Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/zTdmHlJRM0WoYY_D-Q-kZsQ78uU.roa
File:                     zTdmHlJRM0WoYY_D-Q-kZsQ78uU.roa (raw, json)
Hash identifier:          Ac8yj+ztyKK/hRBzptpRs04OSVGJ81SCZfe2ulU7Gnc=
Subject key identifier:   CD:37:66:1E:52:51:33:45:A8:61:8F:C3:F9:0F:A4:66:C4:3B:F2:E5
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       14FE
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/zTdmHlJRM0WoYY_D-Q-kZsQ78uU.roa
Signing time:             Thu 15 Sep 2022 02:35:16 +0000
ROA not before:           Thu 15 Sep 2022 02:35:16 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        49.159.224.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5374 (0x14fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep 15 02:35:16 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=CD37661E52513345A8618FC3F90FA466C43BF2E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:34:79:6b:e1:0b:43:e9:85:9c:fb:36:88:64:
                    b9:28:7c:1a:e4:0f:d7:2f:06:32:df:43:4b:7c:3a:
                    e5:c4:ea:fc:ad:e9:0c:b5:5d:0a:5e:d2:fc:e8:20:
                    1b:b6:ec:94:83:81:07:12:53:9c:a9:6e:22:b7:bf:
                    9e:26:b7:70:51:16:a6:0a:65:ca:f2:95:25:62:3e:
                    d9:29:a3:0a:28:94:87:6a:ab:aa:82:50:97:6d:88:
                    c3:ba:22:2a:df:f8:84:ad:12:b6:32:f0:da:9c:f4:
                    ee:c3:bd:f3:cb:c0:8b:52:41:25:5c:38:66:50:89:
                    52:70:8d:c7:a6:bc:e9:e3:fe:d4:0b:75:75:1c:2c:
                    4d:d8:55:67:c8:a6:48:16:ca:a0:92:01:1e:e3:6d:
                    72:6e:10:b5:24:ba:8f:d3:ec:c9:2b:21:fa:85:3a:
                    f9:aa:ca:15:fe:4b:f0:80:ce:02:73:2f:53:90:d5:
                    b8:63:21:4b:48:71:ad:b9:fb:80:99:b5:f6:a5:6d:
                    d5:31:10:5c:4a:60:bc:4b:0c:91:b5:6f:1c:1e:40:
                    c6:c5:44:4e:31:2d:cc:c5:4c:e2:02:5f:fb:2e:d6:
                    9e:6e:ad:18:03:c5:d8:98:db:c4:3e:7c:e8:20:64:
                    0f:2e:af:d4:7f:60:23:40:f2:03:c6:c2:9c:c3:2c:
                    27:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:37:66:1E:52:51:33:45:A8:61:8F:C3:F9:0F:A4:66:C4:3B:F2:E5
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/zTdmHlJRM0WoYY_D-Q-kZsQ78uU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.159.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         44:3a:74:3f:16:47:4b:4a:f4:ed:3c:c8:53:13:f9:49:5f:fc:
         25:8e:19:40:8b:b7:a2:0f:16:20:27:43:a2:8d:de:7c:23:41:
         6a:51:c4:d2:81:70:4c:b7:fb:77:bb:ae:bd:b5:76:1a:1f:39:
         3e:ae:98:d4:ea:1c:63:88:85:09:75:00:dc:f4:1b:9c:39:af:
         b1:a7:ca:e7:1b:99:ad:11:0a:a3:de:2c:bd:4b:72:be:b8:c4:
         1a:5e:de:db:ab:65:12:2e:fb:19:a2:96:fe:13:67:8f:34:3b:
         85:28:a8:e6:0d:af:23:58:75:af:05:33:72:ba:f1:42:9a:ee:
         51:79:32:85:aa:41:5c:bd:9f:d7:5a:4e:6e:78:2f:de:56:83:
         69:91:8e:de:56:30:5b:5c:41:7d:59:f9:38:96:54:ec:62:ff:
         35:a1:13:af:ca:be:fe:33:01:21:e9:c9:29:e4:1f:2e:ee:36:
         1a:c1:45:3f:a9:33:ee:43:fd:69:76:7f:f7:41:6a:a9:59:96:
         50:af:2c:46:9b:eb:8c:6d:89:3d:f7:52:4b:18:d1:89:47:89:
         75:1a:0a:b0:a7:76:60:94:5a:87:e3:f3:35:05:5d:57:c0:f3:
         e2:3e:15:1c:92:36:ae:e8:01:55:bf:ec:a5:6f:92:b0:48:65:
         3f:f1:bb:49
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMjA5MTUw
MjM1MTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENEMzc2NjFFNTI1MTMz
NDVBODYxOEZDM0Y5MEZBNDY2QzQzQkYyRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+NHlr4QtD6YWc+zaIZLkofBrkD9cvBjLfQ0t8OuXE6vyt6Qy1
XQpe0vzoIBu27JSDgQcSU5ypbiK3v54mt3BRFqYKZcrylSViPtkpowoolIdqq6qC
UJdtiMO6Iirf+IStErYy8Nqc9O7DvfPLwItSQSVcOGZQiVJwjcemvOnj/tQLdXUc
LE3YVWfIpkgWyqCSAR7jbXJuELUkuo/T7MkrIfqFOvmqyhX+S/CAzgJzL1OQ1bhj
IUtIca25+4CZtfalbdUxEFxKYLxLDJG1bxweQMbFRE4xLczFTOICX/su1p5urRgD
xdiY28Q+fOggZA8ur9R/YCNA8gPGwpzDLCdFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzTdmHlJRM0WoYY/D+Q+kZsQ78uUwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3pUZG1IbEpSTTBXb1lZX0Qt
US1rWnNRNzh1VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n+AwDQYJKoZIhvcNAQELBQADggEBAEQ6dD8WR0tK9O08yFMT+Ulf/CWOGUCLt6IP
FiAnQ6KN3nwjQWpRxNKBcEy3+3e7rr21dhofOT6umNTqHGOIhQl1ANz0G5w5r7Gn
yucbma0RCqPeLL1Lcr64xBpe3turZRIu+xmilv4TZ480O4UoqOYNryNYda8FM3K6
8UKa7lF5MoWqQVy9n9daTm54L95Wg2mRjt5WMFtcQX1Z+TiWVOxi/zWhE6/Kvv4z
ASHpySnkHy7uNhrBRT+pM+5D/Wl2f/dBaqlZllCvLEab64xtiT33UksY0YlHiXUa
CrCndmCUWofj8zUFXVfA8+I+FRySNq7oAVW/7KVvkrBIZT/xu0k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:51 2024 by rpki-client on console-ams.rpki-client.org