Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KqhYWdjUgYvkDq-5d2_8-r8xzLI.roa
File:                     KqhYWdjUgYvkDq-5d2_8-r8xzLI.roa (raw, json)
Hash identifier:          uUha90Ro3eXeIu2gaAbBQ55mcaIYp3a6ggVUZxif2zA=
Subject key identifier:   2A:A8:58:59:D8:D4:81:8B:E4:0E:AF:B9:77:6F:FC:FA:BF:31:CC:B2
Certificate issuer:       /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial:       079E
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KqhYWdjUgYvkDq-5d2_8-r8xzLI.roa
Signing time:             Tue 29 Sep 2020 10:03:14 +0000
ROA not before:           Tue 29 Sep 2020 10:03:14 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9244
IP address blocks:        61.247.168.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1950 (0x79e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
        Validity
            Not Before: Sep 29 10:03:14 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=2AA85859D8D4818BE40EAFB9776FFCFABF31CCB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:60:f7:69:bc:ab:be:68:46:d3:e1:6a:a8:cf:
                    34:20:f4:23:dd:de:75:6d:04:ac:17:b2:4b:b9:9a:
                    fd:ad:9e:a6:2b:8c:aa:28:84:ec:c2:5d:a9:6b:ce:
                    dc:9d:46:3d:7b:50:8d:a1:f1:cf:c8:98:6e:d0:ab:
                    14:ac:4d:04:31:44:68:77:2c:b4:4b:12:ad:ed:c4:
                    22:ae:98:09:f0:73:f1:6a:9d:d1:2e:fd:2f:74:ff:
                    a5:27:aa:6b:be:84:e5:3c:c4:68:cc:c0:a0:1b:fa:
                    7a:d4:aa:9d:4e:1c:46:40:26:69:1f:f2:4a:7c:c9:
                    45:17:1c:59:6b:d3:15:d3:d4:40:6e:61:62:b6:12:
                    18:3d:ea:82:b7:91:55:8b:fb:ae:55:47:a3:bf:ba:
                    57:66:c4:bb:32:1c:cd:6a:a7:a0:b0:94:0c:a1:5f:
                    79:74:6c:24:4f:b6:61:d1:13:d7:d5:21:ed:7a:9f:
                    6c:7f:5f:9a:9f:b5:25:81:c5:2e:b0:ba:8d:52:43:
                    c9:14:9f:44:ef:fe:01:1e:7d:a0:79:bd:1e:95:17:
                    5e:80:3d:a3:43:2e:68:d0:4c:dc:09:b9:09:3a:d7:
                    b2:1c:5f:70:88:14:f4:c3:c3:7b:d5:7d:85:49:75:
                    fc:b3:67:a8:57:45:61:78:2f:02:a0:ee:c5:ba:ac:
                    90:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:A8:58:59:D8:D4:81:8B:E4:0E:AF:B9:77:6F:FC:FA:BF:31:CC:B2
            X509v3 Authority Key Identifier:
                keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KqhYWdjUgYvkDq-5d2_8-r8xzLI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.247.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3c:4e:3b:03:a4:09:cc:99:7a:46:5d:da:95:aa:42:23:e1:12:
         3b:72:40:61:c2:d3:8f:80:46:b8:47:b7:8f:62:fa:1e:6d:89:
         6f:b0:cd:c3:5f:f5:30:11:33:b5:e1:da:56:b6:89:dd:a9:59:
         51:34:5d:4c:21:c2:e8:3c:14:e9:c3:f5:d3:76:f6:fe:0a:d8:
         9d:0f:e3:70:cb:62:de:68:30:8d:c8:75:5c:e9:23:4b:ed:a0:
         b3:57:28:59:42:f9:6a:7f:76:25:b9:41:52:dc:03:b5:66:c0:
         ee:b8:c5:ee:6c:36:38:95:2c:09:71:ff:7c:1e:62:14:04:ad:
         8a:ac:5d:3e:16:b3:d0:d2:d6:51:3b:ce:0f:d6:9f:b9:9f:9e:
         98:ba:96:8d:98:25:03:89:6e:c0:4a:dd:54:48:12:31:07:0a:
         bb:3d:80:e6:00:24:38:01:83:e7:5f:11:d0:14:45:d4:16:20:
         69:0d:d1:6c:85:96:31:7a:15:1e:e0:b4:74:de:39:51:f7:75:
         ad:10:22:02:66:3a:57:bd:3d:d8:31:cf:5a:0a:85:0b:f2:a3:
         61:a6:99:a9:59:92:25:d1:02:96:1e:55:e0:b3:c8:97:ec:10:
         31:4d:10:bf:4a:11:a3:f0:dd:56:dd:db:47:75:c9:e1:02:bf:
         4e:8b:50:c9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMDA5Mjkx
MDAzMTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJBQTg1ODU5RDhENDgx
OEJFNDBFQUZCOTc3NkZGQ0ZBQkYzMUNDQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbYPdpvKu+aEbT4WqozzQg9CPd3nVtBKwXsku5mv2tnqYrjKoo
hOzCXalrztydRj17UI2h8c/ImG7QqxSsTQQxRGh3LLRLEq3txCKumAnwc/FqndEu
/S90/6Unqmu+hOU8xGjMwKAb+nrUqp1OHEZAJmkf8kp8yUUXHFlr0xXT1EBuYWK2
Ehg96oK3kVWL+65VR6O/uldmxLsyHM1qp6CwlAyhX3l0bCRPtmHRE9fVIe16n2x/
X5qftSWBxS6wuo1SQ8kUn0Tv/gEefaB5vR6VF16APaNDLmjQTNwJuQk617IcX3CI
FPTDw3vVfYVJdfyzZ6hXRWF4LwKg7sW6rJCzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKqhYWdjUgYvkDq+5d2/8+r8xzLIwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL0txaFlXZGpVZ1l2a0RxLTVk
Ml84LXI4eHpMSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
96gwDQYJKoZIhvcNAQELBQADggEBADxOOwOkCcyZekZd2pWqQiPhEjtyQGHC04+A
RrhHt49i+h5tiW+wzcNf9TARM7Xh2la2id2pWVE0XUwhwug8FOnD9dN29v4K2J0P
43DLYt5oMI3IdVzpI0vtoLNXKFlC+Wp/diW5QVLcA7VmwO64xe5sNjiVLAlx/3we
YhQErYqsXT4Ws9DS1lE7zg/Wn7mfnpi6lo2YJQOJbsBK3VRIEjEHCrs9gOYAJDgB
g+dfEdAURdQWIGkN0WyFljF6FR7gtHTeOVH3da0QIgJmOle9Pdgxz1oKhQvyo2Gm
malZkiXRApYeVeCzyJfsEDFNEL9KEaPw3Vbd20d1yeECv06LUMk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org