Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/wNw3nuLKzmXnPsjccBVsQ33gjkk.roa
File:                     wNw3nuLKzmXnPsjccBVsQ33gjkk.roa (raw, json)
Hash identifier:          oOhJL5pqw1eE8CT61wWGnDiU2LSDAfj/1flJtwu94jM=
Subject key identifier:   C0:DC:37:9E:E2:CA:CE:65:E7:3E:C8:DC:70:15:6C:43:7D:E0:8E:49
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       0F6D
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/wNw3nuLKzmXnPsjccBVsQ33gjkk.roa
Signing time:             Sun 07 Feb 2021 12:34:07 +0000
ROA not before:           Sun 07 Feb 2021 12:34:07 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        123.0.43.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3949 (0xf6d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Feb  7 12:34:07 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=C0DC379EE2CACE65E73EC8DC70156C437DE08E49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:22:18:e1:5e:8d:68:e6:9b:63:92:bf:80:2c:
                    e3:13:02:b0:db:93:70:12:09:2b:59:d0:47:2a:44:
                    70:d9:5e:49:dd:e6:0a:c4:6a:2f:39:66:1a:d2:12:
                    29:88:fa:2f:30:d3:92:7b:95:05:85:71:0b:ff:2f:
                    55:dc:a7:82:ff:8a:a7:ab:5e:2d:f1:29:e0:ca:e2:
                    de:a6:de:85:65:7e:d5:c3:2d:d2:1a:ae:36:59:48:
                    8a:79:d0:8f:a4:dc:d1:2c:33:38:a5:09:c3:a7:f2:
                    2e:12:94:2f:9f:76:fd:db:e9:da:88:91:9d:e0:9a:
                    26:d7:7f:d9:3a:45:48:4a:12:9b:6b:7e:78:e0:35:
                    96:64:4a:31:f0:3f:aa:f2:34:5a:d5:47:25:d1:43:
                    fc:a4:45:19:d5:18:b2:0a:1f:58:bd:cf:16:aa:b2:
                    8b:2f:6b:37:9e:02:12:dd:7f:07:38:5d:48:b5:1a:
                    e9:52:4a:5d:7c:df:92:cf:08:c9:76:6f:f4:29:0f:
                    b1:cb:69:54:f7:fb:95:b4:0e:ef:e7:57:cf:21:44:
                    8c:33:df:90:e1:41:f0:06:e3:62:39:a7:f6:c7:3f:
                    5a:27:6d:c4:c3:e0:c4:2e:e7:61:11:8c:fe:c1:78:
                    6d:b6:29:07:c4:2c:3b:bd:52:2a:4a:3a:b6:62:b9:
                    85:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:DC:37:9E:E2:CA:CE:65:E7:3E:C8:DC:70:15:6C:43:7D:E0:8E:49
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/wNw3nuLKzmXnPsjccBVsQ33gjkk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.0.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:de:66:9f:61:16:39:c7:05:0b:96:22:7d:90:4f:1d:bc:f0:
         c5:ff:4e:ac:64:1f:ff:01:10:61:4a:57:59:7b:e4:20:e9:69:
         29:7c:58:fd:db:f3:5e:18:e9:aa:3c:91:f0:2d:27:75:59:c4:
         65:d3:bc:af:a8:fa:68:bc:fe:1a:17:66:4b:65:d2:94:ac:c4:
         ef:5b:8a:2d:5d:d8:a1:79:2e:5f:41:cf:a9:90:e2:0e:7a:5d:
         46:88:85:e6:35:64:0e:57:2d:47:4d:8b:da:1d:1c:8b:b5:71:
         94:a9:4f:e6:16:dd:df:95:af:d8:90:d9:06:8b:04:ce:f7:c0:
         e5:fc:fa:7a:97:d1:45:1a:3b:c0:a2:23:16:40:cd:6a:bf:45:
         4d:9f:fd:c1:d9:ac:03:57:61:b4:e9:12:f2:b5:70:d2:ed:e2:
         f2:51:76:64:8a:90:52:7a:43:b0:2a:8c:73:f5:df:32:5f:94:
         6d:5c:3b:6d:26:ce:35:b3:87:78:a1:c7:94:8e:2b:05:05:61:
         9e:80:56:a4:54:df:90:17:c7:7f:61:1b:49:10:ba:d1:f6:97:
         ac:18:ce:cb:bf:a0:45:9c:fe:04:d3:d8:b3:8e:e3:90:0f:ea:
         c2:36:af:26:26:c0:7f:bc:4c:f0:21:81:8b:57:70:5a:32:e4:
         00:94:ca:30
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICD20wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjM0MDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEMwREMzNzlFRTJDQUNF
NjVFNzNFQzhEQzcwMTU2QzQzN0RFMDhFNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVIhjhXo1o5ptjkr+ALOMTArDbk3ASCStZ0EcqRHDZXknd5grE
ai85ZhrSEimI+i8w05J7lQWFcQv/L1Xcp4L/iqerXi3xKeDK4t6m3oVlftXDLdIa
rjZZSIp50I+k3NEsMzilCcOn8i4SlC+fdv3b6dqIkZ3gmibXf9k6RUhKEptrfnjg
NZZkSjHwP6ryNFrVRyXRQ/ykRRnVGLIKH1i9zxaqsosvazeeAhLdfwc4XUi1GulS
Sl1835LPCMl2b/QpD7HLaVT3+5W0Du/nV88hRIwz35DhQfAG42I5p/bHP1onbcTD
4MQu52ERjP7BeG22KQfELDu9UipKOrZiuYWXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwNw3nuLKzmXnPsjccBVsQ33gjkkwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3dOdzNudUxLem1YblBzamNj
QlZzUTMzZ2pray5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB7
ACswDQYJKoZIhvcNAQELBQADggEBACbeZp9hFjnHBQuWIn2QTx288MX/TqxkH/8B
EGFKV1l75CDpaSl8WP3b814Y6ao8kfAtJ3VZxGXTvK+o+mi8/hoXZktl0pSsxO9b
ii1d2KF5Ll9Bz6mQ4g56XUaIheY1ZA5XLUdNi9odHIu1cZSpT+YW3d+Vr9iQ2QaL
BM73wOX8+nqX0UUaO8CiIxZAzWq/RU2f/cHZrANXYbTpEvK1cNLt4vJRdmSKkFJ6
Q7AqjHP13zJflG1cO20mzjWzh3ihx5SOKwUFYZ6AVqRU35AXx39hG0kQutH2l6wY
zsu/oEWc/gTT2LOO45AP6sI2ryYmwH+8TPAhgYtXcFoy5ACUyjA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-fra.rpki-client.org