Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/u2GzAFiZYeP0NsC-rIoCb_rSJ6M.roa
File:                     u2GzAFiZYeP0NsC-rIoCb_rSJ6M.roa (raw, json)
Hash identifier:          6OyFqiCKv7s0ex9gWbZA1LaMya7FWq2HgdOQrI0usio=
Subject key identifier:   BB:61:B3:00:58:99:61:E3:F4:36:C0:BE:AC:8A:02:6F:FA:D2:27:A3
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       199D
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/u2GzAFiZYeP0NsC-rIoCb_rSJ6M.roa
Signing time:             Sat 22 Oct 2022 06:06:44 +0000
ROA not before:           Sat 22 Oct 2022 06:06:44 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        49.158.88.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6557 (0x199d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Oct 22 06:06:44 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=BB61B300589961E3F436C0BEAC8A026FFAD227A3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:74:a0:81:33:2a:02:d4:79:2c:8f:6e:9d:dc:
                    f5:7c:85:d6:3e:ff:64:05:37:74:60:20:0c:d6:34:
                    11:0d:44:37:f0:91:f8:ab:58:6e:1d:00:cc:b8:10:
                    c0:d5:d1:68:98:18:c6:b5:3d:39:23:6f:ef:b7:b3:
                    6f:4c:41:41:97:5b:9d:bc:6f:5e:d6:bf:bd:4a:71:
                    5f:dc:2c:1e:04:be:3d:67:44:4f:2b:a2:ec:14:e5:
                    06:b5:10:67:ad:af:35:1b:ef:74:0a:84:6f:8b:99:
                    ea:cb:0f:45:aa:7b:91:d2:87:9f:bc:47:fc:af:b7:
                    4d:46:fa:7b:25:07:96:0a:cc:49:ec:2e:cd:84:fd:
                    3d:02:39:21:fc:b0:9c:11:21:65:fb:4e:14:16:00:
                    40:f0:c8:2f:7a:74:ae:ce:dc:80:9e:70:35:09:f4:
                    40:e0:37:0d:3e:a9:03:d4:b5:18:e8:10:0d:45:78:
                    c4:29:32:14:0f:e5:f0:66:02:23:87:90:d4:59:3f:
                    07:ef:9b:c5:9a:f8:1d:27:6a:b5:3d:12:2c:8d:3f:
                    6b:3e:8c:82:e9:bf:f8:b3:eb:d4:ee:5c:10:af:d3:
                    85:4e:e9:68:de:88:23:9b:7d:a2:71:dc:73:ee:71:
                    ec:60:6c:b9:cb:ec:53:f9:fa:f2:b7:f6:37:87:66:
                    28:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:61:B3:00:58:99:61:E3:F4:36:C0:BE:AC:8A:02:6F:FA:D2:27:A3
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/u2GzAFiZYeP0NsC-rIoCb_rSJ6M.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         55:f9:12:48:a2:09:cb:38:0c:ad:1d:a0:94:3f:8c:0d:bb:b4:
         d5:0a:8c:81:53:bc:fb:cf:c0:fb:19:16:ba:ad:af:d9:64:d5:
         9c:b0:8e:61:7d:99:b0:29:32:17:58:58:3d:d4:8f:de:bb:2d:
         b0:1d:aa:34:62:1b:fe:5c:a0:d3:75:7e:59:ab:99:08:a6:1b:
         f4:a8:16:1b:a0:db:9b:f4:d5:f1:92:f9:e7:60:8a:2e:43:79:
         d7:25:76:77:03:76:a9:a1:e3:e2:47:a4:6e:f6:9e:aa:ac:1e:
         3c:c7:12:7a:6e:76:c4:af:9e:bb:7e:3d:6b:81:d6:27:0a:87:
         41:02:23:07:b1:95:f8:81:83:22:bb:3f:97:bf:e5:e4:9d:5b:
         9c:c1:cb:20:00:ef:4a:f6:ef:ab:ec:13:ec:9f:21:93:1a:84:
         f1:fa:d1:cb:a4:ad:94:13:07:00:db:12:40:31:c6:94:f2:b4:
         3c:0f:c6:92:ef:3a:53:68:33:2a:cf:dc:a1:48:8f:ce:c8:e7:
         36:8a:5c:2e:9a:a5:1f:1c:2a:52:cc:6e:72:f9:ad:82:93:c5:
         6d:a9:37:47:d5:a5:d8:a2:78:cc:eb:57:cb:44:68:2f:e9:e6:
         53:d3:35:f0:a8:ef:64:a3:65:84:6c:b0:b7:91:15:2c:fd:f9:
         37:4f:2b:dc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGZ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA2NDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJCNjFCMzAwNTg5OTYx
RTNGNDM2QzBCRUFDOEEwMjZGRkFEMjI3QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhdKCBMyoC1Hksj26d3PV8hdY+/2QFN3RgIAzWNBENRDfwkfir
WG4dAMy4EMDV0WiYGMa1PTkjb++3s29MQUGXW528b17Wv71KcV/cLB4Evj1nRE8r
ouwU5Qa1EGetrzUb73QKhG+LmerLD0Wqe5HSh5+8R/yvt01G+nslB5YKzEnsLs2E
/T0COSH8sJwRIWX7ThQWAEDwyC96dK7O3ICecDUJ9EDgNw0+qQPUtRjoEA1FeMQp
MhQP5fBmAiOHkNRZPwfvm8Wa+B0narU9EiyNP2s+jILpv/iz69TuXBCv04VO6Wje
iCObfaJx3HPucexgbLnL7FP5+vK39jeHZiiDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUu2GzAFiZYeP0NsC+rIoCb/rSJ6MwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3UyR3pBRmlaWWVQME5zQy1y
SW9DYl9yU0o2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nlgwDQYJKoZIhvcNAQELBQADggEBAFX5EkiiCcs4DK0doJQ/jA27tNUKjIFTvPvP
wPsZFrqtr9lk1ZywjmF9mbApMhdYWD3Uj967LbAdqjRiG/5coNN1flmrmQimG/So
Fhug25v01fGS+edgii5DedcldncDdqmh4+JHpG72nqqsHjzHEnpudsSvnrt+PWuB
1icKh0ECIwexlfiBgyK7P5e/5eSdW5zByyAA70r276vsE+yfIZMahPH60cukrZQT
BwDbEkAxxpTytDwPxpLvOlNoMyrP3KFIj87I5zaKXC6apR8cKlLMbnL5rYKTxW2p
N0fVpdiieMzrV8tEaC/p5lPTNfCo72SjZYRssLeRFSz9+TdPK9w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:50 2024 by rpki-client on console-ams.rpki-client.org