Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/xDblzpHXaMfOZ61yG7zcVddY67E.roa
File:                     xDblzpHXaMfOZ61yG7zcVddY67E.roa (raw, json)
Hash identifier:          vYUkD3EZzmss7Nuioithzdxm9SR1KJ1Couyr7LUIs5U=
Subject key identifier:   C4:36:E5:CE:91:D7:68:C7:CE:67:AD:72:1B:BC:DC:55:D7:58:EB:B1
Certificate issuer:       /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial:       0796
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/xDblzpHXaMfOZ61yG7zcVddY67E.roa
Signing time:             Tue 29 Sep 2020 10:03:13 +0000
ROA not before:           Tue 29 Sep 2020 10:03:13 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9244
IP address blocks:        61.247.160.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1942 (0x796)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
        Validity
            Not Before: Sep 29 10:03:13 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=C436E5CE91D768C7CE67AD721BBCDC55D758EBB1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a9:35:54:50:b0:c9:2a:52:d0:36:ed:87:66:
                    af:d3:90:a5:46:1a:e9:05:ac:d6:05:30:65:3b:b4:
                    7b:c9:ab:1e:05:0c:c0:bb:91:bb:4c:87:c5:6a:90:
                    83:7a:5d:ea:75:55:ae:01:60:a3:be:71:73:92:7b:
                    97:85:70:dd:ea:05:41:48:8a:70:23:09:fb:5a:86:
                    99:a4:a0:96:b7:e7:40:76:e7:08:12:ca:f9:8d:4d:
                    fe:47:ae:87:37:a8:c7:15:11:1f:45:f7:64:3a:2f:
                    11:01:14:6c:83:3b:2e:79:40:94:d3:64:7a:6e:a4:
                    28:0f:12:c7:1c:8b:a1:1d:e9:24:c5:99:a2:d4:55:
                    5f:a7:cb:e4:fb:55:cf:93:bb:57:07:05:35:cb:57:
                    5f:12:62:d5:c6:23:71:d3:81:09:56:82:63:66:89:
                    ff:54:f8:7b:6e:a0:73:4c:4b:e5:55:59:d8:d2:a9:
                    44:3f:96:48:85:39:de:a5:99:31:26:73:4c:3c:57:
                    ab:67:54:0a:80:bb:7b:be:37:99:aa:a5:25:99:47:
                    cb:8d:e4:81:27:60:64:d1:68:f8:ce:25:f6:82:e9:
                    7e:b1:f4:50:32:92:f2:ee:15:64:f2:73:49:cc:f0:
                    56:6b:50:90:fd:1b:14:03:47:8f:64:ea:05:bd:06:
                    eb:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:36:E5:CE:91:D7:68:C7:CE:67:AD:72:1B:BC:DC:55:D7:58:EB:B1
            X509v3 Authority Key Identifier:
                keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/xDblzpHXaMfOZ61yG7zcVddY67E.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.247.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         84:cc:96:b7:48:1b:c7:9b:7c:4c:a1:ea:6a:2d:66:b5:a4:c1:
         2c:1e:37:84:80:93:14:f9:c1:ab:e6:bd:8d:de:f0:5d:a6:3a:
         73:e7:b0:1d:ab:4b:99:d0:c1:d3:ab:88:08:f8:2d:54:95:c6:
         96:5f:94:c3:e7:3b:3d:ba:98:b9:af:52:d1:78:ca:bd:88:2c:
         2f:e1:14:77:2e:b7:7e:48:04:c4:c6:d7:59:99:91:7e:4e:e7:
         f6:20:d3:c7:42:e2:c6:b4:82:97:1b:99:bd:6d:24:86:cc:fb:
         9d:3d:5f:e0:06:aa:bf:c7:4c:fa:45:4e:18:6f:a9:f8:72:3b:
         5d:c5:8b:95:88:89:39:6f:ce:a3:bb:10:b6:cc:dd:fc:f1:d3:
         d1:ed:b5:ad:06:75:5d:61:7f:3c:4b:75:00:93:5a:b4:2c:79:
         66:9c:7f:6a:4e:24:6e:58:94:09:ab:a9:ba:cd:c3:78:36:d0:
         49:60:c0:df:38:26:ee:bf:76:6c:f8:ca:2a:81:d5:ca:d6:ce:
         7c:1e:39:6f:ba:29:3e:86:82:a9:3f:df:24:da:c6:99:ba:ef:
         6c:d6:bb:ff:0a:1a:57:54:a4:79:6e:15:63:a8:b7:8e:63:12:
         24:28:0c:dd:97:7f:6e:33:23:be:77:09:ba:43:55:63:27:9f:
         35:b4:b5:54
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMDA5Mjkx
MDAzMTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM0MzZFNUNFOTFENzY4
QzdDRTY3QUQ3MjFCQkNEQzU1RDc1OEVCQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClqTVUULDJKlLQNu2HZq/TkKVGGukFrNYFMGU7tHvJqx4FDMC7
kbtMh8VqkIN6Xep1Va4BYKO+cXOSe5eFcN3qBUFIinAjCftahpmkoJa350B25wgS
yvmNTf5Hroc3qMcVER9F92Q6LxEBFGyDOy55QJTTZHpupCgPEscci6Ed6STFmaLU
VV+ny+T7Vc+Tu1cHBTXLV18SYtXGI3HTgQlWgmNmif9U+HtuoHNMS+VVWdjSqUQ/
lkiFOd6lmTEmc0w8V6tnVAqAu3u+N5mqpSWZR8uN5IEnYGTRaPjOJfaC6X6x9FAy
kvLuFWTyc0nM8FZrUJD9GxQDR49k6gW9BusNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxDblzpHXaMfOZ61yG7zcVddY67EwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL3hEYmx6cEhYYU1mT1o2MXlH
N3pjVmRkWTY3RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9
96AwDQYJKoZIhvcNAQELBQADggEBAITMlrdIG8ebfEyh6motZrWkwSweN4SAkxT5
wavmvY3e8F2mOnPnsB2rS5nQwdOriAj4LVSVxpZflMPnOz26mLmvUtF4yr2ILC/h
FHcut35IBMTG11mZkX5O5/Yg08dC4sa0gpcbmb1tJIbM+509X+AGqr/HTPpFThhv
qfhyO13Fi5WIiTlvzqO7ELbM3fzx09Htta0GdV1hfzxLdQCTWrQseWacf2pOJG5Y
lAmrqbrNw3g20ElgwN84Ju6/dmz4yiqB1crWznweOW+6KT6Ggqk/3yTaxpm672zW
u/8KGldUpHluFWOot45jEiQoDN2Xf24zI753CbpDVWMnnzW0tVQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org