Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EDTNS/it86xpPcDEOfEtVxmVvhMgVk8Rk.roa
File:                     it86xpPcDEOfEtVxmVvhMgVk8Rk.roa (raw, json)
Hash identifier:          opeB4RuoIEg/xLDNYGCcCvbAnJks+P/Fm6ovu32b93Q=
Subject key identifier:   8A:DF:3A:C6:93:DC:0C:43:9F:12:D5:71:99:5B:E1:32:05:64:F1:19
Certificate issuer:       /CN=94C6DDFDD4BAA50400F3A119A5833CE0021BDB2E
Certificate serial:       0B17
Authority key identifier: 94:C6:DD:FD:D4:BA:A5:04:00:F3:A1:19:A5:83:3C:E0:02:1B:DB:2E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/lMbd_dS6pQQA86EZpYM84AIb2y4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EDTNS/it86xpPcDEOfEtVxmVvhMgVk8Rk.roa
Signing time:             Tue 11 Jul 2023 06:31:27 +0000
ROA not before:           Tue 11 Jul 2023 06:31:27 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18411
IP address blocks:        61.56.16.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2839 (0xb17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94C6DDFDD4BAA50400F3A119A5833CE0021BDB2E
        Validity
            Not Before: Jul 11 06:31:27 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=8ADF3AC693DC0C439F12D571995BE1320564F119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:2f:93:0f:ae:e5:5a:1a:9f:3f:6a:86:dd:aa:
                    9c:0f:cd:d5:8a:40:82:b5:b4:0f:c5:84:97:10:db:
                    46:81:0d:e2:52:5c:3b:0a:0d:0e:2f:9c:9c:54:03:
                    3b:1a:93:9a:76:ec:69:30:93:cf:78:e6:cd:9e:a8:
                    e7:ba:d3:e3:da:4b:86:d6:19:61:19:8c:39:47:16:
                    95:d7:cf:11:91:f2:ad:4c:9e:b6:3d:27:88:19:46:
                    c0:4d:0d:19:5a:3f:b0:0c:ab:ca:ca:e4:f1:94:c8:
                    93:31:1b:2c:25:33:3c:af:d9:56:cf:fb:3b:da:af:
                    56:87:78:87:92:73:04:62:8f:0d:39:58:74:2e:4c:
                    5f:dc:31:e5:aa:12:05:9a:77:0f:51:c3:44:f7:04:
                    42:87:bc:0a:d7:b9:47:3d:ba:f2:c4:44:0e:87:88:
                    f4:8e:81:8b:f9:54:bd:21:03:20:c4:86:8b:4f:f2:
                    bf:73:15:d2:01:be:bd:f0:38:b6:b7:81:51:32:22:
                    55:15:9a:8d:33:f8:93:30:e5:b8:b1:a2:3e:42:0e:
                    66:c9:db:4b:7d:fc:a7:55:a8:33:dd:71:9c:e6:b8:
                    68:c4:28:b4:55:51:4b:b5:0a:af:bd:27:93:3a:a7:
                    32:a6:b7:06:06:64:c5:ca:55:64:f9:9d:78:c0:c2:
                    79:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:DF:3A:C6:93:DC:0C:43:9F:12:D5:71:99:5B:E1:32:05:64:F1:19
            X509v3 Authority Key Identifier:
