Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/xFjNpUJR6iuKsvXysvUWDC17owg.roa
File:                     xFjNpUJR6iuKsvXysvUWDC17owg.roa (raw, json)
Hash identifier:          QVVm4L77KeyGUGmJIELBKg/ceoETDsLbEDtMMy0Qsn8=
Subject key identifier:   C4:58:CD:A5:42:51:EA:2B:8A:B2:F5:F2:B2:F5:16:0C:2D:7B:A3:08
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1930
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/xFjNpUJR6iuKsvXysvUWDC17owg.roa
Signing time:             Sat 22 Oct 2022 06:06:12 +0000
ROA not before:           Sat 22 Oct 2022 06:06:12 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24165
IP address blocks:        115.165.200.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6448 (0x1930)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Oct 22 06:06:12 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C458CDA54251EA2B8AB2F5F2B2F5160C2D7BA308
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6a:ec:14:61:b8:48:8b:f2:f4:e9:41:da:5c:
                    07:8e:9b:d2:5a:c2:08:65:9b:90:6c:71:55:60:50:
                    0f:38:30:0d:12:76:6a:34:e9:16:60:15:3a:10:b0:
                    81:3e:5e:61:2a:75:8b:2e:0e:1a:28:e4:35:72:36:
                    4f:d6:f0:48:63:80:7c:a1:47:8c:13:f4:c1:d3:34:
                    8e:cb:61:2a:8f:46:07:71:01:39:33:fd:44:22:38:
                    e2:d8:f9:24:42:57:44:ac:43:73:d7:26:11:da:46:
                    99:f2:11:f9:8c:7e:f1:8c:05:38:fd:45:1d:4c:07:
                    3e:85:eb:f4:35:be:63:90:b9:83:c3:d9:1a:15:9d:
                    2b:d8:d5:8e:df:32:5d:b7:34:1a:2d:81:55:ce:4a:
                    02:bc:ec:86:28:0b:c8:05:86:79:4e:57:e8:7e:01:
                    a1:a6:cb:81:e7:36:67:89:51:cd:88:39:ba:5e:e9:
                    35:d9:4b:cd:30:95:89:e3:36:1b:10:16:59:56:d1:
                    45:ca:8c:72:30:5f:78:d7:b8:7f:d2:d9:5a:4a:c8:
                    83:af:26:26:d7:be:c8:5c:2f:7e:c7:b4:70:61:d1:
                    ca:84:a2:0f:0c:0c:73:46:ec:df:54:df:2d:a1:39:
                    ab:ff:9f:9e:7d:04:6b:dd:41:4d:7d:c9:e7:69:34:
                    af:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:58:CD:A5:42:51:EA:2B:8A:B2:F5:F2:B2:F5:16:0C:2D:7B:A3:08
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/xFjNpUJR6iuKsvXysvUWDC17owg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.165.200.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9d:64:79:f6:d8:44:f0:0a:41:80:f8:d6:19:93:ec:c9:3c:e7:
         30:9b:08:63:85:a3:8b:fb:46:2a:7f:f8:1e:b7:c4:b8:e4:03:
         34:26:c0:fb:c7:fe:ea:94:b0:3f:44:5b:48:41:34:42:14:43:
         24:b9:68:72:5a:c4:de:ff:16:dc:1a:1a:7b:7c:69:98:50:47:
         c3:a3:45:46:ff:26:e3:5d:fd:13:c5:c7:bb:22:cc:8a:7c:b0:
         cf:2c:90:34:76:5b:74:be:ed:1c:26:8a:15:11:99:1e:10:c0:
         00:65:b5:18:ab:34:99:84:ba:f9:b8:19:86:75:12:93:50:82:
         15:20:de:77:a1:1f:30:e3:6e:e6:91:3e:96:89:34:17:c6:a0:
         b3:e9:cd:9f:b6:26:90:10:d8:b5:1b:e2:03:a9:bf:f7:b3:b4:
         6f:92:b1:4c:ca:4d:89:b6:6f:64:5a:2d:c6:71:c8:ad:9e:48:
         fe:b4:eb:b1:36:18:1c:99:85:88:13:e7:37:4b:1f:60:36:8a:
         76:cd:e3:a3:e8:0a:d9:88:0f:6a:ef:7c:47:cf:7c:46:f4:90:
         4b:3f:3a:01:49:99:8e:19:df:dd:94:3c:4d:36:14:cf:56:7c:
         2e:42:bf:a7:f8:73:e0:c1:d0:cb:5f:de:68:b1:20:4c:96:9a:
         bb:da:13:9d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGTAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjEwMjIw
NjA2MTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM0NThDREE1NDI1MUVB
MkI4QUIyRjVGMkIyRjUxNjBDMkQ3QkEzMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxauwUYbhIi/L06UHaXAeOm9Jawghlm5BscVVgUA84MA0Sdmo0
6RZgFToQsIE+XmEqdYsuDhoo5DVyNk/W8EhjgHyhR4wT9MHTNI7LYSqPRgdxATkz
/UQiOOLY+SRCV0SsQ3PXJhHaRpnyEfmMfvGMBTj9RR1MBz6F6/Q1vmOQuYPD2RoV
nSvY1Y7fMl23NBotgVXOSgK87IYoC8gFhnlOV+h+AaGmy4HnNmeJUc2IObpe6TXZ
S80wlYnjNhsQFllW0UXKjHIwX3jXuH/S2VpKyIOvJibXvshcL37HtHBh0cqEog8M
DHNG7N9U3y2hOav/n559BGvdQU19yedpNK+JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxFjNpUJR6iuKsvXysvUWDC17owgwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3hGak5wVUpSNml1S3N2WHlz
dlVXREMxN293Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANz
pcgwDQYJKoZIhvcNAQELBQADggEBAJ1kefbYRPAKQYD41hmT7Mk85zCbCGOFo4v7
Rip/+B63xLjkAzQmwPvH/uqUsD9EW0hBNEIUQyS5aHJaxN7/FtwaGnt8aZhQR8Oj
RUb/JuNd/RPFx7sizIp8sM8skDR2W3S+7RwmihURmR4QwABltRirNJmEuvm4GYZ1
EpNQghUg3nehHzDjbuaRPpaJNBfGoLPpzZ+2JpAQ2LUb4gOpv/eztG+SsUzKTYm2
b2RaLcZxyK2eSP6067E2GByZhYgT5zdLH2A2inbN46PoCtmID2rvfEfPfEb0kEs/
OgFJmY4Z392UPE02FM9WfC5Cv6f4c+DB0Mtf3mixIEyWmrvaE50=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-fra.rpki-client.org