Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/9iUSZf7G_NNTWo_NF5ldfI8AuIc.roa
File:                     9iUSZf7G_NNTWo_NF5ldfI8AuIc.roa (raw, json)
Hash identifier:          W12lVQFSRmUECmniy39m5WR89RAofPlpCV4NOzolX+c=
Subject key identifier:   F6:25:12:65:FE:C6:FC:D3:53:5A:8F:CD:17:99:5D:7C:8F:00:B8:87
Certificate issuer:       /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Certificate serial:       0A87
Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/9iUSZf7G_NNTWo_NF5ldfI8AuIc.roa
Signing time:             Thu 15 Sep 2022 02:38:41 +0000
ROA not before:           Thu 15 Sep 2022 02:38:41 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     4782
IP address blocks:        61.57.32.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2695 (0xa87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
        Validity
            Not Before: Sep 15 02:38:41 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=F6251265FEC6FCD3535A8FCD17995D7C8F00B887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:30:6f:bc:c5:5a:b3:80:4c:dd:5b:f5:1a:05:
                    8a:ed:5f:ec:7f:65:12:0b:2a:fa:66:fd:80:8a:78:
                    4d:6b:4a:25:fa:3a:26:f7:67:53:a8:2e:aa:af:94:
                    07:e2:48:d8:2e:a5:a2:e0:94:d6:0a:de:e9:d5:32:
                    2f:d0:63:5b:57:b4:10:9e:9a:e9:7b:f6:ff:27:aa:
                    20:f1:6a:4f:c5:d6:d4:bf:29:44:fa:0d:c0:45:71:
                    5b:e1:77:00:5a:ae:4b:ac:f4:ad:e8:e3:0a:97:10:
                    a5:25:7c:d0:c2:57:0f:b9:b9:1c:ae:d3:01:8f:43:
                    27:7e:af:2e:5a:bf:f9:ff:63:b9:7b:92:cc:e5:a7:
                    09:85:6c:17:0c:ec:fe:6b:de:ce:9a:13:8e:d2:73:
                    ce:0e:a8:22:4a:96:7f:7f:08:cf:2d:03:58:22:55:
                    62:a8:82:fa:7a:e3:93:5f:c8:57:a3:a7:37:3d:31:
                    d4:9a:39:b9:4f:95:7e:5d:33:79:6d:7d:ea:1e:4e:
                    dc:d2:65:31:10:15:ab:20:a5:c6:29:57:e6:4e:95:
                    fa:06:98:89:28:2b:c1:b3:e3:29:66:27:c4:52:a4:
                    14:e8:66:8c:3b:ab:ed:2b:da:f2:4b:df:b6:a2:78:
                    3d:ff:c6:bc:32:f2:5a:8a:22:f3:62:6b:fe:ad:8e:
                    15:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:25:12:65:FE:C6:FC:D3:53:5A:8F:CD:17:99:5D:7C:8F:00:B8:87
            X509v3 Authority Key Identifier:
                keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/9iUSZf7G_NNTWo_NF5ldfI8AuIc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.57.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         97:36:03:d1:1c:43:27:d3:63:f0:b0:7e:79:c9:53:fd:e6:a1:
         44:a5:16:4f:67:6c:71:5c:60:ac:cf:e9:ab:b8:92:d6:09:8a:
         eb:85:c8:38:7c:79:fa:9e:2d:c8:ca:d6:5b:52:66:1f:7b:b7:
         21:16:9e:b5:28:3b:e8:19:f1:f1:a3:48:70:0f:34:0e:29:4a:
         da:5f:d2:b4:a0:96:60:1a:a7:b7:3c:cf:f6:18:c7:fa:fd:ea:
         5f:fb:43:08:d9:b9:73:a0:84:33:97:62:2f:17:4d:cb:a2:d5:
         2f:ee:8e:56:25:4c:8d:04:04:c5:29:65:48:c4:8f:e2:c0:df:
         22:ac:00:cd:fb:4d:6d:6d:c2:6b:e2:7c:1a:d0:68:b3:bd:99:
         d0:f3:c4:32:35:5c:33:05:8b:a8:6b:14:a2:db:00:db:21:4c:
         20:59:d7:a1:ba:bf:3d:40:38:b6:72:d7:a4:a8:e1:4b:cd:57:
         a7:e1:5e:f8:b0:f7:7e:c0:73:d2:e5:2d:0a:0d:0f:aa:03:c8:
         cd:9c:1c:1b:86:9c:cc:35:4f:05:d3:89:a3:90:b7:ce:0a:ff:
         bb:ec:5f:f8:06:20:af:9a:84:58:9a:0e:e4:c8:58:5c:eb:0d:
         0b:e9:1d:7c:cf:7e:ff:5e:e2:a5:45:6b:48:c5:2f:8c:f0:10:
         2e:35:10:ed
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCocwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG
RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yMjA5MTUw
MjM4NDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY2MjUxMjY1RkVDNkZD
RDM1MzVBOEZDRDE3OTk1RDdDOEYwMEI4ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDMG+8xVqzgEzdW/UaBYrtX+x/ZRILKvpm/YCKeE1rSiX6Oib3
Z1OoLqqvlAfiSNgupaLglNYK3unVMi/QY1tXtBCemul79v8nqiDxak/F1tS/KUT6
DcBFcVvhdwBarkus9K3o4wqXEKUlfNDCVw+5uRyu0wGPQyd+ry5av/n/Y7l7kszl
pwmFbBcM7P5r3s6aE47Sc84OqCJKln9/CM8tA1giVWKogvp645NfyFejpzc9MdSa
OblPlX5dM3ltfeoeTtzSZTEQFasgpcYpV+ZOlfoGmIkoK8Gz4ylmJ8RSpBToZow7
q+0r2vJL37aieD3/xrwy8lqKIvNia/6tjhVRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU9iUSZf7G/NNTWo/NF5ldfI8AuIcwHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ
7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm
NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOLzlpVVNaZjdHX05OVFdvX05GNWxkZkk4
QXVJYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9OSAwDQYJ
KoZIhvcNAQELBQADggEBAJc2A9EcQyfTY/CwfnnJU/3moUSlFk9nbHFcYKzP6au4
ktYJiuuFyDh8efqeLcjK1ltSZh97tyEWnrUoO+gZ8fGjSHAPNA4pStpf0rSglmAa
p7c8z/YYx/r96l/7QwjZuXOghDOXYi8XTcui1S/ujlYlTI0EBMUpZUjEj+LA3yKs
AM37TW1twmvifBrQaLO9mdDzxDI1XDMFi6hrFKLbANshTCBZ16G6vz1AOLZy16So
4UvNV6fhXviw937Ac9LlLQoND6oDyM2cHBuGnMw1TwXTiaOQt84K/7vsX/gGIK+a
hFiaDuTIWFzrDQvpHXzPfv9e4qVFa0jFL4zwEC41EO0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org