Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/lQvkTs4Ymy_xMOr0exPGhxPv9og.roa
File:                     lQvkTs4Ymy_xMOr0exPGhxPv9og.roa (raw, json)
Hash identifier:          fCSUTE/gijRx6N818SJlKmyOaokQn434CTuffSpGGjY=
Subject key identifier:   95:0B:E4:4E:CE:18:9B:2F:F1:30:EA:F4:7B:13:C6:87:13:EF:F6:88
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       084D
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/lQvkTs4Ymy_xMOr0exPGhxPv9og.roa
Signing time:             Tue 29 Sep 2020 09:58:35 +0000
ROA not before:           Tue 29 Sep 2020 09:58:35 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     20940
IP address blocks:        2001:b034:700:600::/56 maxlen: 56

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2125 (0x84d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 29 09:58:35 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=950BE44ECE189B2FF130EAF47B13C68713EFF688
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ff:4c:cf:8e:4b:76:72:00:14:62:d0:28:ae:
                    25:e6:8a:56:17:8e:d1:fa:88:48:2a:89:30:16:be:
                    b6:89:d4:7c:96:46:3d:b5:88:db:63:0f:a9:29:11:
                    76:d5:82:6b:b5:b1:4b:59:fb:dc:84:7b:f3:75:14:
                    7f:9a:04:a2:eb:21:6b:8f:28:e7:91:b1:34:a3:02:
                    21:c5:ae:0f:c6:3c:f5:8f:80:4a:98:be:1c:69:ac:
                    69:8e:a0:c7:94:49:4b:6c:67:9f:a1:a1:67:4e:1a:
                    c6:06:d0:79:ab:6c:61:2f:e4:9b:96:a8:23:9b:66:
                    66:22:95:f3:8c:cd:31:6a:e0:8f:22:db:4d:dc:ee:
                    51:33:fd:72:98:27:c2:b5:3c:f5:cb:14:c8:69:e7:
                    4f:c8:63:fb:48:97:6f:cf:12:b5:59:6b:68:fb:ab:
                    ae:16:c3:a6:b9:21:cf:6e:f5:76:22:83:5d:0d:e2:
                    ea:93:8b:b4:5d:a7:9d:85:22:7e:4a:86:f9:77:5d:
                    f3:59:b2:92:e1:82:00:49:6d:38:8d:1a:7d:75:c2:
                    71:2c:0a:cc:af:b4:c9:4d:cd:06:66:12:93:12:7c:
                    a8:a5:ac:1c:56:e8:7d:80:d4:ca:a4:e3:07:69:d3:
                    6b:37:9c:8f:e3:d7:ee:10:bf:14:c1:20:52:8c:2b:
                    e7:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:0B:E4:4E:CE:18:9B:2F:F1:30:EA:F4:7B:13:C6:87:13:EF:F6:88
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/lQvkTs4Ymy_xMOr0exPGhxPv9og.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:b034:700:600::/56

    Signature Algorithm: sha256WithRSAEncryption
         80:17:17:42:52:6c:d7:52:f6:54:34:b8:c1:06:dd:74:a0:6c:
         6e:09:92:49:37:e4:dd:f1:05:af:eb:35:aa:d3:c2:44:b0:c3:
         2a:fe:29:0c:34:92:46:16:36:ce:0f:c7:2f:97:36:5e:83:31:
         52:d4:0a:5e:aa:0f:22:bf:8b:23:c0:fe:8e:02:3a:8c:cb:28:
         e4:fc:69:77:e4:50:33:02:8a:fd:91:74:06:23:50:dc:96:c9:
         d8:fd:e6:52:3b:50:e8:fe:88:57:cb:ec:11:c9:9e:3f:9a:a3:
         a2:1b:6a:d2:67:ed:f4:d7:c9:52:05:7b:cb:22:b9:60:4a:85:
         1a:cb:4c:30:c8:f2:90:9d:33:8e:a2:8e:6a:b8:21:d8:24:58:
         cf:2d:77:4b:89:46:e3:62:6e:d4:0d:6d:5d:2b:42:ef:ff:43:
         e5:46:c3:a6:42:a2:82:14:40:b6:0c:43:74:9e:c2:c6:bc:d7:
         a7:f4:e6:e4:bc:e1:08:93:3c:ab:29:27:9e:9f:93:3a:49:c2:
         a2:01:db:bc:37:ac:b4:8b:15:af:d1:93:6a:a1:2b:b8:27:3c:
         e5:17:ab:d5:f4:13:be:20:d1:3b:c7:d8:31:22:aa:f0:c2:d4:
         ee:a2:41:b6:41:b1:95:de:14:c8:55:dd:e2:b1:96:e7:94:18:
         68:5f:c5:af
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4MzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDk1MEJFNDRFQ0UxODlC
MkZGMTMwRUFGNDdCMTNDNjg3MTNFRkY2ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9/0zPjkt2cgAUYtAoriXmilYXjtH6iEgqiTAWvraJ1HyWRj21
iNtjD6kpEXbVgmu1sUtZ+9yEe/N1FH+aBKLrIWuPKOeRsTSjAiHFrg/GPPWPgEqY
vhxprGmOoMeUSUtsZ5+hoWdOGsYG0HmrbGEv5JuWqCObZmYilfOMzTFq4I8i203c
7lEz/XKYJ8K1PPXLFMhp50/IY/tIl2/PErVZa2j7q64Ww6a5Ic9u9XYig10N4uqT
i7Rdp52FIn5Khvl3XfNZspLhggBJbTiNGn11wnEsCsyvtMlNzQZmEpMSfKilrBxW
6H2A1Mqk4wdp02s3nI/j1+4QvxTBIFKMK+dRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUlQvkTs4Ymy/xMOr0exPGhxPv9ogwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9sUXZrVHM0WW15X3hNT3IwZXhQ
R2h4UHY5b2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAAjAKAwgAIAGw
NAcABjANBgkqhkiG9w0BAQsFAAOCAQEAgBcXQlJs11L2VDS4wQbddKBsbgmSSTfk
3fEFr+s1qtPCRLDDKv4pDDSSRhY2zg/HL5c2XoMxUtQKXqoPIr+LI8D+jgI6jMso
5Pxpd+RQMwKK/ZF0BiNQ3JbJ2P3mUjtQ6P6IV8vsEcmeP5qjohtq0mft9NfJUgV7
yyK5YEqFGstMMMjykJ0zjqKOargh2CRYzy13S4lG42Ju1A1tXStC7/9D5UbDpkKi
ghRAtgxDdJ7CxrzXp/Tm5LzhCJM8qyknnp+TOknCogHbvDestIsVr9GTaqEruCc8
5Rer1fQTviDRO8fYMSKq8MLU7qJBtkGxld4UyFXd4rGW55QYaF/Frw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org