Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/6OfHF9kzr9tC47T-yC7p_9hLcRc.roa
File:                     6OfHF9kzr9tC47T-yC7p_9hLcRc.roa (raw, json)
Hash identifier:          /l2ehC2BbR7Z5KdjeNNvZEJRk/gmeS1PLbF5wQfo4+g=
Subject key identifier:   E8:E7:C7:17:D9:33:AF:DB:42:E3:B4:FE:C8:2E:E9:FF:D8:4B:71:17
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0C6C
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/6OfHF9kzr9tC47T-yC7p_9hLcRc.roa
Signing time:             Wed 29 Sep 2021 02:51:15 +0000
ROA not before:           Wed 29 Sep 2021 02:51:15 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     15133
IP address blocks:        2001:b032:c101::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3180 (0xc6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 02:51:15 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=E8E7C717D933AFDB42E3B4FEC82EE9FFD84B7117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a3:b1:69:1f:73:92:bc:45:1a:e7:16:58:96:
                    ff:f7:ab:03:c3:66:b6:70:0c:33:9d:51:65:da:df:
                    f8:eb:20:d3:0f:8a:32:36:5f:7e:d7:8a:7d:ff:fa:
                    18:70:bc:d4:1b:a5:e6:5b:6f:c3:64:4c:53:64:83:
                    95:f0:31:99:21:53:9e:34:79:d1:6d:69:b8:31:fb:
                    6a:9c:90:30:47:17:c5:ce:0e:9c:44:c3:af:36:cc:
                    9d:ab:00:27:80:a2:77:ac:a1:ea:f2:95:cb:82:14:
                    30:a5:ea:da:92:45:08:24:0d:b2:3f:b4:c6:89:f4:
                    fc:c6:d0:77:1f:86:91:26:f6:dd:b1:eb:63:d0:9d:
                    69:cb:c2:d7:16:6c:d8:f5:56:7c:ea:e9:11:6e:fb:
                    51:2e:85:77:5d:7e:ff:be:11:08:bb:f0:fe:07:91:
                    d8:84:9e:55:dc:b0:f1:b7:40:9e:3e:ce:61:33:6c:
                    98:0c:ae:4f:92:50:c8:86:ff:3f:6a:64:4f:36:b1:
                    ed:09:07:b5:c3:2d:9c:17:9b:22:87:40:78:65:d0:
                    66:ab:e4:73:1c:cf:f7:ac:44:4b:f2:8d:da:fd:ae:
                    7d:f1:e2:71:5f:e8:e3:d5:81:93:c1:2b:2c:d0:b8:
                    da:64:5c:f9:e1:db:1e:c9:97:05:bf:d1:b1:d9:f5:
                    c2:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E7:C7:17:D9:33:AF:DB:42:E3:B4:FE:C8:2E:E9:FF:D8:4B:71:17
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/6OfHF9kzr9tC47T-yC7p_9hLcRc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:b032:c101::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:83:68:cd:9b:c6:39:a6:20:e9:39:0b:25:99:89:58:71:4e:
         61:d5:dc:10:d0:bd:b0:ea:e3:81:5b:00:0d:50:34:1d:f5:6a:
         91:3e:a4:9f:a1:f0:d7:b1:f7:5a:11:93:4f:63:7f:f1:54:65:
         ab:d8:0a:29:37:93:94:04:13:60:42:63:b7:1f:1f:1d:9b:3a:
         c3:8a:eb:df:cf:bc:ee:db:a8:ff:da:e5:92:f1:a0:ab:76:b0:
         dc:a6:79:f4:04:3b:f3:3b:0f:03:2c:50:e2:b3:a1:54:f2:bb:
         20:18:c3:3c:9b:50:86:e1:d7:e1:cd:0d:8e:6b:91:2b:5f:71:
         e5:35:84:7c:ef:74:83:1d:fc:43:8f:f9:80:b7:d8:1f:66:c9:
         97:0d:0d:c9:be:22:bc:65:4a:5e:4d:9d:5c:58:24:59:03:7a:
         6d:13:2f:3d:13:67:42:dd:a7:5a:cf:c8:c5:c0:5d:63:8f:2a:
         6b:e4:f1:bb:88:17:dc:bf:76:96:90:ae:f5:8b:ad:30:ef:6a:
         ae:06:15:51:15:13:5d:51:30:a5:5c:02:6c:d4:0a:0f:a8:ff:
         f0:77:02:a1:9e:89:af:85:d1:c9:b0:f5:f9:55:d6:dc:fd:71:
         33:00:bb:a3:f9:88:59:c8:59:51:91:d9:a8:be:de:34:6e:87:
         87:58:1f:22
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDGwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEU4RTdDNzE3RDkzM0FG
REI0MkUzQjRGRUM4MkVFOUZGRDg0QjcxMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPo7FpH3OSvEUa5xZYlv/3qwPDZrZwDDOdUWXa3/jrINMPijI2
X37Xin3/+hhwvNQbpeZbb8NkTFNkg5XwMZkhU540edFtabgx+2qckDBHF8XODpxE
w682zJ2rACeAonesoerylcuCFDCl6tqSRQgkDbI/tMaJ9PzG0HcfhpEm9t2x62PQ
nWnLwtcWbNj1Vnzq6RFu+1EuhXddfv++EQi78P4HkdiEnlXcsPG3QJ4+zmEzbJgM
rk+SUMiG/z9qZE82se0JB7XDLZwXmyKHQHhl0Gar5HMcz/esREvyjdr9rn3x4nFf
6OPVgZPBKyzQuNpkXPnh2x7JlwW/0bHZ9cJxAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQU6OfHF9kzr9tC47T+yC7p/9hLcRcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC82T2ZIRjlrenI5dEM0N1QteUM3
cF85aExjUmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw
MsEBMA0GCSqGSIb3DQEBCwUAA4IBAQBNg2jNm8Y5piDpOQslmYlYcU5h1dwQ0L2w
6uOBWwANUDQd9WqRPqSfofDXsfdaEZNPY3/xVGWr2AopN5OUBBNgQmO3Hx8dmzrD
iuvfz7zu26j/2uWS8aCrdrDcpnn0BDvzOw8DLFDis6FU8rsgGMM8m1CG4dfhzQ2O
a5ErX3HlNYR873SDHfxDj/mAt9gfZsmXDQ3JviK8ZUpeTZ1cWCRZA3ptEy89E2dC
3adaz8jFwF1jjypr5PG7iBfcv3aWkK71i60w72quBhVRFRNdUTClXAJs1AoPqP/w
dwKhnomvhdHJsPX5Vdbc/XEzALuj+YhZyFlRkdmovt40boeHWB8i
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org