Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCTV/KS5gcxd7JPiMjJGNjPAJLSbrRMI.roa
File:                     KS5gcxd7JPiMjJGNjPAJLSbrRMI.roa (raw, json)
Hash identifier:          /Ooxde77jm2zqC57iU0nUZAsSzkH/xUE/UKuNHNfo/A=
Subject key identifier:   29:2E:60:73:17:7B:24:F8:8C:8C:91:8D:8C:F0:09:2D:26:EB:44:C2
Certificate issuer:       /CN=A6FE5D1C93127E4AAEFF100F3A5C330F2DD1ABC0
Certificate serial:       08A7
Authority key identifier: A6:FE:5D:1C:93:12:7E:4A:AE:FF:10:0F:3A:5C:33:0F:2D:D1:AB:C0
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/pv5dHJMSfkqu_xAPOlwzDy3Rq8A.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DCTV/KS5gcxd7JPiMjJGNjPAJLSbrRMI.roa
Signing time:             Sun 07 Feb 2021 11:53:27 +0000
ROA not before:           Sun 07 Feb 2021 11:53:27 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131607
IP address blocks:        27.0.152.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2215 (0x8a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A6FE5D1C93127E4AAEFF100F3A5C330F2DD1ABC0
        Validity
            Not Before: Feb  7 11:53:27 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=292E6073177B24F88C8C918D8CF0092D26EB44C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:8c:af:b1:3a:c1:6d:65:19:a2:94:67:53:14:
                    7e:2f:40:e7:89:eb:62:a3:79:69:e3:8b:62:8e:c9:
                    6e:93:7d:c2:62:8f:77:0d:a1:04:f9:f3:75:4e:dc:
                    32:b7:6f:91:f3:d8:9c:a9:5a:f8:33:c1:d4:f0:85:
                    10:a5:74:32:7b:cf:ee:d3:14:5e:9d:21:f1:39:e5:
                    ba:b3:32:bc:60:92:74:00:78:01:fe:02:d4:63:e2:
                    e0:c8:98:92:3c:d0:52:26:11:07:dc:c3:ba:0d:2a:
                    1b:fa:4a:77:f8:51:95:b3:bb:b7:d3:e9:2f:8b:f8:
                    91:7c:ab:77:df:1f:89:24:68:83:da:7d:98:2c:38:
                    a2:30:ad:be:d5:e3:35:48:30:be:58:c1:ba:7f:c6:
                    fe:9f:d5:14:73:59:a7:74:d6:5c:8d:7e:49:b1:e4:
                    f6:ff:a5:d5:f9:6d:8c:9f:8b:83:83:70:d5:1a:5a:
                    b6:bd:89:19:f9:82:00:dd:25:57:b0:15:e9:5d:dc:
                    1d:09:a1:da:c1:cc:dd:b7:ae:a4:97:bc:38:0a:0e:
                    e9:03:6c:b4:f1:99:2b:50:d1:f8:c4:5a:fc:32:d5:
                    93:37:46:6b:1f:5e:4d:28:02:26:46:cd:bd:5f:8a:
                    33:e7:90:be:3e:99:e5:f5:13:e0:0e:fe:47:88:67:
                    8f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:2E:60:73:17:7B:24:F8:8C:8C:91:8D:8C:F0:09:2D:26:EB:44:C2
            X509v3 Authority Key Identifier:
                keyid:A6:FE:5D:1C:93:12:7E:4A:AE:FF:10:0F:3A:5C:33:0F:2D:D1:AB:C0

