Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/h0XOjaDZj8XoTb-6NGWmtcdN11g.roa
File:                     h0XOjaDZj8XoTb-6NGWmtcdN11g.roa (raw, json)
Hash identifier:          ucBFvwtf3P+8nDutn3L5F/x0EfUVV/3rBggpHxr1UZ4=
Subject key identifier:   87:45:CE:8D:A0:D9:8F:C5:E8:4D:BF:BA:34:65:A6:B5:C7:4D:D7:58
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1AA9
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/h0XOjaDZj8XoTb-6NGWmtcdN11g.roa
Signing time:             Thu 22 Dec 2022 01:26:34 +0000
ROA not before:           Thu 22 Dec 2022 01:26:34 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24165
IP address blocks:        103.225.0.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6825 (0x1aa9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Dec 22 01:26:34 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=8745CE8DA0D98FC5E84DBFBA3465A6B5C74DD758
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:6d:d7:24:18:48:42:f1:5e:3d:75:f7:c4:00:
                    37:1b:54:eb:c6:e9:b7:0e:b2:e1:18:6e:0f:a4:3e:
                    44:ed:64:e6:dd:bd:2c:5a:b5:b5:05:ca:6d:33:db:
                    85:38:c0:f5:9b:02:4c:ed:88:d5:2d:1f:1b:62:43:
                    4c:ef:e1:5e:23:68:c5:13:1d:58:a8:cc:d6:41:a6:
                    54:9e:14:ad:b1:b6:f8:53:0b:1d:d5:dc:fd:d1:21:
                    bd:c3:bb:6b:b7:43:d6:53:1b:69:51:dd:f9:c2:1a:
                    c5:c6:0d:09:04:e0:e9:cb:ce:93:37:e9:0c:b9:f2:
                    3c:de:93:d5:18:73:d4:8e:4f:ef:c5:38:e7:c7:09:
                    ec:e0:39:0d:2e:53:b9:80:68:6d:6e:31:1c:28:08:
                    f7:4e:99:6a:bb:e2:b7:4e:2d:82:da:71:fc:0b:3a:
                    4a:53:9d:f3:e5:27:4d:49:59:b0:ab:72:44:57:df:
                    cf:42:87:14:1e:84:81:66:5a:36:55:49:3c:53:ad:
                    3a:6a:5b:6c:d0:ea:59:2d:68:bb:74:13:7d:af:5f:
                    d6:1a:e8:da:51:4b:45:40:05:60:92:1c:36:f5:91:
                    c7:ba:5f:06:6a:eb:c9:c1:0a:a9:8f:73:e4:b2:35:
                    03:4f:6f:bd:f4:5f:65:f9:08:96:75:b3:11:57:fe:
                    3e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:45:CE:8D:A0:D9:8F:C5:E8:4D:BF:BA:34:65:A6:B5:C7:4D:D7:58
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/h0XOjaDZj8XoTb-6NGWmtcdN11g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.225.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:6e:ed:d5:d4:91:a1:b5:9f:a0:e6:c3:f1:8e:5e:ce:89:73:
         55:de:c1:98:e4:b6:7c:93:2f:de:f6:3b:cf:3c:d4:9d:cf:db:
         fc:da:13:c4:fb:e0:e4:4c:69:ba:c2:7d:d8:48:25:b2:87:0a:
         5e:27:2b:9e:e4:c4:ae:b0:93:63:2c:96:e5:a7:8a:d0:92:14:
         97:db:58:e3:8d:5d:d8:6b:25:89:48:4b:c5:a0:04:78:e6:cb:
         70:0a:36:6e:4f:c9:71:e8:fe:f6:5f:89:9d:aa:bb:71:13:42:
         e3:ab:09:91:8e:81:bd:a4:c5:39:97:f3:d0:35:3a:a9:a6:a4:
         3d:d1:73:8b:0e:7c:bb:fc:49:a1:a1:79:db:86:fd:1e:32:48:
         c5:17:ef:a6:0a:ce:76:1e:ea:4f:9e:89:ea:bb:cd:d0:1c:58:
         ad:49:c8:69:07:30:79:4c:72:6b:9d:8f:2e:ec:04:34:ff:76:
         56:88:da:ad:a1:9d:ec:fd:26:be:14:ae:9d:e9:1a:13:51:20:
         71:37:29:54:5c:6b:44:c1:be:e6:6b:dc:32:3e:84:65:8d:65:
         8c:01:53:06:56:6d:4f:fe:50:66:fd:2b:f9:b9:17:b2:80:df:
         19:fd:1e:ee:e8:5a:3a:d8:bf:53:e2:d6:2a:d3:f9:95:bd:6e:
         cd:ea:d4:0a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEyMjIw
MTI2MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg3NDVDRThEQTBEOThG
QzVFODREQkZCQTM0NjVBNkI1Qzc0REQ3NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVbdckGEhC8V49dffEADcbVOvG6bcOsuEYbg+kPkTtZObdvSxa
tbUFym0z24U4wPWbAkztiNUtHxtiQ0zv4V4jaMUTHViozNZBplSeFK2xtvhTCx3V
3P3RIb3Du2u3Q9ZTG2lR3fnCGsXGDQkE4OnLzpM36Qy58jzek9UYc9SOT+/FOOfH
CezgOQ0uU7mAaG1uMRwoCPdOmWq74rdOLYLacfwLOkpTnfPlJ01JWbCrckRX389C
hxQehIFmWjZVSTxTrTpqW2zQ6lktaLt0E32vX9Ya6NpRS0VABWCSHDb1kce6XwZq
68nBCqmPc+SyNQNPb730X2X5CJZ1sxFX/j6xAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUh0XOjaDZj8XoTb+6NGWmtcdN11gwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2gwWE9qYURaajhYb1RiLTZO
R1dtdGNkTjExZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn
4QAwDQYJKoZIhvcNAQELBQADggEBAEdu7dXUkaG1n6Dmw/GOXs6Jc1XewZjktnyT
L972O8881J3P2/zaE8T74ORMabrCfdhIJbKHCl4nK57kxK6wk2MsluWnitCSFJfb
WOONXdhrJYlIS8WgBHjmy3AKNm5PyXHo/vZfiZ2qu3ETQuOrCZGOgb2kxTmX89A1
OqmmpD3Rc4sOfLv8SaGheduG/R4ySMUX76YKznYe6k+eieq7zdAcWK1JyGkHMHlM
cmudjy7sBDT/dlaI2q2hnez9Jr4Urp3pGhNRIHE3KVRca0TBvuZr3DI+hGWNZYwB
UwZWbU/+UGb9K/m5F7KA3xn9Hu7oWjrYv1Pi1irT+ZW9bs3q1Ao=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:49 2024 by rpki-client on console-ams.rpki-client.org