Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/umiuC7yXejgx-3C4-dqTuvFFRvM.roa
File:                     umiuC7yXejgx-3C4-dqTuvFFRvM.roa (raw, json)
Hash identifier:          9IgRrHNG7z94fpgBbhR2VP+dJfyvOXgOmtpKTbFDVTA=
Subject key identifier:   BA:68:AE:0B:BC:97:7A:38:31:FB:70:B8:F9:DA:93:BA:F1:45:46:F3
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1321
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/umiuC7yXejgx-3C4-dqTuvFFRvM.roa
Signing time:             Wed 29 Sep 2021 02:55:24 +0000
ROA not before:           Wed 29 Sep 2021 02:55:24 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24165
IP address blocks:        180.218.88.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4897 (0x1321)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 29 02:55:24 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=BA68AE0BBC977A3831FB70B8F9DA93BAF14546F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:2d:93:b4:d0:6d:20:aa:28:9b:61:ef:0a:f9:
                    37:71:72:ba:5c:64:ca:8c:cd:7a:d6:20:8f:b0:a9:
                    38:89:08:ec:00:2e:c2:8d:de:fc:cd:67:64:2c:75:
                    73:4e:17:02:44:64:2b:e7:6a:f8:88:f4:94:d0:d3:
                    52:93:ef:79:7b:3c:c0:8f:69:4b:76:77:26:95:9a:
                    87:09:a6:63:9a:5a:fd:12:76:9c:cd:a7:3c:7c:ea:
                    25:df:5e:d1:84:e0:c5:e3:4c:27:fe:a0:2b:ec:e2:
                    7f:c6:25:93:a8:52:29:cf:4b:bf:4f:75:d6:ab:56:
                    85:b0:45:e8:07:a2:7e:20:2d:2d:9a:56:77:e8:c4:
                    dc:b5:08:1d:1f:ad:0e:64:2c:30:06:0e:8d:31:2c:
                    48:11:06:75:0b:a7:29:19:eb:7b:0d:ad:2d:45:6f:
                    86:f8:49:91:79:8e:fd:65:cc:6b:61:47:ba:eb:69:
                    22:98:8f:72:4f:12:be:08:0e:46:a4:53:fb:e0:75:
                    b0:5b:92:14:d1:54:7c:3f:48:d3:38:02:03:b4:7c:
                    aa:fa:62:cb:76:98:73:de:82:62:d0:7a:4e:65:31:
                    7b:e1:d1:b1:c3:74:23:bd:eb:b3:d9:ff:62:7a:10:
                    5b:58:77:e5:73:aa:41:ee:12:46:89:b2:1c:4d:79:
                    59:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:68:AE:0B:BC:97:7A:38:31:FB:70:B8:F9:DA:93:BA:F1:45:46:F3
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/umiuC7yXejgx-3C4-dqTuvFFRvM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.218.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:f6:13:88:17:8c:c2:ad:91:a9:fc:c0:eb:28:23:5a:6c:7b:
         89:32:15:1d:e4:6b:34:c5:18:11:75:dc:bb:5f:4f:02:71:a7:
         32:28:df:9a:d7:48:1f:7e:fa:54:ca:b0:f1:98:05:da:65:89:
         e6:a7:d8:cf:4a:e6:b9:7f:96:51:23:b8:3f:cf:52:5e:c2:49:
         5d:40:4e:98:2f:19:56:8e:09:ee:b7:6b:6b:cc:e6:b2:12:6d:
         aa:77:e9:96:ce:a3:9d:e4:2b:cd:49:de:23:9f:50:ef:a5:6b:
         3d:bd:f1:43:4d:30:f8:d6:e7:02:57:50:30:d9:48:e8:14:a4:
         f8:65:36:8b:ad:f2:19:0f:af:7e:f3:c3:2c:cd:eb:db:36:a8:
         a9:0f:0c:0b:21:92:95:84:64:c4:8e:7f:7b:78:99:ed:8b:e2:
         60:40:b2:cd:01:44:94:aa:fe:b7:18:d7:15:f1:fe:4f:17:5f:
         a6:45:c2:e5:e6:58:2a:40:a7:8b:ae:af:14:31:06:3a:f1:b2:
         fb:92:d1:fe:0e:e6:22:8f:80:8b:69:48:21:9a:cd:1f:f7:a6:
         fe:73:63:11:0a:8b:6e:1b:f8:e3:89:cf:50:94:48:aa:9f:19:
         6f:cf:02:a8:34:dd:fe:b0:78:ba:5f:96:46:8c:00:fe:ad:a7:
         22:15:37:8d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEyEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTA5Mjkw
MjU1MjRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEJBNjhBRTBCQkM5NzdB
MzgzMUZCNzBCOEY5REE5M0JBRjE0NTQ2RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeLZO00G0gqiibYe8K+TdxcrpcZMqMzXrWII+wqTiJCOwALsKN
3vzNZ2QsdXNOFwJEZCvnaviI9JTQ01KT73l7PMCPaUt2dyaVmocJpmOaWv0SdpzN
pzx86iXfXtGE4MXjTCf+oCvs4n/GJZOoUinPS79PddarVoWwRegHon4gLS2aVnfo
xNy1CB0frQ5kLDAGDo0xLEgRBnULpykZ63sNrS1Fb4b4SZF5jv1lzGthR7rraSKY
j3JPEr4IDkakU/vgdbBbkhTRVHw/SNM4AgO0fKr6Yst2mHPegmLQek5lMXvh0bHD
dCO967PZ/2J6EFtYd+VzqkHuEkaJshxNeVnrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUumiuC7yXejgx+3C4+dqTuvFFRvMwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3VtaXVDN3lYZWpneC0zQzQt
ZHFUdXZGRlJ2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK0
2lgwDQYJKoZIhvcNAQELBQADggEBABf2E4gXjMKtkan8wOsoI1pse4kyFR3kazTF
GBF13LtfTwJxpzIo35rXSB9++lTKsPGYBdpliean2M9K5rl/llEjuD/PUl7CSV1A
TpgvGVaOCe63a2vM5rISbap36ZbOo53kK81J3iOfUO+laz298UNNMPjW5wJXUDDZ
SOgUpPhlNout8hkPr37zwyzN69s2qKkPDAshkpWEZMSOf3t4me2L4mBAss0BRJSq
/rcY1xXx/k8XX6ZFwuXmWCpAp4uurxQxBjrxsvuS0f4O5iKPgItpSCGazR/3pv5z
YxEKi24b+OOJz1CUSKqfGW/PAqg03f6weLpflkaMAP6tpyIVN40=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:50 2024 by rpki-client on console-ams.rpki-client.org