Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/kiRl1oe6qTnkbo2qTJbE5GFS4W8.roa
File:                     kiRl1oe6qTnkbo2qTJbE5GFS4W8.roa (raw, json)
Hash identifier:          pkWm+lOe46Hr5fPNczsZ3SiMlo+cJwZdiWYv3nfdGno=
Subject key identifier:   92:24:65:D6:87:BA:A9:39:E4:6E:8D:AA:4C:96:C4:E4:61:52:E1:6F
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       19C0
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/kiRl1oe6qTnkbo2qTJbE5GFS4W8.roa
Signing time:             Sat 22 Oct 2022 06:08:52 +0000
ROA not before:           Sat 22 Oct 2022 06:08:52 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        49.159.240.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6592 (0x19c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Oct 22 06:08:52 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=922465D687BAA939E46E8DAA4C96C4E46152E16F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:e2:c5:eb:93:71:24:9f:d8:c3:b0:a7:bb:5e:
                    d3:b3:89:11:5b:37:ef:cf:2a:71:0d:0c:dc:04:2c:
                    a2:23:3f:c2:b4:2c:ee:15:48:45:be:b5:0e:69:66:
                    9e:c2:a7:54:34:9d:fd:8f:a4:fa:53:e4:6c:f1:44:
                    7e:b7:c6:37:a0:b8:68:b1:85:8d:90:df:b6:b2:e8:
                    47:21:76:44:2c:34:4f:18:df:24:50:8c:a5:a3:65:
                    34:9c:41:4f:07:03:85:ca:2e:8e:6d:1c:4e:da:69:
                    d2:25:71:b9:5a:cf:f0:e2:db:90:34:fa:6f:ab:fe:
                    ff:1d:0a:76:d4:6c:36:ca:7f:6a:5e:bb:4e:01:fa:
                    e9:7b:6b:56:7e:7c:e2:a5:96:26:0d:50:c8:22:a2:
                    55:c7:66:51:dc:53:b9:49:b2:1c:6b:a6:73:63:b1:
                    88:84:7e:fb:71:ec:4d:f0:a7:e0:93:c4:fb:5e:b4:
                    be:00:36:22:8f:7f:dd:37:54:f8:b1:b2:42:a1:9c:
                    bc:49:55:78:40:e1:aa:7a:2c:98:a9:df:d5:5d:71:
                    21:ba:4e:95:06:0a:17:00:0c:e6:9f:d4:c3:b6:e1:
                    8a:f2:96:bf:be:28:e1:ff:7b:8a:c9:bc:72:67:09:
                    38:fa:b8:76:43:d7:b7:af:2b:70:b8:c7:fe:ba:eb:
                    7b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:24:65:D6:87:BA:A9:39:E4:6E:8D:AA:4C:96:C4:E4:61:52:E1:6F
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/kiRl1oe6qTnkbo2qTJbE5GFS4W8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.159.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         99:43:14:e9:db:6b:7b:9e:3a:cc:47:df:d4:34:56:6c:0b:0c:
         b6:b2:4a:52:42:85:57:74:21:88:ba:3b:c5:4e:5b:14:42:54:
         5e:82:76:3d:ac:4b:16:6c:6a:d6:c5:9a:b7:2a:31:60:2f:59:
         70:bb:c5:d3:87:10:05:c8:ef:ad:2f:2e:7f:fe:f7:3e:23:49:
         8f:dc:3e:3f:3c:49:91:9a:a3:6a:f9:d1:5c:74:a2:4e:09:38:
         6f:1e:4f:fd:16:c4:8e:80:d2:3c:a1:51:fc:17:b2:53:2f:0a:
         c8:0e:d9:10:3e:ba:4c:70:f9:81:bf:b4:08:67:be:fe:4a:3e:
         38:f7:1b:09:0f:df:5d:44:ef:0c:e8:2c:1e:96:ae:f5:2c:87:
         9d:f0:f2:4e:95:29:83:b1:af:05:b7:bc:0c:f2:ff:5c:8d:10:
         66:c0:eb:80:12:30:d6:ba:1d:49:e2:c4:7c:ed:f9:c1:39:d3:
         ff:8e:e7:6e:8b:93:05:9c:69:ae:01:45:52:01:8f:af:1a:a0:
         bf:54:b7:5e:73:04:17:80:05:1a:1b:1b:36:49:5d:0a:18:91:
         ec:3f:53:c6:bc:41:2d:86:50:d7:f7:d1:19:78:94:5a:b5:cd:
         d3:ab:cb:bb:45:df:24:b8:25:c7:f1:58:9c:9e:a9:90:85:18:
         45:15:55:ce
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA4NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDkyMjQ2NUQ2ODdCQUE5
MzlFNDZFOERBQTRDOTZDNEU0NjE1MkUxNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB4sXrk3Ekn9jDsKe7XtOziRFbN+/PKnENDNwELKIjP8K0LO4V
SEW+tQ5pZp7Cp1Q0nf2PpPpT5GzxRH63xjeguGixhY2Q37ay6EchdkQsNE8Y3yRQ
jKWjZTScQU8HA4XKLo5tHE7aadIlcblaz/Di25A0+m+r/v8dCnbUbDbKf2peu04B
+ul7a1Z+fOKlliYNUMgiolXHZlHcU7lJshxrpnNjsYiEfvtx7E3wp+CTxPtetL4A
NiKPf903VPixskKhnLxJVXhA4ap6LJip39VdcSG6TpUGChcADOaf1MO24Yrylr++
KOH/e4rJvHJnCTj6uHZD17evK3C4x/6663t1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkiRl1oe6qTnkbo2qTJbE5GFS4W8wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2tpUmwxb2U2cVRua2JvMnFU
SmJFNUdGUzRXOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n/AwDQYJKoZIhvcNAQELBQADggEBAJlDFOnba3ueOsxH39Q0VmwLDLaySlJChVd0
IYi6O8VOWxRCVF6Cdj2sSxZsatbFmrcqMWAvWXC7xdOHEAXI760vLn/+9z4jSY/c
Pj88SZGao2r50Vx0ok4JOG8eT/0WxI6A0jyhUfwXslMvCsgO2RA+ukxw+YG/tAhn
vv5KPjj3GwkP311E7wzoLB6WrvUsh53w8k6VKYOxrwW3vAzy/1yNEGbA64ASMNa6
HUnixHzt+cE50/+O526LkwWcaa4BRVIBj68aoL9Ut15zBBeABRobGzZJXQoYkew/
U8a8QS2GUNf30Rl4lFq1zdOry7tF3yS4JcfxWJyeqZCFGEUVVc4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:49 2024 by rpki-client on console-ams.rpki-client.org