Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZOAJy5S348_Bz555rZdZI2jNZ-g.roa
File:                     ZOAJy5S348_Bz555rZdZI2jNZ-g.roa (raw, json)
Hash identifier:          MDYMIsxLYcTU0SeRkNobXjooSpkExGFL6Mn1man9FFU=
Subject key identifier:   64:E0:09:CB:94:B7:E3:CF:C1:CF:9E:79:AD:97:59:23:68:CD:67:E8
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0AD0
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZOAJy5S348_Bz555rZdZI2jNZ-g.roa
Signing time:             Thu 16 Dec 2021 02:08:04 +0000
ROA not before:           Thu 16 Dec 2021 02:08:04 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17809
IP address blocks:        2401:ab00::/32 maxlen: 96

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2768 (0xad0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Dec 16 02:08:04 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=64E009CB94B7E3CFC1CF9E79AD97592368CD67E8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:67:d5:d3:55:87:ef:de:1c:7c:12:45:ca:04:
                    c2:c2:fe:06:a4:d2:7e:43:4f:03:4f:74:fe:e5:1f:
                    52:a8:22:1e:68:78:7c:50:ae:fd:df:0c:f7:f3:9d:
                    ff:b0:6d:1c:10:3e:40:c6:88:bf:3c:c5:46:8b:0f:
                    e2:5b:4c:03:10:22:c1:40:a3:f9:29:00:c4:3c:6f:
                    a6:2c:81:b9:b0:0b:45:bb:3e:30:24:d7:15:53:d5:
                    1d:b5:9d:59:d7:4b:f3:2d:5b:97:c9:e3:9e:80:bd:
                    41:8b:95:82:39:57:ef:b1:bc:82:55:54:f9:89:05:
                    9f:d6:0f:16:4e:3b:38:2c:bb:55:ce:08:00:56:7b:
                    ef:ba:3e:1a:1d:9b:65:8e:e4:ef:a7:a4:48:a3:e5:
                    30:a5:fc:79:42:19:6e:6c:4d:82:fc:3d:58:b5:73:
                    bf:a1:f9:78:ee:87:ff:93:fd:90:d9:cc:07:a0:89:
                    bf:b8:48:42:de:a3:43:67:d3:be:a2:78:2d:c8:14:
                    61:9a:17:9c:04:23:f4:bd:bb:22:31:5f:20:23:e8:
                    4a:6b:8a:94:44:9f:f2:83:3e:2c:04:45:3e:5d:32:
                    2c:a2:d3:b4:45:11:1e:3d:29:45:b6:17:0a:f7:7a:
                    ef:ef:2d:7a:12:5c:3e:0d:7b:1c:9c:5d:1d:6a:df:
                    84:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:E0:09:CB:94:B7:E3:CF:C1:CF:9E:79:AD:97:59:23:68:CD:67:E8
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZOAJy5S348_Bz555rZdZI2jNZ-g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:ab00::/32

    Signature Algorithm: sha256WithRSAEncryption
         80:31:5b:c9:05:62:22:82:c1:99:60:1d:79:aa:fe:e2:04:33:
         d8:05:ec:96:82:6c:9c:2e:eb:5e:f6:ee:02:05:5d:97:d3:12:
         97:04:f9:50:85:a9:58:06:f7:e6:2c:0b:56:d3:22:a1:c2:9e:
         e2:0e:13:55:5a:f2:eb:80:98:94:26:fc:ea:e1:79:81:36:6b:
         47:ce:5d:85:04:60:62:23:93:e4:bc:ab:5c:fa:2f:2b:66:59:
         ed:0d:d9:a9:b1:0a:c5:16:b5:d9:e3:ea:ea:9f:a3:f8:e8:b8:
         81:9a:10:6b:38:a7:73:d0:d5:fc:65:f7:89:ec:de:82:18:66:
         ec:87:33:9d:01:98:26:05:61:b7:7f:c3:d6:c0:a2:e6:17:e4:
         80:1e:f9:88:53:5a:96:d4:11:14:2d:f5:1e:ee:ff:34:a1:d0:
         fd:b9:1d:76:32:89:51:59:e1:36:cc:fb:3d:74:47:cb:49:a7:
         91:05:7e:17:4c:d8:17:ab:86:57:af:8b:c3:7a:b2:d0:5c:6e:
         81:a4:67:3b:be:4b:92:52:33:7b:3e:2c:0e:46:31:81:db:f0:
         e9:16:79:06:6e:fd:38:0a:dd:8a:13:b0:81:f6:63:8d:31:be:
         02:c2:42:ee:01:eb:4e:bc:54:e3:5b:66:79:76:1e:47:c9:3a:
         54:14:81:c0
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCtAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMTEyMTYw
MjA4MDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY0RTAwOUNCOTRCN0Uz
Q0ZDMUNGOUU3OUFEOTc1OTIzNjhDRDY3RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGZ9XTVYfv3hx8EkXKBMLC/gak0n5DTwNPdP7lH1KoIh5oeHxQ
rv3fDPfznf+wbRwQPkDGiL88xUaLD+JbTAMQIsFAo/kpAMQ8b6YsgbmwC0W7PjAk
1xVT1R21nVnXS/MtW5fJ456AvUGLlYI5V++xvIJVVPmJBZ/WDxZOOzgsu1XOCABW
e++6Phodm2WO5O+npEij5TCl/HlCGW5sTYL8PVi1c7+h+Xjuh/+T/ZDZzAegib+4
SELeo0Nn076ieC3IFGGaF5wEI/S9uyIxXyAj6EpripREn/KDPiwERT5dMiyi07RF
ER49KUW2Fwr3eu/vLXoSXD4NexycXR1q34RJAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUZOAJy5S348/Bz555rZdZI2jNZ+gwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWk9BSnk1UzM0OF9CejU1NXJaZFpJ
MmpOWi1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQBqwAw
DQYJKoZIhvcNAQELBQADggEBAIAxW8kFYiKCwZlgHXmq/uIEM9gF7JaCbJwu6172
7gIFXZfTEpcE+VCFqVgG9+YsC1bTIqHCnuIOE1Va8uuAmJQm/OrheYE2a0fOXYUE
YGIjk+S8q1z6LytmWe0N2amxCsUWtdnj6uqfo/jouIGaEGs4p3PQ1fxl94ns3oIY
ZuyHM50BmCYFYbd/w9bAouYX5IAe+YhTWpbUERQt9R7u/zSh0P25HXYyiVFZ4TbM
+z10R8tJp5EFfhdM2Berhlevi8N6stBcboGkZzu+S5JSM3s+LA5GMYHb8OkWeQZu
/TgK3YoTsIH2Y40xvgLCQu4B6068VONbZnl2HkfJOlQUgcA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org