Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/X5KH4nw2-OHVBCcZN-5YRe43BRg.roa
File:                     X5KH4nw2-OHVBCcZN-5YRe43BRg.roa (raw, json)
Hash identifier:          TH9TSWuTVkzAztMRyrOm8DuwofkO4LCrHdTC/bkSwds=
Subject key identifier:   5F:92:87:E2:7C:36:F8:E1:D5:04:27:19:37:EE:58:45:EE:37:05:18
Certificate issuer:       /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial:       0AB7
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/X5KH4nw2-OHVBCcZN-5YRe43BRg.roa
Signing time:             Thu 15 Sep 2022 02:37:41 +0000
ROA not before:           Thu 15 Sep 2022 02:37:41 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9244
IP address blocks:        61.56.64.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2743 (0xab7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
        Validity
            Not Before: Sep 15 02:37:41 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=5F9287E27C36F8E1D504271937EE5845EE370518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:f9:43:f4:28:88:8f:88:eb:55:eb:a0:a6:6d:
                    df:11:25:9f:22:39:f6:20:2a:f7:5c:87:a0:af:ff:
                    af:a4:55:0d:a5:2c:4d:7e:46:29:f3:b5:cb:a1:83:
                    cc:9b:18:d5:e3:be:ee:e8:26:52:3e:af:80:25:ef:
                    3c:32:b3:04:05:2a:cc:30:bc:01:57:68:80:6c:ec:
                    6c:37:89:ef:f5:7a:8d:af:b0:fe:e4:bf:da:fb:ff:
                    40:75:02:cb:10:67:97:73:5c:3f:17:9f:dc:b8:ca:
                    28:ce:dc:0d:09:16:2c:57:c2:8b:ce:44:05:ac:84:
                    31:8e:02:27:8d:c1:f9:ef:3f:a2:42:7c:81:d3:28:
                    5e:9b:c5:9e:4b:80:d8:7e:2a:0f:e4:b0:87:a3:c1:
                    aa:80:50:29:09:c8:83:cc:78:d3:97:3d:99:7a:d2:
                    bc:ab:1e:95:58:ce:9c:df:4f:d3:a7:f7:b4:19:f8:
                    94:03:6f:4d:82:27:8e:90:18:39:e3:61:5e:e5:55:
                    49:c1:ae:8d:e1:bc:68:fa:5e:81:3f:a6:d0:47:96:
                    b7:6d:b9:9c:8c:6d:32:b4:62:12:4d:fa:f0:79:da:
                    53:8a:f3:74:02:4b:29:ec:fa:38:b9:f0:5c:89:fc:
                    44:e2:ac:31:f6:36:54:ae:ec:68:93:e2:88:c0:5f:
                    bf:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:92:87:E2:7C:36:F8:E1:D5:04:27:19:37:EE:58:45:EE:37:05:18
            X509v3 Authority Key Identifier:
                keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/X5KH4nw2-OHVBCcZN-5YRe43BRg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.56.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         32:66:02:26:b9:ee:23:e4:d5:f3:ac:28:02:2c:4a:75:61:7c:
         d7:d0:14:af:a7:2b:29:18:2a:a6:e1:be:4c:66:38:12:41:23:
         19:18:32:ba:fd:90:6e:23:08:d6:2b:ba:3c:40:5f:b0:e4:28:
         f9:91:eb:3a:f2:87:45:4d:79:d6:20:35:72:96:33:e1:a3:e6:
         86:b0:d4:ce:c1:be:f0:c8:f9:07:f8:e9:e9:0d:e0:c2:4c:03:
         01:46:8f:d3:10:a9:7b:d9:b7:4b:d9:19:19:3c:8c:55:52:64:
         bc:31:c4:fb:d6:8a:0f:99:15:40:c1:5b:0d:0e:15:ef:0a:32:
         ec:bb:19:ac:8a:75:7e:45:fe:09:2b:2e:2a:84:85:fb:31:cf:
         d8:13:1f:d4:78:e1:c7:b8:ce:59:c7:50:56:1d:d8:e8:5d:0a:
         a8:f7:7c:d9:22:48:fe:0c:d2:a0:b8:7c:aa:0d:24:b2:ba:d1:
         79:04:a0:78:3d:4c:de:e4:5a:0c:af:3e:18:79:02:28:0f:56:
         9a:d4:4f:10:d3:10:b6:e9:68:70:cf:0e:1f:f8:93:86:97:9d:
         c8:04:9c:82:36:a3:c4:e3:ca:3b:08:b7:69:59:b7:f6:de:db:
         e8:65:0c:ee:17:01:f6:9f:1d:94:23:20:b6:5a:93:86:22:de:
         a7:fa:d3:bb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMjA5MTUw
MjM3NDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVGOTI4N0UyN0MzNkY4
RTFENTA0MjcxOTM3RUU1ODQ1RUUzNzA1MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCU+UP0KIiPiOtV66Cmbd8RJZ8iOfYgKvdch6Cv/6+kVQ2lLE1+
Rinztcuhg8ybGNXjvu7oJlI+r4Al7zwyswQFKswwvAFXaIBs7Gw3ie/1eo2vsP7k
v9r7/0B1AssQZ5dzXD8Xn9y4yijO3A0JFixXwovORAWshDGOAieNwfnvP6JCfIHT
KF6bxZ5LgNh+Kg/ksIejwaqAUCkJyIPMeNOXPZl60ryrHpVYzpzfT9On97QZ+JQD
b02CJ46QGDnjYV7lVUnBro3hvGj6XoE/ptBHlrdtuZyMbTK0YhJN+vB52lOK83QC
Syns+ji58FyJ/ETirDH2NlSu7GiT4ojAX78tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUX5KH4nw2+OHVBCcZN+5YRe43BRgwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL1g1S0g0bncyLU9IVkJDY1pO
LTVZUmU0M0JSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9
OEAwDQYJKoZIhvcNAQELBQADggEBADJmAia57iPk1fOsKAIsSnVhfNfQFK+nKykY
KqbhvkxmOBJBIxkYMrr9kG4jCNYrujxAX7DkKPmR6zryh0VNedYgNXKWM+Gj5oaw
1M7BvvDI+Qf46ekN4MJMAwFGj9MQqXvZt0vZGRk8jFVSZLwxxPvWig+ZFUDBWw0O
Fe8KMuy7GayKdX5F/gkrLiqEhfsxz9gTH9R44ce4zlnHUFYd2OhdCqj3fNkiSP4M
0qC4fKoNJLK60XkEoHg9TN7kWgyvPhh5AigPVprUTxDTELbpaHDPDh/4k4aXncgE
nII2o8TjyjsIt2lZt/be2+hlDO4XAfafHZQjILZak4Yi3qf607s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org