Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/0pW-6K8OSdlNy_q_CK90j5xEXwM.roa
File:                     0pW-6K8OSdlNy_q_CK90j5xEXwM.roa (raw, json)
Hash identifier:          Ldlj6FC/E7JcqchnS/KdoF42AsfyBFCpvbjlf343V8U=
Subject key identifier:   D2:95:BE:E8:AF:0E:49:D9:4D:CB:FA:BF:08:AF:74:8F:9C:44:5F:03
Certificate issuer:       /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Certificate serial:       0784
Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/0pW-6K8OSdlNy_q_CK90j5xEXwM.roa
Signing time:             Tue 29 Sep 2020 10:03:52 +0000
ROA not before:           Tue 29 Sep 2020 10:03:52 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     4782
IP address blocks:        211.79.160.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1924 (0x784)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
        Validity
            Not Before: Sep 29 10:03:52 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=D295BEE8AF0E49D94DCBFABF08AF748F9C445F03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:90:29:c2:3b:99:4d:91:4b:94:cd:91:64:99:
                    a9:53:43:a1:f1:a2:a0:b3:2a:c0:34:11:a5:fb:de:
                    c0:94:9b:5f:1f:d6:df:6c:69:d3:43:c8:54:2b:b5:
                    0f:7a:0e:5c:a3:ef:7d:0d:97:2d:b5:f9:11:be:27:
                    5c:c9:0c:3c:e1:fc:3d:28:1f:06:98:d6:90:6a:d2:
                    16:de:27:0c:1e:eb:36:a4:5f:74:69:6e:98:37:4e:
                    b4:f9:ab:95:10:f6:90:ec:e1:ad:d6:77:76:01:d6:
                    4a:e3:c8:74:0d:44:d7:24:4f:e5:f6:72:45:d8:d0:
                    02:fd:36:78:ed:47:f5:bd:0b:5e:7c:8b:ac:4f:16:
                    1d:11:95:a1:a1:00:97:2f:32:19:07:44:13:b8:31:
                    65:04:b5:70:32:a4:9b:f4:7b:9f:fd:14:56:69:c1:
                    5a:05:d4:82:b1:1c:7b:26:5c:05:06:d8:3e:fc:01:
                    55:07:db:1b:e2:da:f6:e9:97:7a:bb:2e:61:02:c0:
                    09:69:64:95:02:3c:b7:f8:a0:e3:45:b4:39:c2:3e:
                    13:4e:08:26:15:9f:64:de:c6:d1:31:fa:fd:e8:35:
                    b4:eb:cd:bb:e8:bc:98:0a:88:f5:a3:9a:38:71:58:
                    fe:4e:86:29:33:e2:28:d4:cd:bd:9e:42:95:eb:e1:
                    5c:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:95:BE:E8:AF:0E:49:D9:4D:CB:FA:BF:08:AF:74:8F:9C:44:5F:03
            X509v3 Authority Key Identifier:
                keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/0pW-6K8OSdlNy_q_CK90j5xEXwM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.79.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         3e:79:75:d5:5d:05:2e:e0:ca:35:84:25:7c:cf:d1:5e:b3:94:
         d2:19:43:fd:6e:85:38:3f:95:a8:91:e7:42:be:8c:83:5d:dc:
         46:ca:b8:10:e9:b1:0f:44:e5:c1:4c:4f:87:a8:8e:f5:24:14:
         c8:a3:e2:9b:91:0f:d5:00:b2:bc:59:8e:7e:23:0e:44:00:8f:
         b5:08:8d:5c:7f:b8:ba:cb:ab:6e:44:fb:37:95:f7:d1:3a:ef:
         ce:2c:e9:7c:77:cb:c3:17:c1:48:a2:07:d0:51:fe:14:67:3d:
         6f:a4:63:8f:cf:00:3a:69:30:c4:5b:c1:cb:10:39:a0:a2:b5:
         eb:07:18:7c:99:1c:b1:df:9b:b7:83:7c:b5:06:c3:2c:8e:55:
         99:9f:21:d8:9f:dd:9b:5f:ee:28:e4:59:e9:fe:36:cf:ce:01:
         52:3c:b8:e4:b9:7e:e1:b5:39:8f:32:38:d7:4e:29:5d:bc:b3:
         71:e1:02:02:99:e5:fa:9c:43:fa:9e:63:f7:5d:14:b5:bb:2c:
         bc:2c:82:b0:40:20:40:bb:f6:20:d9:c1:11:6e:75:34:ea:2d:
         77:b9:8c:ae:39:63:ef:e9:a6:a4:5b:c5:f8:d0:c0:a1:be:c2:
         49:30:d4:e9:f9:84:04:a9:eb:9d:5e:e6:3f:e4:60:f6:da:4f:
         34:73:97:ca
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG
RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yMDA5Mjkx
MDAzNTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQyOTVCRUU4QUYwRTQ5
RDk0RENCRkFCRjA4QUY3NDhGOUM0NDVGMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlkCnCO5lNkUuUzZFkmalTQ6HxoqCzKsA0EaX73sCUm18f1t9s
adNDyFQrtQ96Dlyj730Nly21+RG+J1zJDDzh/D0oHwaY1pBq0hbeJwwe6zakX3Rp
bpg3TrT5q5UQ9pDs4a3Wd3YB1krjyHQNRNckT+X2ckXY0AL9NnjtR/W9C158i6xP
Fh0RlaGhAJcvMhkHRBO4MWUEtXAypJv0e5/9FFZpwVoF1IKxHHsmXAUG2D78AVUH
2xvi2vbpl3q7LmECwAlpZJUCPLf4oONFtDnCPhNOCCYVn2TextEx+v3oNbTrzbvo
vJgKiPWjmjhxWP5Ohikz4ijUzb2eQpXr4VzHAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU0pW+6K8OSdlNy/q/CK90j5xEXwMwHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ
7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm
NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOLzBwVy02SzhPU2RsTnlfcV9DSzkwajV4
RVh3TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXTT6AwDQYJ
KoZIhvcNAQELBQADggEBAD55ddVdBS7gyjWEJXzP0V6zlNIZQ/1uhTg/laiR50K+
jINd3EbKuBDpsQ9E5cFMT4eojvUkFMij4puRD9UAsrxZjn4jDkQAj7UIjVx/uLrL
q25E+zeV99E6784s6Xx3y8MXwUiiB9BR/hRnPW+kY4/PADppMMRbwcsQOaCitesH
GHyZHLHfm7eDfLUGwyyOVZmfIdif3Ztf7ijkWen+Ns/OAVI8uOS5fuG1OY8yONdO
KV28s3HhAgKZ5fqcQ/qeY/ddFLW7LLwsgrBAIEC79iDZwRFudTTqLXe5jK45Y+/p
pqRbxfjQwKG+wkkw1On5hASp651e5j/kYPbaTzRzl8o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org