Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/--w3N47q7ogSx7PEs1FQEN9qTWU.roa
File:                     --w3N47q7ogSx7PEs1FQEN9qTWU.roa (raw, json)
Hash identifier:          4sEt/xf1cqbbM5nB0n3ki9dmG2xtYj1Gl1xTXdhMoO8=
Subject key identifier:   FB:EC:37:37:8E:EA:EE:88:12:C7:B3:C4:B3:51:50:10:DF:6A:4D:65
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       09D7
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/--w3N47q7ogSx7PEs1FQEN9qTWU.roa
Signing time:             Wed 29 Sep 2021 02:52:03 +0000
ROA not before:           Wed 29 Sep 2021 02:52:03 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     18429
IP address blocks:        61.57.128.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2519 (0x9d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Sep 29 02:52:03 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=FBEC37378EEAEE8812C7B3C4B3515010DF6A4D65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7e:4d:4e:e0:01:a5:22:1f:15:34:38:c3:49:
                    07:a1:15:06:53:21:3b:85:df:38:7f:52:83:c0:53:
                    3b:e9:e1:f4:02:47:d7:e2:3c:fa:86:9c:78:75:45:
                    8e:09:e4:00:5d:a1:05:4d:66:6a:08:1a:3f:ba:c2:
                    94:cc:94:34:b8:3a:1c:4f:2b:77:9b:9c:30:02:a7:
                    2d:1d:36:f5:b4:30:a9:e5:bc:2f:ab:34:a5:6a:30:
                    33:49:fd:d5:34:6e:a5:27:af:2f:74:0f:ba:91:c4:
                    70:08:3a:d4:ac:e7:ec:8b:b3:2b:eb:a8:89:53:bb:
                    a4:db:fa:d8:10:f6:01:0e:91:74:a9:6b:4a:8a:ed:
                    14:5e:90:1c:5f:76:90:c5:63:ec:bf:9a:08:3a:7c:
                    7e:b7:75:c9:27:bd:6c:de:79:b9:b4:85:d8:bb:61:
                    f2:ed:95:44:25:e5:78:9e:c3:94:ca:96:46:7d:7d:
                    b1:4f:a2:d2:a8:5e:e0:14:a3:bc:cd:e6:84:4a:df:
                    8e:61:49:8f:51:13:ce:16:6f:94:0a:25:95:5e:9e:
                    f7:50:2e:41:a2:c9:a7:66:87:36:0b:ed:fa:e3:a2:
                    c0:af:62:f0:9c:c4:bd:39:5e:ab:d0:24:0b:d2:50:
                    ae:a7:98:73:7f:d2:c0:b3:7f:a7:f5:f2:31:68:3f:
                    d2:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:EC:37:37:8E:EA:EE:88:12:C7:B3:C4:B3:51:50:10:DF:6A:4D:65
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/--w3N47q7ogSx7PEs1FQEN9qTWU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.57.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         18:e6:14:83:f6:d8:0c:44:4e:84:95:77:71:ac:85:ad:13:fc:
         e1:a4:41:5e:55:dd:d2:b0:c5:a4:09:f7:10:18:63:5a:75:2d:
         9b:4e:24:46:65:ff:58:4f:36:81:51:62:47:b4:3a:23:ac:ea:
         9e:0e:a4:c2:45:a1:a7:23:75:13:65:d9:a9:48:52:5e:ec:46:
         43:5c:d6:3e:a6:6a:43:7e:65:c0:1b:a8:0f:c7:a5:ed:e3:32:
         fe:b8:ff:4c:30:c6:43:b9:43:81:8f:d3:77:fc:64:63:4e:e6:
         fe:56:1f:27:cd:b6:c4:14:91:ad:da:e2:49:eb:d4:46:f9:57:
         0e:0c:13:c0:b5:15:1e:2a:8b:38:c5:0a:51:5a:97:8d:f8:6e:
         0c:7d:f5:2c:ae:da:d2:d4:ce:df:38:e0:9f:b0:1e:1d:89:17:
         3e:ac:b0:41:80:1f:8c:87:e5:49:1b:29:25:3e:43:3e:d7:cd:
         dd:1e:d6:54:d3:85:8b:93:86:58:73:19:75:ce:56:aa:12:a5:
         2f:6a:d1:5a:38:2b:87:0a:51:af:9b:56:d1:c3:86:1d:bb:39:
         e8:f6:64:8a:62:ff:96:9b:f9:54:c7:59:7f:3a:8d:40:9a:8c:
         8e:f5:6e:2e:81:77:90:fc:a3:c5:1e:c5:ac:26:cc:15:54:74:
         86:c7:23:a6
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMTA5Mjkw
MjUyMDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEZCRUMzNzM3OEVFQUVF
ODgxMkM3QjNDNEIzNTE1MDEwREY2QTRENjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1fk1O4AGlIh8VNDjDSQehFQZTITuF3zh/UoPAUzvp4fQCR9fi
PPqGnHh1RY4J5ABdoQVNZmoIGj+6wpTMlDS4OhxPK3ebnDACpy0dNvW0MKnlvC+r
NKVqMDNJ/dU0bqUnry90D7qRxHAIOtSs5+yLsyvrqIlTu6Tb+tgQ9gEOkXSpa0qK
7RRekBxfdpDFY+y/mgg6fH63dcknvWzeebm0hdi7YfLtlUQl5Xiew5TKlkZ9fbFP
otKoXuAUo7zN5oRK345hSY9RE84Wb5QKJZVenvdQLkGiyadmhzYL7frjosCvYvCc
xL05XqvQJAvSUK6nmHN/0sCzf6f18jFoP9LTAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU++w3N47q7ogSx7PEs1FQEN9qTWUwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8tLXczTjQ3cTdvZ1N4N1BFczFG
UUVOOXFUV1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAY5hSD9tgMRE6ElXdxrIWtE/zhpEFeVd3SsMWk
CfcQGGNadS2bTiRGZf9YTzaBUWJHtDojrOqeDqTCRaGnI3UTZdmpSFJe7EZDXNY+
pmpDfmXAG6gPx6Xt4zL+uP9MMMZDuUOBj9N3/GRjTub+Vh8nzbbEFJGt2uJJ69RG
+VcODBPAtRUeKos4xQpRWpeN+G4MffUsrtrS1M7fOOCfsB4diRc+rLBBgB+Mh+VJ
GyklPkM+183dHtZU04WLk4ZYcxl1zlaqEqUvatFaOCuHClGvm1bRw4Yduzno9mSK
Yv+Wm/lUx1l/Oo1AmoyO9W4ugXeQ/KPFHsWsJswVVHSGxyOm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org