Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nMV26pWvyBohUIOioQxTp41WI0M.roa
File:                     nMV26pWvyBohUIOioQxTp41WI0M.roa (raw, json)
Hash identifier:          CCZmrvUljZUAXEvwJ5UiR+xZ2FXrSms675yvLm0RZTc=
Subject key identifier:   9C:C5:76:EA:95:AF:C8:1A:21:50:83:A2:A1:0C:53:A7:8D:56:23:43
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       0EEF
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nMV26pWvyBohUIOioQxTp41WI0M.roa
Signing time:             Sun 07 Feb 2021 12:30:52 +0000
ROA not before:           Sun 07 Feb 2021 12:30:52 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        49.158.16.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3823 (0xeef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Feb  7 12:30:52 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=9CC576EA95AFC81A215083A2A10C53A78D562343
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:13:3c:63:60:1b:06:99:62:6b:4a:c4:4e:6f:
                    26:05:43:54:63:3f:e5:57:33:72:59:eb:19:bf:ba:
                    38:0a:4a:be:e1:48:93:47:3e:54:f7:ad:19:06:8d:
                    b9:e5:6e:3f:9c:f1:2a:c7:cb:25:e5:92:ef:56:85:
                    27:92:7b:8f:20:11:8c:92:24:af:d5:56:85:88:0e:
                    ae:3f:aa:7e:9a:3c:50:03:24:f7:82:10:11:15:35:
                    43:f3:6f:e5:e5:1c:31:8d:77:0c:8d:82:57:80:d7:
                    22:6e:10:2a:5d:a1:5e:e4:21:f3:5d:08:a8:c9:91:
                    1f:37:e3:e9:e1:f9:a9:02:e3:d0:d8:ea:e0:a9:38:
                    87:88:62:05:7a:36:1b:81:f6:f4:66:8b:b9:7e:ec:
                    c3:19:89:6c:ab:fd:c1:a1:5e:10:7e:64:39:e2:d6:
                    c5:95:82:ff:ba:9e:56:a0:a4:01:87:db:31:11:bf:
                    be:d0:87:e0:94:43:ae:1a:7a:dd:bf:28:fb:f9:f6:
                    20:7b:46:2f:9b:9a:7b:27:a9:3e:01:c3:95:b7:9a:
                    3a:c5:60:7b:68:50:6a:dc:3a:02:42:86:1c:51:c1:
                    d4:d7:b8:57:d8:51:dd:6a:8b:3a:79:76:8b:64:28:
                    77:57:7e:c6:3c:3d:51:c8:82:ea:d0:f8:70:f1:33:
                    16:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:C5:76:EA:95:AF:C8:1A:21:50:83:A2:A1:0C:53:A7:8D:56:23:43
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nMV26pWvyBohUIOioQxTp41WI0M.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         60:64:87:15:84:f9:ad:a8:6b:9f:7b:1a:1a:05:c1:91:fd:b8:
         2f:af:71:f5:f9:08:30:4a:54:7a:f0:2f:35:8d:7e:ad:14:f9:
         f5:3b:f7:3d:3c:eb:40:91:c2:37:9d:02:ee:1c:e7:7e:52:ea:
         fe:d6:66:75:84:e4:b6:b2:50:ca:d6:9c:21:86:8b:34:27:a3:
         a4:0e:36:f3:24:7e:9a:b6:62:69:15:16:0e:46:8d:83:e2:2c:
         21:d2:42:25:f9:d9:8f:43:36:d2:f9:c3:c8:d8:94:20:e2:db:
         43:9d:24:f5:a8:4b:6d:f1:31:c8:26:21:bd:2d:57:b5:39:fe:
         7b:5b:1f:9a:56:83:8f:7c:32:05:70:5d:ba:b9:fd:dd:28:65:
         2b:8b:09:19:a6:ce:18:02:63:7d:31:e7:5a:be:10:d4:5a:b2:
         14:d7:6b:b9:0c:31:6b:d8:01:83:c3:9a:23:43:4c:c2:7e:6c:
         a8:97:d7:0f:f6:86:17:9d:af:50:7c:b4:8e:b3:59:06:8d:91:
         6b:36:24:2b:d2:0a:4f:b0:91:ca:c0:39:3a:2b:63:67:84:dc:
         63:f6:48:aa:96:b5:eb:05:17:7d:ca:92:e4:d2:13:8b:a4:8d:
         d2:7a:4d:8a:39:0a:0e:14:c1:0b:00:8b:41:a5:f1:64:00:df:
         1a:af:8a:5a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjMwNTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlDQzU3NkVBOTVBRkM4
MUEyMTUwODNBMkExMEM1M0E3OEQ1NjIzNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtEzxjYBsGmWJrSsRObyYFQ1RjP+VXM3JZ6xm/ujgKSr7hSJNH
PlT3rRkGjbnlbj+c8SrHyyXlku9WhSeSe48gEYySJK/VVoWIDq4/qn6aPFADJPeC
EBEVNUPzb+XlHDGNdwyNgleA1yJuECpdoV7kIfNdCKjJkR834+nh+akC49DY6uCp
OIeIYgV6NhuB9vRmi7l+7MMZiWyr/cGhXhB+ZDni1sWVgv+6nlagpAGH2zERv77Q
h+CUQ64aet2/KPv59iB7Ri+bmnsnqT4Bw5W3mjrFYHtoUGrcOgJChhxRwdTXuFfY
Ud1qizp5dotkKHdXfsY8PVHIgurQ+HDxMxY3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnMV26pWvyBohUIOioQxTp41WI0MwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL25NVjI2cFd2eUJvaFVJT2lv
UXhUcDQxV0kwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nhAwDQYJKoZIhvcNAQELBQADggEBAGBkhxWE+a2oa597GhoFwZH9uC+vcfX5CDBK
VHrwLzWNfq0U+fU79z0860CRwjedAu4c535S6v7WZnWE5LayUMrWnCGGizQno6QO
NvMkfpq2YmkVFg5GjYPiLCHSQiX52Y9DNtL5w8jYlCDi20OdJPWoS23xMcgmIb0t
V7U5/ntbH5pWg498MgVwXbq5/d0oZSuLCRmmzhgCY30x51q+ENRashTXa7kMMWvY
AYPDmiNDTMJ+bKiX1w/2hhedr1B8tI6zWQaNkWs2JCvSCk+wkcrAOTorY2eE3GP2
SKqWtesFF33KkuTSE4ukjdJ6TYo5Cg4UwQsAi0Gl8WQA3xqvilo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-fra.rpki-client.org