Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/oEj1ZdySXOQYRyBA90igInYi02U.roa
File:                     oEj1ZdySXOQYRyBA90igInYi02U.roa (raw, json)
Hash identifier:          823JfQwoMY53rCD6uFSFy2fnWmRBU8GJsSfCmms81RA=
Subject key identifier:   A0:48:F5:65:DC:92:5C:E4:18:47:20:40:F7:48:A0:22:76:22:D3:65
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1095
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/oEj1ZdySXOQYRyBA90igInYi02U.roa
Signing time:             Sun 07 Feb 2021 12:46:20 +0000
ROA not before:           Sun 07 Feb 2021 12:46:20 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        123.0.46.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4245 (0x1095)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Feb  7 12:46:20 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=A048F565DC925CE418472040F748A0227622D365
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:fe:3f:90:ef:fd:2d:c5:4d:c1:5f:29:7e:c7:
                    e4:27:ac:a9:15:2f:c1:de:47:25:92:84:82:e7:37:
                    0f:3c:dc:3e:3b:13:d4:34:8e:a6:5f:a8:d4:e7:0c:
                    dc:dc:bb:e1:72:45:30:76:de:26:da:8b:cc:af:8e:
                    f4:7a:2f:f4:7d:9a:a3:9c:b1:c4:25:4d:14:0f:d9:
                    17:61:ae:26:5b:04:d5:20:c8:4b:b2:2f:b1:99:4a:
                    0b:88:53:17:0d:2e:01:eb:c6:ad:43:ae:06:34:ce:
                    d0:9a:6d:36:34:5f:df:11:bf:92:f9:9e:3f:ef:04:
                    50:d3:4a:1e:5f:5a:37:b0:8c:55:a0:cf:ac:63:d1:
                    06:d3:62:47:64:12:09:6e:19:10:88:dd:17:b5:9c:
                    3d:21:08:c3:06:2e:c5:3d:2b:17:62:17:a7:47:f7:
                    d4:b4:8c:9e:f7:d0:f0:c9:ae:e3:3a:67:27:69:55:
                    83:0c:28:19:32:0b:cb:dc:55:a0:45:4f:9f:5b:03:
                    c9:ad:ef:6d:3c:cc:d1:f7:1f:1d:72:ec:0a:6d:d1:
                    b4:42:69:05:2a:f6:d5:20:3b:23:b3:d7:7e:27:cc:
                    c5:07:16:a7:9c:fc:a7:f4:b9:a6:c4:85:15:10:a2:
                    84:f5:80:ef:c4:7e:16:3c:e8:02:82:11:01:5a:13:
                    e9:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:48:F5:65:DC:92:5C:E4:18:47:20:40:F7:48:A0:22:76:22:D3:65
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/oEj1ZdySXOQYRyBA90igInYi02U.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.0.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:2d:03:40:4a:bb:98:b4:88:95:b4:1c:b9:20:a9:a9:a7:3c:
         c8:d8:de:74:8c:20:ec:c7:bb:8c:30:c1:97:3c:ae:99:a2:5e:
         18:6f:09:0a:3e:01:b7:e8:4c:23:93:57:ec:14:4c:da:bd:6a:
         05:41:10:d9:42:b3:4f:2e:d0:29:04:df:bf:c7:7a:37:2f:5c:
         5f:e3:66:c4:a7:77:39:5f:4d:6d:93:9c:67:78:5e:14:11:b4:
         b2:ae:79:b7:1b:be:fb:28:ec:e0:ab:92:a7:46:c5:78:db:a9:
         0f:1b:3a:96:35:d7:6f:25:75:97:b1:d9:5f:fe:c5:81:71:d0:
         4b:a3:c1:6a:1e:af:0e:0d:88:53:1a:a5:bc:7b:73:b3:f1:a2:
         92:a3:95:be:32:b8:7a:5f:61:9f:10:29:31:a0:b0:f4:b3:d5:
         69:d8:4c:04:2e:7c:2a:fb:30:ad:ce:f5:ad:3e:79:2b:ba:df:
         de:2f:34:92:11:3b:9b:aa:50:b8:15:21:1f:51:0d:15:98:31:
         be:61:f0:56:5b:d2:1d:16:db:50:9c:ca:37:a5:70:ea:a2:e0:
         88:4d:0d:21:07:ec:33:55:30:ef:67:e1:3c:0b:d7:5b:a4:db:
         e0:1d:77:79:c3:2c:ad:86:a1:dd:0a:9e:99:e7:71:a3:b0:1a:
         0d:f7:00:08
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjQ2MjBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEEwNDhGNTY1REM5MjVD
RTQxODQ3MjA0MEY3NDhBMDIyNzYyMkQzNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc/j+Q7/0txU3BXyl+x+QnrKkVL8HeRyWShILnNw883D47E9Q0
jqZfqNTnDNzcu+FyRTB23ibai8yvjvR6L/R9mqOcscQlTRQP2RdhriZbBNUgyEuy
L7GZSguIUxcNLgHrxq1DrgY0ztCabTY0X98Rv5L5nj/vBFDTSh5fWjewjFWgz6xj
0QbTYkdkEgluGRCI3Re1nD0hCMMGLsU9KxdiF6dH99S0jJ730PDJruM6ZydpVYMM
KBkyC8vcVaBFT59bA8mt7208zNH3Hx1y7Apt0bRCaQUq9tUgOyOz134nzMUHFqec
/Kf0uabEhRUQooT1gO/EfhY86AKCEQFaE+n9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUoEj1ZdySXOQYRyBA90igInYi02UwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL29FajFaZHlTWE9RWVJ5QkE5
MGlnSW5ZaTAyVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB7
AC4wDQYJKoZIhvcNAQELBQADggEBAF4tA0BKu5i0iJW0HLkgqamnPMjY3nSMIOzH
u4wwwZc8rpmiXhhvCQo+AbfoTCOTV+wUTNq9agVBENlCs08u0CkE37/HejcvXF/j
ZsSndzlfTW2TnGd4XhQRtLKuebcbvvso7OCrkqdGxXjbqQ8bOpY1128ldZex2V/+
xYFx0EujwWoerw4NiFMapbx7c7PxopKjlb4yuHpfYZ8QKTGgsPSz1WnYTAQufCr7
MK3O9a0+eSu6394vNJIRO5uqULgVIR9RDRWYMb5h8FZb0h0W21CcyjelcOqi4IhN
DSEH7DNVMO9n4TwL11uk2+Add3nDLK2God0KnpnncaOwGg33AAg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:49 2024 by rpki-client on console-ams.rpki-client.org