Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/pCz7OgpwlCr4SYFYgsJc6X2QqFg.roa
File:                     pCz7OgpwlCr4SYFYgsJc6X2QqFg.roa (raw, json)
Hash identifier:          5wjinx9pnTFM7dx41Q1SNt9VwhMeVwoPc7prrJTVLJg=
Subject key identifier:   A4:2C:FB:3A:0A:70:94:2A:F8:49:81:58:82:C2:5C:E9:7D:90:A8:58
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       191D
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/pCz7OgpwlCr4SYFYgsJc6X2QqFg.roa
Signing time:             Sat 22 Oct 2022 06:06:07 +0000
ROA not before:           Sat 22 Oct 2022 06:06:07 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        114.198.172.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6429 (0x191d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Oct 22 06:06:07 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A42CFB3A0A70942AF849815882C25CE97D90A858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:1d:df:b6:6e:a2:40:c7:ea:fa:4f:51:4c:c5:
                    65:74:b7:5d:87:b4:05:00:cf:e7:be:f1:54:7f:5a:
                    35:44:57:c2:c2:f1:e0:78:bb:8e:68:a9:5e:b9:16:
                    aa:df:f5:1a:46:03:74:9d:79:ec:24:43:ae:8d:53:
                    31:5f:46:6b:c2:86:0b:24:8c:64:57:9f:9d:72:4a:
                    70:b0:90:0d:3c:65:e5:b0:c3:6b:14:c3:50:e5:eb:
                    8e:eb:b6:2a:09:5b:4e:9c:63:c7:b0:10:59:25:ee:
                    e3:c6:2e:89:2d:7c:af:e2:72:d7:35:5c:2d:65:32:
                    94:ba:c2:54:25:2f:a6:34:68:89:99:21:d4:61:20:
                    cc:1e:8a:1f:19:28:0e:17:c7:e4:21:4f:0a:a7:9e:
                    0a:49:a0:fa:8c:e9:a4:29:f0:b8:5f:94:81:c1:1e:
                    df:aa:af:82:67:72:6e:94:13:31:32:9c:90:44:ed:
                    8e:07:9f:db:3e:20:64:ce:6c:ba:81:b3:d6:98:d5:
                    c6:a2:15:31:d9:d1:ff:88:68:58:e3:f0:a5:95:6e:
                    28:f9:98:06:e6:98:ad:66:2c:f9:0e:04:73:94:bf:
                    f7:16:39:b0:8f:85:93:43:c1:a4:36:64:17:31:37:
                    78:da:6c:6e:5f:f0:68:49:30:19:39:3f:7f:59:c4:
                    87:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:2C:FB:3A:0A:70:94:2A:F8:49:81:58:82:C2:5C:E9:7D:90:A8:58
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/pCz7OgpwlCr4SYFYgsJc6X2QqFg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.198.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         07:a3:d5:9a:e1:ae:62:fb:44:99:e4:63:ac:b6:f0:45:67:e0:
         82:57:e4:d7:c6:13:da:b2:7c:b5:81:a1:5e:04:fb:db:c6:86:
         8a:05:6a:f6:56:52:90:b9:29:65:5e:24:80:d0:4b:17:97:37:
         75:f4:d4:3c:55:05:a2:af:94:e7:38:3a:05:ab:74:36:75:ca:
         12:09:ad:86:b9:0f:b7:db:98:79:89:e8:89:8f:cb:e6:da:73:
         70:fd:e4:bd:bd:65:bf:49:95:50:c2:68:04:b1:3e:d7:e3:d6:
         8f:ee:c9:a7:d7:21:f9:38:66:d4:43:4c:3f:ba:b4:d9:67:0a:
         23:a6:d3:c4:19:dd:32:72:4d:75:31:f1:a1:d0:a0:43:6a:6e:
         42:f0:c7:76:3a:aa:7e:24:12:59:86:42:89:d7:19:e9:0c:33:
         29:ae:69:92:65:5b:26:54:3b:13:d3:54:8b:3b:b7:9d:27:11:
         79:e6:9b:0b:7b:df:9e:23:77:4c:fb:1b:ae:35:14:17:50:a0:
         d3:25:15:c5:ec:33:d3:7e:2d:5f:5a:0a:33:65:60:e5:10:99:
         a8:bd:8a:cd:52:94:71:1b:0b:fb:a1:97:2c:27:b4:72:be:9a:
         9e:33:e8:8a:8e:f2:4e:38:d9:c7:4c:12:9f:62:b3:9d:b4:c9:
         98:d4:b5:38
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA2MDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEE0MkNGQjNBMEE3MDk0
MkFGODQ5ODE1ODgyQzI1Q0U5N0Q5MEE4NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkHd+2bqJAx+r6T1FMxWV0t12HtAUAz+e+8VR/WjVEV8LC8eB4
u45oqV65Fqrf9RpGA3SdeewkQ66NUzFfRmvChgskjGRXn51ySnCwkA08ZeWww2sU
w1Dl647rtioJW06cY8ewEFkl7uPGLoktfK/ictc1XC1lMpS6wlQlL6Y0aImZIdRh
IMweih8ZKA4Xx+QhTwqnngpJoPqM6aQp8LhflIHBHt+qr4Jncm6UEzEynJBE7Y4H
n9s+IGTObLqBs9aY1caiFTHZ0f+IaFjj8KWVbij5mAbmmK1mLPkOBHOUv/cWObCP
hZNDwaQ2ZBcxN3jabG5f8GhJMBk5P39ZxIdJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpCz7OgpwlCr4SYFYgsJc6X2QqFgwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3BDejdPZ3B3bENyNFNZRlln
c0pjNlgyUXFGZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJy
xqwwDQYJKoZIhvcNAQELBQADggEBAAej1ZrhrmL7RJnkY6y28EVn4IJX5NfGE9qy
fLWBoV4E+9vGhooFavZWUpC5KWVeJIDQSxeXN3X01DxVBaKvlOc4OgWrdDZ1yhIJ
rYa5D7fbmHmJ6ImPy+bac3D95L29Zb9JlVDCaASxPtfj1o/uyafXIfk4ZtRDTD+6
tNlnCiOm08QZ3TJyTXUx8aHQoENqbkLwx3Y6qn4kElmGQonXGekMMymuaZJlWyZU
OxPTVIs7t50nEXnmmwt7354jd0z7G641FBdQoNMlFcXsM9N+LV9aCjNlYOUQmai9
is1SlHEbC/uhlywntHK+mp4z6IqO8k442cdMEp9is520yZjUtTg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-fra.rpki-client.org