Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/otmkqnsX_JsPle4J6qA2XMvgkNw.roa
File:                     otmkqnsX_JsPle4J6qA2XMvgkNw.roa (raw, json)
Hash identifier:          0F/PiVlGjUaRHh/zR2VR5Ao0NNgdEADtYZtmdGlGXMw=
Subject key identifier:   A2:D9:A4:AA:7B:17:FC:9B:0F:95:EE:09:EA:A0:36:5C:CB:E0:90:DC
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       18FD
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/otmkqnsX_JsPle4J6qA2XMvgkNw.roa
Signing time:             Sat 22 Oct 2022 06:05:57 +0000
ROA not before:           Sat 22 Oct 2022 06:05:57 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        115.165.240.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6397 (0x18fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Oct 22 06:05:57 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A2D9A4AA7B17FC9B0F95EE09EAA0365CCBE090DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a0:8f:3d:cd:ea:dc:b8:31:ca:79:8d:b7:a8:
                    f0:e1:a0:7d:90:c9:33:52:c7:70:93:63:6e:aa:8d:
                    6d:e3:c3:2f:c3:49:69:ba:fe:3d:5c:6d:3c:b9:0e:
                    bd:5a:11:aa:f8:96:57:4b:63:e7:c0:e0:b9:dd:92:
                    64:5b:9b:15:cc:d2:f1:8f:9e:ba:cc:bb:9d:20:6f:
                    76:d2:37:b9:b0:9e:4b:f5:5f:65:c2:ae:ab:f8:78:
                    89:c7:6f:49:c5:c3:8b:0b:a0:53:fa:55:ab:89:e9:
                    c2:a5:70:33:0d:33:d5:6e:36:e0:3b:dd:cc:3f:52:
                    cb:ab:fa:c6:f1:06:c3:dc:3f:ce:2a:3c:4e:72:1a:
                    5c:a5:ef:b2:38:8c:6a:e1:3d:8b:fc:0c:70:6f:a0:
                    df:5c:c2:19:c5:e5:45:1b:39:c2:8b:62:2e:e8:2b:
                    af:a1:75:e2:41:4f:15:75:1e:8c:34:74:be:81:95:
                    28:c9:2f:92:17:27:97:86:cd:3b:4b:80:a6:81:e2:
                    8f:66:1d:a7:78:84:06:9d:45:23:47:60:bc:b5:15:
                    b7:9e:b9:38:af:e7:b6:d0:07:c7:83:2c:d0:6a:d4:
                    b3:d5:d0:b7:8a:b2:dc:3c:72:14:07:8b:c5:ed:0d:
                    09:cd:96:bc:9f:19:06:e0:68:6f:56:7f:86:db:16:
                    3c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:D9:A4:AA:7B:17:FC:9B:0F:95:EE:09:EA:A0:36:5C:CB:E0:90:DC
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/otmkqnsX_JsPle4J6qA2XMvgkNw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.165.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         45:88:60:f5:d2:c6:1d:1e:38:88:f6:5b:e9:f9:95:ec:e4:4d:
         ae:5a:25:ab:a3:27:58:23:87:ea:ea:23:71:14:06:64:28:36:
         37:bc:5c:cd:55:c6:aa:59:a8:44:66:f8:85:e1:64:37:db:f8:
         d5:a3:c8:77:f6:74:2d:db:a2:2b:09:0d:9b:57:59:62:b8:b0:
         90:d0:52:a4:bc:57:90:c3:b7:ce:cf:a0:ae:d2:2e:6e:39:d2:
         c9:27:c8:71:d7:b9:72:60:bb:95:29:50:6c:23:ff:d9:cb:49:
         c9:66:d4:50:05:e1:58:53:85:21:97:4f:7f:0e:e2:22:6e:58:
         cd:71:a3:11:7b:ad:13:a2:e1:b8:0e:23:94:93:d4:67:3c:73:
         af:2a:b2:85:db:4b:fc:06:9c:94:7c:92:3c:0b:76:67:be:01:
         95:25:e8:33:77:42:82:0c:fc:34:18:a4:f8:a3:49:ec:a8:91:
         80:66:f4:4f:4a:75:af:00:fc:b0:b7:cd:1f:7e:b3:bd:26:6a:
         01:20:f5:57:2f:a7:89:3e:15:36:ee:93:d6:92:76:ae:cd:96:
         90:d5:bd:cb:c2:a4:ba:51:68:9a:73:79:df:cd:0f:50:dc:d8:
         30:3f:06:76:d8:7b:98:a1:09:0b:5e:05:c2:de:15:7d:cb:b4:
         26:b5:89:6b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA1NTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEEyRDlBNEFBN0IxN0ZD
OUIwRjk1RUUwOUVBQTAzNjVDQ0JFMDkwREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOoI89zercuDHKeY23qPDhoH2QyTNSx3CTY26qjW3jwy/DSWm6
/j1cbTy5Dr1aEar4lldLY+fA4LndkmRbmxXM0vGPnrrMu50gb3bSN7mwnkv1X2XC
rqv4eInHb0nFw4sLoFP6VauJ6cKlcDMNM9VuNuA73cw/Usur+sbxBsPcP84qPE5y
Glyl77I4jGrhPYv8DHBvoN9cwhnF5UUbOcKLYi7oK6+hdeJBTxV1How0dL6BlSjJ
L5IXJ5eGzTtLgKaB4o9mHad4hAadRSNHYLy1FbeeuTiv57bQB8eDLNBq1LPV0LeK
stw8chQHi8XtDQnNlryfGQbgaG9Wf4bbFjyLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUotmkqnsX/JsPle4J6qA2XMvgkNwwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL290bWtxbnNYX0pzUGxlNEo2
cUEyWE12Z2tOdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANz
pfAwDQYJKoZIhvcNAQELBQADggEBAEWIYPXSxh0eOIj2W+n5lezkTa5aJaujJ1gj
h+rqI3EUBmQoNje8XM1VxqpZqERm+IXhZDfb+NWjyHf2dC3boisJDZtXWWK4sJDQ
UqS8V5DDt87PoK7SLm450sknyHHXuXJgu5UpUGwj/9nLSclm1FAF4VhThSGXT38O
4iJuWM1xoxF7rROi4bgOI5ST1Gc8c68qsoXbS/wGnJR8kjwLdme+AZUl6DN3QoIM
/DQYpPijSeyokYBm9E9Kda8A/LC3zR9+s70magEg9Vcvp4k+FTbuk9aSdq7NlpDV
vcvCpLpRaJpzed/ND1Dc2DA/BnbYe5ihCQteBcLeFX3LtCa1iWs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-fra.rpki-client.org