Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/0fvVazUpM7lvIttJyO2X_6xpKnY.roa
File:                     0fvVazUpM7lvIttJyO2X_6xpKnY.roa (raw, json)
Hash identifier:          bVKVi+ktRKkhpXd2HU5CN+gEm8CyRso+bvFFKNYmvPA=
Subject key identifier:   D1:FB:D5:6B:35:29:33:B9:6F:22:DB:49:C8:ED:97:FF:AC:69:2A:76
Certificate issuer:       /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial:       09
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/0fvVazUpM7lvIttJyO2X_6xpKnY.roa
Signing time:             Wed 07 Oct 2020 03:17:25 +0000
ROA not before:           Wed 07 Oct 2020 03:17:25 +0000
ROA not after:            Tue 05 Oct 2021 04:04:36 +0000
asID:                     134575
IP address blocks:        2406:8dc0:4575::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
        Validity
            Not Before: Oct  7 03:17:25 2020 GMT
            Not After : Oct  5 04:04:36 2021 GMT
        Subject: CN=D1FBD56B352933B96F22DB49C8ED97FFAC692A76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3d:94:e9:2a:1b:02:88:76:12:b2:cc:03:a5:
                    18:d3:2d:f1:71:01:24:9d:4a:d1:2f:f5:ea:53:ae:
                    a0:ad:fe:5c:f1:40:2f:35:cf:98:7a:d9:73:22:b1:
                    bc:c9:27:83:74:e2:91:4f:78:99:c6:4a:e2:41:0c:
                    1a:7c:e9:7f:c2:ae:a5:5f:69:54:7a:13:64:6d:d5:
                    ac:32:73:ea:64:60:8e:6d:88:cc:da:42:d2:38:ad:
                    b3:f0:3f:cd:e1:f3:f8:06:a3:d7:eb:ec:7d:b0:65:
                    b8:21:0b:bc:94:73:0a:1d:35:6a:54:fd:99:4f:e7:
                    28:22:9a:8d:02:4b:32:20:c3:41:f1:12:92:91:41:
                    0e:01:af:57:d7:8f:fc:71:ad:07:43:71:8a:48:d1:
                    35:46:a7:4e:73:e3:d8:96:ed:f6:a6:75:26:7c:35:
                    0e:e6:fb:e3:42:f7:41:48:46:5f:aa:fc:0c:20:72:
                    a5:9b:56:8d:5b:05:74:49:8a:84:0a:a4:a5:ec:ac:
                    9c:a6:67:ef:04:c5:de:d8:bc:e6:b5:48:f3:16:ed:
                    6f:85:7d:45:a6:b9:96:e1:35:2b:8a:75:da:e6:af:
                    91:34:a5:8e:39:f7:27:bc:46:90:5b:da:f0:10:d2:
                    5e:54:7c:e9:33:04:58:a2:76:2a:24:6f:1d:87:42:
                    b6:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:FB:D5:6B:35:29:33:B9:6F:22:DB:49:C8:ED:97:FF:AC:69:2A:76
            X509v3 Authority Key Identifier:
                keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/0fvVazUpM7lvIttJyO2X_6xpKnY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:8dc0:4575::/48

    Signature Algorithm: sha256WithRSAEncryption
         34:ab:1d:12:5e:a4:13:3a:2c:8b:05:6e:2d:81:9f:86:fd:84:
         2f:4f:96:32:c3:b9:96:a5:09:d0:4e:63:65:54:50:b4:f3:df:
         6f:2b:97:91:62:4b:5c:99:3b:32:4d:d8:4f:84:88:7c:46:9e:
         c6:f7:66:c4:3e:03:9b:69:2c:03:23:e1:60:fb:03:d4:5e:56:
         3f:69:bb:df:28:78:c1:77:fa:9a:4f:88:dd:75:5e:74:30:05:
         1b:94:e6:91:1e:2a:64:e5:8c:fe:d3:29:62:6a:14:69:13:5c:
         27:ff:1f:78:77:a5:d1:c4:e1:5f:16:cb:af:32:de:ca:cd:4b:
         bb:66:a4:c1:59:17:9a:68:8e:87:de:93:cb:5f:3d:16:b2:49:
         45:71:17:2a:fa:a5:eb:30:90:c9:6f:9d:84:93:8c:7a:de:d2:
         e5:67:7d:14:23:cf:68:eb:4c:95:df:9f:aa:72:b3:2b:e8:0e:
         2f:f6:98:5d:e9:b5:c7:41:6f:05:61:e4:c5:07:f3:83:39:db:
         16:63:a8:ea:8f:4a:19:45:91:1c:3f:c9:a6:eb:52:f7:f3:36:
         70:c4:0b:1f:5e:10:31:7a:14:1e:7f:1e:ef:90:29:53:78:11:
         fc:d4:07:97:d3:7e:b4:7f:1e:f2:70:15:74:38:e5:e8:85:75:
         52:ac:fe:bf
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1N0E5
OTRCRDYwNTU1MTQ1Q0I2NDUyREM2QTk4MEZDODUxMTM2QkRBMB4XDTIwMTAwNzAz
MTcyNVoXDTIxMTAwNTA0MDQzNlowMzExMC8GA1UEAxMoRDFGQkQ1NkIzNTI5MzNC
OTZGMjJEQjQ5QzhFRDk3RkZBQzY5MkE3NjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALU9lOkqGwKIdhKyzAOlGNMt8XEBJJ1K0S/16lOuoK3+XPFALzXP
mHrZcyKxvMkng3TikU94mcZK4kEMGnzpf8KupV9pVHoTZG3VrDJz6mRgjm2IzNpC
0jits/A/zeHz+Aaj1+vsfbBluCELvJRzCh01alT9mU/nKCKajQJLMiDDQfESkpFB
DgGvV9eP/HGtB0NxikjRNUanTnPj2Jbt9qZ1Jnw1Dub740L3QUhGX6r8DCBypZtW
jVsFdEmKhAqkpeysnKZn7wTF3ti85rVI8xbtb4V9Raa5luE1K4p12uavkTSljjn3
J7xGkFva8BDSXlR86TMEWKJ2KiRvHYdCtgMCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBTR+9VrNSkzuW8i20nI7Zf/rGkqdjAfBgNVHSMEGDAWgBRXqZS9YFVRRctkUtxq
mA/IURNr2jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BTExQQVNT
L1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVjZtVXZXQlZVVVhMWkZMY2FwZ1B5RkVUYTlvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFTUy8wZnZWYXpVcE03bHZJdHRK
eU8yWF82eHBLblkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcA
JAaNwEV1MA0GCSqGSIb3DQEBCwUAA4IBAQA0qx0SXqQTOiyLBW4tgZ+G/YQvT5Yy
w7mWpQnQTmNlVFC0899vK5eRYktcmTsyTdhPhIh8Rp7G92bEPgObaSwDI+Fg+wPU
XlY/abvfKHjBd/qaT4jddV50MAUblOaRHipk5Yz+0yliahRpE1wn/x94d6XRxOFf
FsuvMt7KzUu7ZqTBWReaaI6H3pPLXz0WsklFcRcq+qXrMJDJb52Ek4x63tLlZ30U
I89o60yV35+qcrMr6A4v9phd6bXHQW8FYeTFB/ODOdsWY6jqj0oZRZEcP8mm61L3
8zZwxAsfXhAxehQefx7vkClTeBH81AeX0360fx7ycBV0OOXohXVSrP6/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org