Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/GWXv0aJej7lOmUhbwgjtkIn_C1g.roa
File:                     GWXv0aJej7lOmUhbwgjtkIn_C1g.roa (raw, json)
Hash identifier:          aGN88+eABg7WkJ+bTMfzu+JSsZihQHRi9RqTc3DCCvk=
Subject key identifier:   19:65:EF:D1:A2:5E:8F:B9:4E:99:48:5B:C2:08:ED:90:89:FF:0B:58
Certificate issuer:       /CN=A082F5D992E6BC25E08997538616180702E857C3
Certificate serial:       F6
Authority key identifier: A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/GWXv0aJej7lOmUhbwgjtkIn_C1g.roa
Signing time:             Tue 23 Nov 2021 08:40:39 +0000
ROA not before:           Tue 23 Nov 2021 08:40:39 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38839
IP address blocks:        2406:d7c0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 246 (0xf6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A082F5D992E6BC25E08997538616180702E857C3
        Validity
            Not Before: Nov 23 08:40:39 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=1965EFD1A25E8FB94E99485BC208ED9089FF0B58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ef:b3:28:fd:7b:20:15:77:3b:54:1d:77:de:
                    18:bf:d1:67:81:5e:4c:1f:90:44:c4:fe:91:84:13:
                    8e:d8:9e:0a:e0:c9:80:2d:35:9f:c5:22:62:06:20:
                    ed:78:15:99:36:db:25:3f:9f:80:1d:46:56:c8:5b:
                    83:ff:85:0c:ff:fa:19:d6:86:92:20:21:68:78:8c:
                    a4:2a:e4:9d:68:41:38:b0:fd:d7:e9:44:48:71:48:
                    77:a9:0c:83:b0:82:b7:57:c1:2c:17:8b:74:14:97:
                    33:ca:c5:f2:fe:77:e3:6e:bb:d7:b8:a9:18:87:b8:
                    27:1d:0d:4b:ff:a0:66:c0:6c:f5:22:14:9a:bc:a2:
                    0e:f9:e9:c6:62:39:04:b6:99:cc:c1:da:9f:6e:41:
                    96:a3:06:01:a9:ba:7a:d1:77:6c:5b:1d:1c:ec:fd:
                    62:2f:a8:23:c3:3f:0f:14:5f:03:f3:6c:1c:d3:b1:
                    87:db:2f:ff:a0:47:a2:5a:94:82:1a:33:3a:82:4b:
                    d6:99:c6:a6:a3:90:b1:da:fb:b6:21:0d:9e:02:25:
                    a7:36:7b:08:cb:b0:94:a9:5c:89:6d:79:47:b1:12:
                    88:c2:e0:00:b6:89:03:85:b4:2e:d9:3d:4e:95:cd:
                    0b:6b:a0:2e:7e:79:53:42:2e:c8:e2:50:ff:e8:bf:
                    b0:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:65:EF:D1:A2:5E:8F:B9:4E:99:48:5B:C2:08:ED:90:89:FF:0B:58
            X509v3 Authority Key Identifier:
                keyid:A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/GWXv0aJej7lOmUhbwgjtkIn_C1g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:d7c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:6a:30:29:96:dd:09:be:fd:6d:df:25:73:e1:f7:b1:d8:39:
         cc:ba:41:47:b9:fd:b3:45:04:d4:8a:16:81:07:43:94:40:dd:
         51:5f:1c:d4:aa:71:e5:40:be:cb:fc:54:42:1d:cd:c5:43:46:
         03:ce:f7:09:21:1f:d3:be:88:48:c5:cf:68:37:7b:f0:05:7c:
         0e:8a:da:9a:c1:b1:97:33:c0:76:76:87:89:4c:38:88:67:63:
         72:04:59:e9:2e:28:d0:7d:79:b9:c9:1b:32:09:b8:f2:d3:dc:
         80:82:a9:ca:04:95:dd:21:44:f3:77:11:4f:e6:e3:8f:0e:a2:
         48:88:e3:23:f0:7c:98:9b:56:b9:18:9d:27:37:9b:38:9f:d1:
         fe:ca:ea:a7:83:03:44:35:32:ef:45:93:3d:e5:18:e9:fd:e0:
         55:e9:7e:46:a7:58:5a:41:16:64:4b:22:c0:73:19:38:12:70:
         19:de:2d:7c:a1:1c:32:ba:72:df:27:14:06:2b:56:2a:33:c0:
         c6:3a:c6:82:d4:77:e7:f9:53:a2:db:cf:ea:54:d5:64:70:af:
         43:2d:3b:c5:b3:48:2d:35:25:8d:a3:89:34:ea:cf:ba:4d:6e:
         43:3e:cd:54:dc:b4:bf:81:c0:c2:b8:33:8e:17:9a:3b:47:da:
         aa:91:72:25
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTA4
MkY1RDk5MkU2QkMyNUUwODk5NzUzODYxNjE4MDcwMkU4NTdDMzAeFw0yMTExMjMw
ODQwMzlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDE5NjVFRkQxQTI1RThG
Qjk0RTk5NDg1QkMyMDhFRDkwODlGRjBCNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+77Mo/XsgFXc7VB133hi/0WeBXkwfkETE/pGEE47YngrgyYAt
NZ/FImIGIO14FZk22yU/n4AdRlbIW4P/hQz/+hnWhpIgIWh4jKQq5J1oQTiw/dfp
REhxSHepDIOwgrdXwSwXi3QUlzPKxfL+d+Nuu9e4qRiHuCcdDUv/oGbAbPUiFJq8
og756cZiOQS2mczB2p9uQZajBgGpunrRd2xbHRzs/WIvqCPDPw8UXwPzbBzTsYfb
L/+gR6JalIIaMzqCS9aZxqajkLHa+7YhDZ4CJac2ewjLsJSpXIlteUexEojC4AC2
iQOFtC7ZPU6VzQtroC5+eVNCLsjiUP/ov7C1AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUGWXv0aJej7lOmUhbwgjtkIn/C1gwHwYDVR0jBBgwFoAUoIL12ZLmvCXgiZdT
hhYYBwLoV8MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVL
L29JTDEyWkxtdkNYZ2laZFRoaFlZQndMb1Y4TS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0Evb0lMMTJaTG12Q1hnaVpkVGhoWVlCd0xvVjhNLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVLL0dXWHYwYUplajdsT21VaGJ3
Z2p0a0luX0MxZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
BtfAMA0GCSqGSIb3DQEBCwUAA4IBAQBTajAplt0Jvv1t3yVz4fex2DnMukFHuf2z
RQTUihaBB0OUQN1RXxzUqnHlQL7L/FRCHc3FQ0YDzvcJIR/TvohIxc9oN3vwBXwO
itqawbGXM8B2doeJTDiIZ2NyBFnpLijQfXm5yRsyCbjy09yAgqnKBJXdIUTzdxFP
5uOPDqJIiOMj8HyYm1a5GJ0nN5s4n9H+yuqngwNENTLvRZM95Rjp/eBV6X5Gp1ha
QRZkSyLAcxk4EnAZ3i18oRwyunLfJxQGK1YqM8DGOsaC1Hfn+VOi28/qVNVkcK9D
LTvFs0gtNSWNo4k06s+6TW5DPs1U3LS/gcDCuDOOF5o7R9qqkXIl
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org