                keyid:94:C6:DD:FD:D4:BA:A5:04:00:F3:A1:19:A5:83:3C:E0:02:1B:DB:2E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EDTNS/lMbd_dS6pQQA86EZpYM84AIb2y4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/lMbd_dS6pQQA86EZpYM84AIb2y4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EDTNS/it86xpPcDEOfEtVxmVvhMgVk8Rk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.56.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         10:5c:34:10:8e:fe:a3:fb:21:40:94:b0:26:94:58:03:00:48:
         d2:f2:3b:1d:e7:1e:e0:18:dc:28:33:53:44:0b:44:86:b2:8d:
         fd:09:c6:0b:cb:0a:d2:d9:8c:92:d3:76:de:16:52:72:fb:59:
         25:a2:cf:2f:03:68:a0:23:2f:47:09:15:7f:c0:70:37:cc:1e:
         b1:00:11:3b:0e:b9:a9:06:9c:e5:c9:b9:b9:f4:e1:92:02:50:
         f2:db:6f:cb:23:03:d8:59:5a:9a:f3:5b:15:e9:10:33:fb:42:
         49:ac:b0:ce:f4:16:14:e1:a2:7b:54:0e:f9:72:5e:3d:18:4f:
         9f:58:b1:fe:0a:2b:a1:3d:12:63:b5:63:93:84:20:38:17:1c:
         e4:99:d9:5c:31:cb:cc:7e:10:1a:97:0d:87:9f:8a:f3:e0:8c:
         e6:e7:89:06:9d:b7:8a:e0:bb:a6:79:95:ee:d0:25:2c:ee:4f:
         ef:ee:4a:54:a1:15:a8:b6:2c:a5:a2:56:51:84:94:e9:d5:c4:
         3f:3e:33:99:30:1c:a2:c5:4b:9b:08:ec:05:e7:31:2e:a6:6c:
         4a:6c:64:bc:fb:17:cc:7f:d3:b6:fa:1f:48:fe:9a:60:2b:e1:
         0c:25:d3:4c:09:d4:40:0f:58:0a:e3:22:f6:c6:dd:29:48:8b:
         96:95:49:79
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRD
NkRERkRENEJBQTUwNDAwRjNBMTE5QTU4MzNDRTAwMjFCREIyRTAeFw0yMzA3MTEw
NjMxMjdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDhBREYzQUM2OTNEQzBD
NDM5RjEyRDU3MTk5NUJFMTMyMDU2NEYxMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzL5MPruVaGp8/aobdqpwPzdWKQIK1tA/FhJcQ20aBDeJSXDsK
DQ4vnJxUAzsak5p27Gkwk8945s2eqOe60+PaS4bWGWEZjDlHFpXXzxGR8q1MnrY9
J4gZRsBNDRlaP7AMq8rK5PGUyJMxGywlMzyv2VbP+zvar1aHeIeScwRijw05WHQu
TF/cMeWqEgWadw9Rw0T3BEKHvArXuUc9uvLERA6HiPSOgYv5VL0hAyDEhotP8r9z
FdIBvr3wOLa3gVEyIlUVmo0z+JMw5bixoj5CDmbJ20t9/KdVqDPdcZzmuGjEKLRV
UUu1Cq+9J5M6pzKmtwYGZMXKVWT5nXjAwnm9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUit86xpPcDEOfEtVxmVvhMgVk8RkwHwYDVR0jBBgwFoAUlMbd/dS6pQQA86EZ
pYM84AIb2y4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRURUTlMv
bE1iZF9kUzZwUVFBODZFWnBZTTg0QUliMnk0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9sTWJkX2RTNnBRUUE4NkVacFlNODRBSWIyeTQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FRFROUy9pdDg2eHBQY0RFT2ZFdFZ4bVZ2
aE1nVms4Umsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAQXDQQjv6j+yFAlLAmlFgDAEjS8jsd5x7gGNwo
M1NEC0SGso39CcYLywrS2YyS03beFlJy+1klos8vA2igIy9HCRV/wHA3zB6xABE7
DrmpBpzlybm59OGSAlDy22/LIwPYWVqa81sV6RAz+0JJrLDO9BYU4aJ7VA75cl49
GE+fWLH+CiuhPRJjtWOThCA4FxzkmdlcMcvMfhAalw2Hn4rz4Izm54kGnbeK4Lum
eZXu0CUs7k/v7kpUoRWotiylolZRhJTp1cQ/PjOZMByixUubCOwF5zEupmxKbGS8
+xfMf9O2+h9I/ppgK+EMJdNMCdRAD1gK4yL2xt0pSIuWlUl5
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org