Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IMCLOUD/FSgEiKsRndLy3WLTnY_JWlVwiLQ.roa
File:                     FSgEiKsRndLy3WLTnY_JWlVwiLQ.roa (raw, json)
Hash identifier:          ok7mOz7Wvfeltky6jfqrxvZ2I5O0qRyJO9T+4RV6igM=
Subject key identifier:   15:28:04:88:AB:11:9D:D2:F2:DD:62:D3:9D:8F:C9:5A:55:70:88:B4
Certificate issuer:       /CN=61E0EE79428B85EDABB5F6EB9578EFB19E63C98F
Certificate serial:       0AE8
Authority key identifier: 61:E0:EE:79:42:8B:85:ED:AB:B5:F6:EB:95:78:EF:B1:9E:63:C9:8F
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/YeDueUKLhe2rtfbrlXjvsZ5jyY8.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCLOUD/FSgEiKsRndLy3WLTnY_JWlVwiLQ.roa
Signing time:             Mon 30 Nov 2020 17:45:42 +0000
ROA not before:           Mon 30 Nov 2020 17:45:42 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     134823
IP address blocks:        2404:a3c0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2792 (0xae8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61E0EE79428B85EDABB5F6EB9578EFB19E63C98F
        Validity
            Not Before: Nov 30 17:45:42 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=15280488AB119DD2F2DD62D39D8FC95A557088B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:94:cf:9e:dd:2d:40:86:5e:f1:df:a6:e7:bd:
                    0d:5c:58:6b:80:70:ec:62:0b:03:1c:52:93:b1:05:
                    45:c0:03:13:3b:4e:a5:45:ba:c1:26:4e:d1:55:fc:
                    c7:01:68:c7:1f:79:08:0e:23:5c:7b:5b:19:36:4e:
                    55:61:3b:af:3d:b6:8d:ad:5f:7b:56:51:ff:84:39:
                    31:60:d5:2d:2b:16:0b:9c:ce:03:70:fa:31:fb:6a:
                    6b:e0:c2:e6:cb:fd:15:8d:41:c8:cd:e7:33:2b:ec:
                    fa:c1:23:69:