Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/y9i0IkVJdNS4CzYgx_IEKFeiBH0.roa
File:                     y9i0IkVJdNS4CzYgx_IEKFeiBH0.roa (raw, json)
Hash identifier:          P1y2uU7K3xO7ntmnwdILicQfHorcBJEo2AcxlDAq80I=
Subject key identifier:   CB:D8:B4:22:45:49:74:D4:B8:0B:36:20:C7:F2:04:28:57:A2:04:7D
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       102F
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/y9i0IkVJdNS4CzYgx_IEKFeiBH0.roa
Signing time:             Sun 07 Feb 2021 12:43:27 +0000
ROA not before:           Sun 07 Feb 2021 12:43:27 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24163
IP address blocks:        49.159.180.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4143 (0x102f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Feb  7 12:43:27 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=CBD8B422454974D4B80B3620C7F2042857A2047D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a5:0c:5c:70:8b:14:35:b8:73:d9:56:af:05:
                    19:b5:53:b5:67:78:be:d1:96:f5:7a:b1:cf:e1:88:
                    1a:0b:d2:48:76:df:26:b8:20:e2:b2:41:e5:01:d0:
                    f5:ea:2e:44:c2:3b:ba:10:c6:c2:6e:26:45:1b:b6:
                    35:ce:44:18:3c:09:05:59:ae:5a:54:ce:1a:4b:a9:
                    35:c3:11:81:6d:79:77:6a:ab:80:29:b0:69:51:92:
                    bf:c9:53:1b:25:b8:bd:19:7a:27:f8:e2:18:41:39:
                    da:e9:7c:e0:0d:7d:d9:d2:09:36:bd:82:9d:59:b3:
                    05:b3:3c:51:20:af:ae:ae:91:c6:41:1f:24:43:f1:
                    61:0c:67:fa:be:86:0d:6e:2d:a3:53:39:d6:3b:52:
                    ba:91:b0:55:de:47:49:70:f5:bd:5c:dc:7d:dc:bf:
                    05:c7:46:7f:83:cf:5f:85:37:36:38:13:32:81:7f:
                    56:7d:b2:73:52:88:73:9b:b5:59:3a:22:39:fb:f0:
                    e5:bd:0f:69:24:11:72:af:7f:02:63:43:4c:74:dd:
                    be:b2:7b:c0:6a:8f:d7:7e:ca:e9:fb:92:d8:8e:06:
                    90:b3:63:a6:ea:ad:41:53:2d:b8:4b:10:71:28:4e:
                    5a:77:1a:36:bc:99:3c:49:eb:74:9c:37:40:d0:9a:
                    76:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:D8:B4:22:45:49:74:D4:B8:0B:36:20:C7:F2:04:28:57:A2:04:7D
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/y9i0IkVJdNS4CzYgx_IEKFeiBH0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.159.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         73:8f:a2:20:7a:7f:ac:55:ff:90:7c:79:50:24:1a:ba:ac:e4:
         0b:14:ba:48:02:ab:0c:f5:11:31:00:31:c3:b7:6c:3b:c9:f9:
         6e:63:18:04:f4:8b:66:16:cc:d8:a4:0d:22:d2:84:6e:18:1a:
         a7:ed:1a:0f:18:eb:da:70:89:07:d5:b9:60:cb:59:ff:02:2a:
         bc:87:bd:05:88:d3:1a:e6:41:e6:29:de:00:ec:66:8a:cb:b7:
         6d:2c:ad:4b:0b:5e:51:28:91:4a:30:ae:f0:f3:3f:49:7c:68:
         c3:9b:60:bd:76:a1:9e:eb:3d:de:55:d5:bc:58:c7:a0:3d:54:
         a2:73:7e:0c:e4:78:c7:7e:c6:02:2e:b5:96:14:ba:fa:42:73:
         b1:58:56:3c:02:19:db:6e:fd:f6:f0:2e:13:10:75:49:04:98:
         e9:9f:d3:de:85:4b:78:db:27:5b:bd:1f:69:cb:d3:fd:c6:61:
         76:b6:c9:b9:a7:da:df:8f:e5:f4:ef:76:14:66:93:b5:5f:e7:
         03:25:f3:16:5c:b3:74:d1:c7:32:50:27:6e:e2:16:e0:b1:77:
         0a:e6:86:a2:74:c1:70:e0:ef:4b:ef:dc:85:31:2b:10:4f:f8:
         47:3b:c2:ed:05:32:f7:ec:b5:66:43:38:32:7f:80:ac:e6:f6:
         bd:94:2d:e0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEC8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMTAyMDcx
MjQzMjdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENCRDhCNDIyNDU0OTc0
RDRCODBCMzYyMEM3RjIwNDI4NTdBMjA0N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrpQxccIsUNbhz2VavBRm1U7VneL7RlvV6sc/hiBoL0kh23ya4
IOKyQeUB0PXqLkTCO7oQxsJuJkUbtjXORBg8CQVZrlpUzhpLqTXDEYFteXdqq4Ap
sGlRkr/JUxsluL0Zeif44hhBOdrpfOANfdnSCTa9gp1ZswWzPFEgr66ukcZBHyRD
8WEMZ/q+hg1uLaNTOdY7UrqRsFXeR0lw9b1c3H3cvwXHRn+Dz1+FNzY4EzKBf1Z9
snNSiHObtVk6Ijn78OW9D2kkEXKvfwJjQ0x03b6ye8Bqj9d+yun7ktiOBpCzY6bq
rUFTLbhLEHEoTlp3Gja8mTxJ63ScN0DQmnZjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUy9i0IkVJdNS4CzYgx/IEKFeiBH0wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3k5aTBJa1ZKZE5TNEN6WWd4
X0lFS0ZlaUJIMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIx
n7QwDQYJKoZIhvcNAQELBQADggEBAHOPoiB6f6xV/5B8eVAkGrqs5AsUukgCqwz1
ETEAMcO3bDvJ+W5jGAT0i2YWzNikDSLShG4YGqftGg8Y69pwiQfVuWDLWf8CKryH
vQWI0xrmQeYp3gDsZorLt20srUsLXlEokUowrvDzP0l8aMObYL12oZ7rPd5V1bxY
x6A9VKJzfgzkeMd+xgIutZYUuvpCc7FYVjwCGdtu/fbwLhMQdUkEmOmf096FS3jb
J1u9H2nL0/3GYXa2ybmn2t+P5fTvdhRmk7Vf5wMl8xZcs3TRxzJQJ27iFuCxdwrm
hqJ0wXDg70vv3IUxKxBP+Ec7wu0FMvfstWZDODJ/gKzm9r2ULeA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-fra.rpki-client.org