Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/yz0BqNqPJgDV-0yXbkHkFRWaU7I.roa
File:                     yz0BqNqPJgDV-0yXbkHkFRWaU7I.roa (raw, json)
Hash identifier:          e6kMDeQaCP3+n5V5Zgb6R1cP7IGAivAPmQi6OeLVRgk=
Subject key identifier:   CB:3D:01:A8:DA:8F:26:00:D5:FB:4C:97:6E:41:E4:15:15:9A:53:B2
Certificate issuer:       /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial:       0360
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/yz0BqNqPJgDV-0yXbkHkFRWaU7I.roa
Signing time:             Mon 14 Nov 2022 15:34:55 +0000
ROA not before:           Mon 14 Nov 2022 15:34:55 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38136
IP address blocks:        2406:8dc0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 864 (0x360)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
        Validity
            Not Before: Nov 14 15:34:55 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=CB3D01A8DA8F2600D5FB4C976E41E415159A53B2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7c:54:9e:c9:d4:9c:83:de:fd:31:fd:3f:d6:
                    98:2b:a5:09:ef:cb:d2:93:d7:1a:9d:15:33:ff:75:
                    48:be:0c:1e:d6:54:ad:90:20:00:5a:74:cb:7b:a9:
                    3c:8a:7b:3d:e4:d2:e2:89:c5:23:b1:38:16:d7:e1:
                    8f:7b:62:7d:92:48:1b:70:cf:b7:bd:31:d8:8d:c5:
                    d4:bb:08:c9:9a:e2:23:12:ce:fa:0d:60:ad:f5:22:
                    5c:d3:b2:ae:96:c0:81:24:2d:e0:82:ce:3a:77:c8:
                    c7:36:ad:4b:fa:19:02:bd:88:89:38:6f:8c:37:3d:
                    b0:88:d1:c0:d7:9a:85:f6:67:07:13:09:e7:3a:70:
                    3c:2c:fd:24:b9:d8:7c:3f:e6:36:5a:20:e2:33:fb:
                    07:c1:53:93:2b:63:a5:ed:ff:fc:6b:91:cd:c5:e9:
                    11:aa:4b:2f:ce:58:34:c9:48:fd:4d:f0:27:97:0f:
                    b6:c4:b7:1c:dd:4a:fd:f5:db:3e:e2:a0:e7:04:9a:
                    c6:4e:7d:5c:98:40:05:54:af:40:50:08:ae:20:9f:
                    b6:6e:0b:31:87:10:83:78:24:f3:70:61:98:31:20:
                    f2:d6:01:ac:40:51:9a:4c:30:d3:89:9e:b2:00:11:
                    15:c1:45:8e:f2:bf:86:a1:34:b2:d2:45:91:10:c6:
                    48:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:3D:01:A8:DA:8F:26:00:D5:FB:4C:97:6E:41:E4:15:15:9A:53:B2
            X509v3 Authority Key Identifier:
                keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/yz0BqNqPJgDV-0yXbkHkFRWaU7I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:8dc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:73:10:5f:4b:9e:c3:e6:75:a4:84:b9:61:53:90:6a:34:2b:
         b0:6a:29:f1:7e:e6:0e:b4:a9:54:d7:99:ed:19:f8:e4:aa:df:
         e8:dc:2f:c4:6b:65:b9:8a:0d:71:4c:8e:eb:19:64:88:45:8e:
         e2:48:1b:2a:c9:2c:25:94:5e:e9:38:20:2d:ce:8d:93:a5:6a:
         d6:29:bb:02:95:2f:f5:72:d5:57:26:3f:00:02:eb:02:f2:09:
         82:21:04:19:91:ea:01:10:50:cc:c1:aa:62:5b:bc:1f:a4:5d:
         7e:96:87:51:7e:36:4d:1b:1b:cd:f7:a1:09:42:cf:64:4c:cb:
         bc:8f:dc:e5:29:d3:02:10:12:5a:66:76:06:0a:cf:fe:9a:b2:
         ad:96:bf:b6:4e:29:82:50:75:48:91:53:04:ff:de:a7:5f:53:
         08:1d:ef:c1:1d:27:58:fe:4e:64:a6:90:e2:e9:c0:49:cb:86:
         01:fd:9f:d0:a4:72:21:b6:bb:bd:19:7b:1b:fe:a3:4e:be:f8:
         a0:3e:90:28:f5:19:40:cf:19:2e:b6:3c:32:d5:5d:0f:9c:d1:
         e0:a5:c1:7e:47:20:fe:9a:8b:e1:9f:26:88:b1:59:9f:63:f8:
         95:02:b4:42:b3:bc:4e:53:56:3a:00:a8:cb:3f:5d:02:06:2f:
         d7:87:dd:40
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICA2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yMjExMTQx
NTM0NTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENCM0QwMUE4REE4RjI2
MDBENUZCNEM5NzZFNDFFNDE1MTU5QTUzQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0fFSeydScg979Mf0/1pgrpQnvy9KT1xqdFTP/dUi+DB7WVK2Q
IABadMt7qTyKez3k0uKJxSOxOBbX4Y97Yn2SSBtwz7e9MdiNxdS7CMma4iMSzvoN
YK31IlzTsq6WwIEkLeCCzjp3yMc2rUv6GQK9iIk4b4w3PbCI0cDXmoX2ZwcTCec6
cDws/SS52Hw/5jZaIOIz+wfBU5MrY6Xt//xrkc3F6RGqSy/OWDTJSP1N8CeXD7bE
txzdSv312z7ioOcEmsZOfVyYQAVUr0BQCK4gn7ZuCzGHEIN4JPNwYZgxIPLWAaxA
UZpMMNOJnrIAERXBRY7yv4ahNLLSRZEQxkj7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUyz0BqNqPJgDV+0yXbkHkFRWaU7IwHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MveXowQnFOcVBKZ0RWLTB5
WGJrSGtGUldhVTdJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQGjcAwDQYJKoZIhvcNAQELBQADggEBAEtzEF9LnsPmdaSEuWFTkGo0K7BqKfF+
5g60qVTXme0Z+OSq3+jcL8RrZbmKDXFMjusZZIhFjuJIGyrJLCWUXuk4IC3OjZOl
atYpuwKVL/Vy1VcmPwAC6wLyCYIhBBmR6gEQUMzBqmJbvB+kXX6Wh1F+Nk0bG833
oQlCz2RMy7yP3OUp0wIQElpmdgYKz/6asq2Wv7ZOKYJQdUiRUwT/3qdfUwgd78Ed
J1j+TmSmkOLpwEnLhgH9n9CkciG2u70Zexv+o06++KA+kCj1GUDPGS62PDLVXQ+c
0eClwX5HIP6ai+GfJoixWZ9j+JUCtEKzvE5TVjoAqMs/XQIGL9eH3UA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:59 2024 by rpki-client on console-ams.rpki-client.org