpks+1NMYyAnf6RpmOd4s=
Subject key identifier:   69:33:2A:E1:C9:C9:60:16:58:B1:A4:26:17:0B:17:32:61:C8:61:76
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1545
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/aTMq4cnJYBZYsaQmFwsXMmHIYXY.roa
Signing time:             Fri 21 Oct 2022 08:57:09 +0000
ROA not before:           Fri 21 Oct 2022 08:57:09 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24163
IP address blocks:        180.218.224.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5445 (0x1545)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Oct 21 08:57:09 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=69332AE1C9C9601658B1A426170B173261C86176
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f8:31:ff:96:d2:e1:d8:2b:72:f4:2a:40:37:
                    17:33:59:6e:ea:09:7d:a7:73:0f:03:d5:6f:27:68:
                    b8:d0:71:f8:0e:95:9e:37:74:75:59:22:fa:d4:d3:
                    09:ac:61:61:c5:ff:f5:e4:d0:8f:55:4e:46:41:d0:
                    5f:04:1b:a1:0e:92:d0:80:0e:1e:cc:e1:12:3c:61:
                    a5:e1:92:6e:6a:f8:cd:4d:5e:a1:25:a5:84:5b:6e:
                    b0:e9:52:bd:66:ac:d7:ac:fa:3c:81:2f:9f:c3:09:
                    9f:b1:07:e6:27:35:e8:bb:11:f9:52:a8:27:97:b5:
                    1c:cb:d7:44:f0:3a:ac:80:53:24:6a:2a:87:db:48:
                    09:ff:56:6d:fa:47:46:0a:ff:8d:8a:a6:ab:6a:15:
                    e3:7d:4a:54:45:cb:45:f4:c4:89:8f:49:0a:34:06:
                    a6:6f:8f:77:96:35:b8:81:b0:43:b7:03:a3:7c:2d:
                    ab:b3:5e:f3:bd:2f:18:d1:ba:80:c6:c9:d4:7d:3e:
                    86:f7:34:09:e5:e9:5d:05:30:29:f6:41:df:df:66:
                    bb:a7:ff:6a:9f:3c:ef:9a:c3:d0:9b:b7:ba:5d:ad:
                    dd:27:8b:fe:57:a2:87:5d:e3:56:aa:03:41:e6:29:
                    14:bf:9d:29:e5:5d:91:58:22:1f:b8:70:bc:8d:eb:
                    cb:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:33:2A:E1:C9:C9:60:16:58:B1:A4:26:17:0B:17:32:61:C8:61:76
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/aTMq4cnJYBZYsaQmFwsXMmHIYXY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.218.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4b:b0:d1:c7:c4:58:16:f2:53:3e:c9:1b:10:ac:eb:18:da:01:
         9f:d2:77:97:b3:d2:73:fa:5b:e2:6a:68:3e:ea:a5:eb:9d:81:
         ed:d7:80:fa:01:65:84:2c:b3:58:eb:92:d9:f2:ba:a8:f7:21:
         77:7e:a8:bd:df:4b:01:bf:05:2a:09:f0:3d:3a:4f:4c:27:d8:
         3e:d9:46:40:98:3a:11:75:7c:c4:bb:65:53:23:1c:47:0a:6b:
         ec:d1:45:2f:0d:ab:92:8a:30:a6:c0:f8:6c:c1:f0:48:e0:54:
         76:33:ee:e3:aa:a7:43:f0:85:f2:f8:f4:d6:8b:fb:c7:a5:03:
         1e:7d:35:c9:91:22:b2:ae:8e:7d:e8:b9:73:b3:77:de:1e:38:
         02:83:21:fc:d4:a0:72:29:ec:43:58:c8:c6:0c:af:fe:32:3f:
         39:f4:ed:80:27:c6:3b:3c:56:5b:ee:de:02:19:b0:60:f3:c7:
         c4:b6:b1:69:00:18:00:0a:ad:87:27:31:9a:44:18:21:50:31:
         9a:fd:98:0f:09:d4:52:bb:ec:dd:52:cc:ff:a7:0c:df:7c:f0:
         de:46:98:da:45:67:1c:00:9e:12:d9:cb:9a:a8:7d:33:2b:0f:
         d2:cd:f8:d4:9b:88:0f:f6:44:aa:ef:00:1c:69:8f:8b:e3:fb:
         69:12:93:4c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjEw
ODU3MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY5MzMyQUUxQzlDOTYw
MTY1OEIxQTQyNjE3MEIxNzMyNjFDODYxNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH+DH/ltLh2Cty9CpANxczWW7qCX2ncw8D1W8naLjQcfgOlZ43
dHVZIvrU0wmsYWHF//Xk0I9VTkZB0F8EG6EOktCADh7M4RI8YaXhkm5q+M1NXqEl
pYRbbrDpUr1mrNes+jyBL5/DCZ+xB+YnNei7EflSqCeXtRzL10TwOqyAUyRqKofb
SAn/Vm36R0YK/42KpqtqFeN9SlRFy0X0xImPSQo0BqZvj3eWNbiBsEO3A6N8Lauz
XvO9LxjRuoDGydR9Pob3NAnl6V0FMCn2Qd/fZrun/2qfPO+aw9Cbt7pdrd0ni/5X
oodd41aqA0HmKRS/nSnlXZFYIh+4cLyN68vfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaTMq4cnJYBZYsaQmFwsXMmHIYXYwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2FUTXE0Y25KWUJaWXNhUW1G
d3NYTW1ISVlYWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO0
2uAwDQYJKoZIhvcNAQELBQADggEBAEuw0cfEWBbyUz7JGxCs6xjaAZ/Sd5ez0nP6
W+JqaD7qpeudge3XgPoBZYQss1jrktnyuqj3IXd+qL3fSwG/BSoJ8D06T0wn2D7Z
RkCYOhF1fMS7ZVMjHEcKa+zRRS8Nq5KKMKbA+GzB8EjgVHYz7uOqp0PwhfL49NaL
+8elAx59NcmRIrKujn3ouXOzd94eOAKDIfzUoHIp7ENYyMYMr/4yPzn07YAnxjs8
Vlvu3gIZsGDzx8S2sWkAGAAKrYcnMZpEGCFQMZr9mA8J1FK77N1SzP+nDN988N5G
mNpFZxwAnhLZy5qofTMrD9LN+NSbiA/2RKrvABxpj4vj+2kSk0w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:04 2024 by rpki-client on console-fra.rpki-client.org