Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/CrWJHWGwvinGiWH0iVkjWndZOS8.roa
File:                     CrWJHWGwvinGiWH0iVkjWndZOS8.roa (raw, json)
Hash identifier:          zWPI18Xp9wC/NSkc8iRqzVYHY40Mvm19D7KIvBl5DY4=
Subject key identifier:   0A:B5:89:1D:61:B0:BE:29:C6:89:61:F4:89:59:23:5A:77:59:39:2F
Certificate issuer:       /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial:       0B08
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/CrWJHWGwvinGiWH0iVkjWndZOS8.roa
Signing time:             Thu 23 Mar 2023 00:21:10 +0000
ROA not before:           Thu 23 Mar 2023 00:21:10 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     198949
IP address blocks:        61.65.236.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2824 (0xb08)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
        Validity
            Not Before: Mar 23 00:21:10 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=0AB5891D61B0BE29C68961F48959235A7759392F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a6:2f:37:27:f6:f2:2c:c0:e9:e4:6c:65:54:
                    c4:21:2d:3f:56:b6:15:57:84:bc:3b:90:c7:e2:33:
                    c7:ae:5b:4e:60:e9:35:4b:c9:d9:c8:3e:e4:dd:42:
                    01:1b:ac:4a:f6:c5:90:11:ec:9f:bc:cd:d0:d2:e1:
                    6c:d3:04:d2:68:17:e7:ba:b5:4f:ca:d9:c5:d9:9d:
                    d7:7a:d0:8f:86:00:44:21:61:55:63:a1:02:ec:da:
                    b6:f1:d5:d8:1e:46:12:64:47:6c:a0:c3:c7:94:e2:
                    b1:d2:53:41:98:ab:88:66:23:20:f5:3e:ba:83:2b:
                    29:a3:a5:7d:ae:62:94:5a:e1:56:3d:1b:a1:77:58:
                    4b:7d:66:3f:15:0e:e9:f0:a2:dd:42:6c:16:f0:3e:
                    33:50:c9:61:1e:c4:f0:db:77:a9:ba:0b:91:10:cb:
                    9e:40:d5:17:f6:ea:33:be:7b:13:4b:32:b1:a9:7a:
                    9f:4b:67:8e:88:5a:48:2a:cf:fd:c2:66:8f:09:27:
                    eb:da:bb:89:97:9a:61:89:de:98:72:14:e5:58:d8:
                    17:8a:8e:29:b6:87:04:81:71:dd:09:da:5c:46:ab:
                    2f:fe:4b:5b:dd:f1:34:d8:cc:78:55:6a:12:6a:b8:
                    51:0f:5f:17:f1:25:11:54:af:df:2e:47:22:6d:ec:
                    0e:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:B5:89:1D:61:B0:BE:29:C6:89:61:F4:89:59:23:5A:77:59:39:2F
            X509v3 Authority Key Identifier:
                keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/CrWJHWGwvinGiWH0iVkjWndZOS8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.65.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:84:3b:58:b3:2e:cd:9b:28:b3:7b:6e:bd:61:93:71:03:a6:
         8a:cb:e6:2e:80:6e:0f:d3:8f:e7:1d:6e:bb:84:27:d5:e4:4f:
         bc:52:ca:1e:e1:e3:8e:d4:f4:cb:1c:ae:d7:b6:2d:31:ab:a9:
         5c:fc:19:b1:68:e3:4b:c1:d4:e4:fd:87:8d:8c:8a:ac:2a:32:
         19:4d:30:a4:a7:66:cf:7b:22:a6:04:b3:e7:16:27:fb:1a:94:
         6c:b4:34:e9:8e:28:f6:eb:52:09:e6:df:a8:53:b7:38:dd:7c:
         4d:81:d2:6b:9a:f8:67:ad:ea:29:24:dc:4e:9f:ad:5f:96:f8:
         0e:99:15:b0:39:ef:9c:db:bb:43:f9:f0:71:09:3c:a6:8a:78:
         26:9c:4c:34:8d:8c:b9:bf:d7:f0:3c:7a:8e:92:90:2b:b8:91:
         81:ee:27:a9:05:63:8c:a4:4e:4d:b1:02:7c:c6:68:79:dc:85:
         d1:73:7c:71:7c:4f:eb:d1:b7:4f:49:68:70:de:a6:e7:c1:67:
         fc:35:bd:d8:06:e1:75:56:48:5d:bb:5c:7f:ab:36:e5:aa:34:
         c6:d9:49:3d:d3:5a:e0:e3:ec:36:0e:8d:3f:fb:5b:61:42:66:
         d0:94:87:13:a4:18:0e:c1:d3:11:b7:0e:4c:4b:52:71:13:89:
         d6:d1:68:e1
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCwgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yMzAzMjMw
MDIxMTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBBQjU4OTFENjFCMEJF
MjlDNjg5NjFGNDg5NTkyMzVBNzc1OTM5MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQpi83J/byLMDp5GxlVMQhLT9WthVXhLw7kMfiM8euW05g6TVL
ydnIPuTdQgEbrEr2xZAR7J+8zdDS4WzTBNJoF+e6tU/K2cXZndd60I+GAEQhYVVj
oQLs2rbx1dgeRhJkR2ygw8eU4rHSU0GYq4hmIyD1PrqDKymjpX2uYpRa4VY9G6F3
WEt9Zj8VDunwot1CbBbwPjNQyWEexPDbd6m6C5EQy55A1Rf26jO+exNLMrGpep9L
Z46IWkgqz/3CZo8JJ+vau4mXmmGJ3phyFOVY2BeKjim2hwSBcd0J2lxGqy/+S1vd
8TTYzHhVahJquFEPXxfxJRFUr98uRyJt7A7PAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUCrWJHWGwvinGiWH0iVkjWndZOS8wHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9DcldKSFdHd3Zpbkdp
V0gwaVZralduZFpPUzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAPUHsMA0GCSqGSIb3DQEBCwUAA4IBAQBYhDtYsy7Nmyize269YZNxA6aKy+Yu
gG4P04/nHW67hCfV5E+8Usoe4eOO1PTLHK7Xti0xq6lc/BmxaONLwdTk/YeNjIqs
KjIZTTCkp2bPeyKmBLPnFif7GpRstDTpjij261IJ5t+oU7c43XxNgdJrmvhnreop
JNxOn61flvgOmRWwOe+c27tD+fBxCTymingmnEw0jYy5v9fwPHqOkpAruJGB7iep
BWOMpE5NsQJ8xmh53IXRc3xxfE/r0bdPSWhw3qbnwWf8Nb3YBuF1Vkhdu1x/qzbl
qjTG2Uk901rg4+w2Do0/+1thQmbQlIcTpBgOwdMRtw5MS1JxE4nW0Wjh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org