Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/mFnOR5PQAFmGdMLLTXVImU_Qgls.roa
File:                     mFnOR5PQAFmGdMLLTXVImU_Qgls.roa (raw, json)
Hash identifier:          N97ouFRREVxC7VZCRMbgHUEK2TiiidDvAjALXXWya5Y=
Subject key identifier:   98:59:CE:47:93:D0:00:59:86:74:C2:CB:4D:75:48:99:4F:D0:82:5B
Certificate issuer:       /CN=A082F5D992E6BC25E08997538616180702E857C3
Certificate serial:       01BE
Authority key identifier: A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/mFnOR5PQAFmGdMLLTXVImU_Qgls.roa
Signing time:             Thu 15 Sep 2022 02:49:09 +0000
ROA not before:           Thu 15 Sep 2022 02:49:09 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38008
IP address blocks:        2406:d7c0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 446 (0x1be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A082F5D992E6BC25E08997538616180702E857C3
        Validity
            Not Before: Sep 15 02:49:09 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=9859CE4793D000598674C2CB4D7548994FD0825B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8c:71:81:ac:d1:6e:f3:3f:f6:44:e8:df:d5:
                    56:85:b6:6d:81:0c:6d:17:55:2e:11:6a:da:68:5f:
                    ae:fc:8a:ba:f6:49:a7:b8:cf:42:fd:c2:93:4c:ad:
                    c5:b1:16:09:20:f5:0a:9b:72:f1:ad:59:97:67:ce:
                    bc:15:7d:99:76:16:b4:b4:a2:26:ff:c8:74:3e:04:
                    a1:89:3f:99:0b:e2:66:e7:35:53:1d:57:db:ec:c9:
                    d2:1a:3f:ff:e6:5f:2c:0a:f3:d2:ce:24:b2:00:ca:
                    3a:2e:23:ce:03:93:1c:a9:fd:9b:25:fc:dd:70:c0:
                    d6:14:b6:a6:ac:2b:e8:2c:a8:a2:fd:44:4f:57:6e:
                    48:10:67:5e:42:e9:61:99:ef:ec:fb:48:9c:77:85:
                    0f:70:08:95:ea:b8:2b:07:94:86:14:f8:2e:2b:96:
                    bd:ce:d1:b4:d4:57:fa:22:68:fe:cf:36:0c:6a:a9:
                    ba:26:68:c1:43:09:43:f3:9a:75:37:a3:59:06:35:
                    ab:90:a4:0e:e8:ff:dd:a0:bd:ee:b8:ef:4d:dc:2e:
                    b1:48:ae:96:c8:de:4a:44:f6:82:ba:ae:ac:55:5c:
                    a8:c6:07:15:e1:31:6e:00:18:fb:34:c2:73:55:08:
                    80:5b:77:6f:e5:16:08:be:f9:e1:12:ba:fb:84:03:
                    bf:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:59:CE:47:93:D0:00:59:86:74:C2:CB:4D:75:48:99:4F:D0:82:5B
            X509v3 Authority Key Identifier:
                keyid:A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/mFnOR5PQAFmGdMLLTXVImU_Qgls.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:d7c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         61:de:f5:01:fb:97:25:1f:6f:e6:30:4e:25:ea:d5:d9:06:aa:
         e9:68:74:86:7a:ee:f0:05:50:55:36:b7:33:ab:d0:76:39:0f:
         5e:c0:e1:de:6a:d7:05:02:c9:cc:d1:31:ce:27:8e:d7:c9:1d:
         0d:10:35:02:6d:1e:01:60:7e:39:2e:fc:46:0f:b9:c4:2d:2a:
         6e:64:de:10:e8:3a:b4:fd:d8:a9:68:69:4d:17:cc:e2:13:b5:
         b1:f7:f3:7d:fc:0b:7a:bf:93:2a:c0:09:9d:01:5a:6d:e6:77:
         49:cd:95:67:65:7c:1e:8e:03:94:4a:28:f6:61:3d:52:9d:37:
         db:3f:e7:95:60:0f:cb:21:37:b1:76:bc:8f:10:4d:bf:66:3f:
         95:ce:ad:58:2b:ae:a2:cf:b6:ed:34:5a:0e:a5:c1:fd:11:e9:
         cb:e0:72:bc:0a:b1:c8:1f:f3:a4:34:98:aa:67:d5:1b:69:46:
         03:70:d3:8a:69:73:2b:29:74:37:c1:89:b8:2b:8d:64:a6:aa:
         42:9f:c4:a2:07:62:68:12:fe:2d:e4:4f:52:1a:05:f8:c4:82:
         98:1f:73:d1:cb:69:99:48:94:78:f0:e0:52:0f:c9:9e:78:fc:
         12:e8:bd:8e:12:09:67:19:21:1a:2e:e4:07:64:30:3c:fc:27:
         e7:f5:05:99
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICAb4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTA4
MkY1RDk5MkU2QkMyNUUwODk5NzUzODYxNjE4MDcwMkU4NTdDMzAeFw0yMjA5MTUw
MjQ5MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk4NTlDRTQ3OTNEMDAw
NTk4Njc0QzJDQjRENzU0ODk5NEZEMDgyNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnjHGBrNFu8z/2ROjf1VaFtm2BDG0XVS4RatpoX678irr2Sae4
z0L9wpNMrcWxFgkg9QqbcvGtWZdnzrwVfZl2FrS0oib/yHQ+BKGJP5kL4mbnNVMd
V9vsydIaP//mXywK89LOJLIAyjouI84Dkxyp/Zsl/N1wwNYUtqasK+gsqKL9RE9X
bkgQZ15C6WGZ7+z7SJx3hQ9wCJXquCsHlIYU+C4rlr3O0bTUV/oiaP7PNgxqqbom
aMFDCUPzmnU3o1kGNauQpA7o/92gve64703cLrFIrpbI3kpE9oK6rqxVXKjGBxXh
MW4AGPs0wnNVCIBbd2/lFgi++eESuvuEA7+BAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUmFnOR5PQAFmGdMLLTXVImU/QglswHwYDVR0jBBgwFoAUoIL12ZLmvCXgiZdT
hhYYBwLoV8MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVL
L29JTDEyWkxtdkNYZ2laZFRoaFlZQndMb1Y4TS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0Evb0lMMTJaTG12Q1hnaVpkVGhoWVlCd0xvVjhNLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVLL21Gbk9SNVBRQUZtR2RNTExU
WFZJbVVfUWdscy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
BtfAMA0GCSqGSIb3DQEBCwUAA4IBAQBh3vUB+5clH2/mME4l6tXZBqrpaHSGeu7w
BVBVNrczq9B2OQ9ewOHeatcFAsnM0THOJ47XyR0NEDUCbR4BYH45LvxGD7nELSpu
ZN4Q6Dq0/dipaGlNF8ziE7Wx9/N9/At6v5MqwAmdAVpt5ndJzZVnZXwejgOUSij2
YT1SnTfbP+eVYA/LITexdryPEE2/Zj+Vzq1YK66iz7btNFoOpcH9EenL4HK8CrHI
H/OkNJiqZ9UbaUYDcNOKaXMrKXQ3wYm4K41kpqpCn8SiB2JoEv4t5E9SGgX4xIKY
H3PRy2mZSJR48OBSD8meePwS6L2OEglnGSEaLuQHZDA8/Cfn9QWZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org