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCTV/pv5dHJMSfkqu_xAPOlwzDy3Rq8A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pv5dHJMSfkqu_xAPOlwzDy3Rq8A.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCTV/KS5gcxd7JPiMjJGNjPAJLSbrRMI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.0.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:6b:56:b5:4c:f8:cb:c5:e0:cf:e1:47:e3:ae:f8:b0:c3:a0:
         d6:5c:ff:13:49:7a:be:cc:c7:80:5d:86:56:c6:c7:4b:9c:5e:
         2b:51:cf:b7:f0:fe:0c:1f:cc:f2:fa:1e:9c:28:1d:31:f5:5e:
         4b:25:9e:66:cd:ce:ff:1c:a5:ee:2c:de:ae:75:b5:ff:aa:80:
         28:18:08:f4:f4:93:5b:2f:7e:53:5f:29:36:4d:28:c6:b8:ab:
         41:ba:af:bb:1e:08:56:b5:76:5f:74:06:e7:ae:1b:dd:06:e4:
         ec:95:17:2d:54:71:14:43:6c:f3:be:01:c0:95:59:ed:a5:f8:
         91:a9:a5:c3:75:73:5c:b1:2d:e7:62:3a:95:f0:fc:31:e0:7c:
         23:f0:d1:0c:d2:d5:e2:7b:39:15:e0:f8:31:58:cb:78:37:d2:
         dc:c5:3b:7d:ab:b0:63:64:b7:56:18:a4:22:63:aa:94:0f:ed:
         b0:23:e8:ed:1f:98:e0:2b:ff:de:c0:93:16:dd:5a:85:38:50:
         6e:03:70:ac:eb:95:da:25:d6:2e:40:ff:a2:80:a2:f0:ac:55:
         95:54:3b:5b:c8:2f:2a:3c:5e:97:15:2b:d7:77:85:50:f7:88:
         69:31:df:bc:a7:5d:c7:06:2d:fb:0c:0d:9d:da:c7:52:f0:71:
         85:dd:07:69
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZG
RTVEMUM5MzEyN0U0QUFFRkYxMDBGM0E1QzMzMEYyREQxQUJDMDAeFw0yMTAyMDcx
MTUzMjdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI5MkU2MDczMTc3QjI0
Rjg4QzhDOTE4RDhDRjAwOTJEMjZFQjQ0QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2jK+xOsFtZRmilGdTFH4vQOeJ62KjeWnji2KOyW6TfcJij3cN
oQT583VO3DK3b5Hz2JypWvgzwdTwhRCldDJ7z+7TFF6dIfE55bqzMrxgknQAeAH+
AtRj4uDImJI80FImEQfcw7oNKhv6Snf4UZWzu7fT6S+L+JF8q3ffH4kkaIPafZgs
OKIwrb7V4zVIML5Ywbp/xv6f1RRzWad01lyNfkmx5Pb/pdX5bYyfi4ODcNUaWra9
iRn5ggDdJVewFeld3B0JodrBzN23rqSXvDgKDukDbLTxmStQ0fjEWvwy1ZM3Rmsf
Xk0oAiZGzb1fijPnkL4+meX1E+AO/keIZ4+nAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKS5gcxd7JPiMjJGNjPAJLSbrRMIwHwYDVR0jBBgwFoAUpv5dHJMSfkqu/xAP
OlwzDy3Rq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENUVi9w
djVkSEpNU2ZrcXVfeEFQT2x3ekR5M1JxOEEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3B2NWRISk1TZmtxdV94QVBPbHd6RHkzUnE4QS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0RDVFYvS1M1Z2N4ZDdKUGlNakpHTmpQQUpM
U2JyUk1JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhsAmDAN
BgkqhkiG9w0BAQsFAAOCAQEALWtWtUz4y8Xgz+FH4674sMOg1lz/E0l6vszHgF2G
VsbHS5xeK1HPt/D+DB/M8voenCgdMfVeSyWeZs3O/xyl7izernW1/6qAKBgI9PST
Wy9+U18pNk0oxrirQbqvux4IVrV2X3QG564b3Qbk7JUXLVRxFENs874BwJVZ7aX4
kamlw3VzXLEt52I6lfD8MeB8I/DRDNLV4ns5FeD4MVjLeDfS3MU7fauwY2S3Vhik
ImOqlA/tsCPo7R+Y4Cv/3sCTFt1ahThQbgNwrOuV2iXWLkD/ooCi8KxVlVQ7W8gv
KjxelxUr13eFUPeIaTHfvKddxwYt+wwNndrHUvBxhd0HaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org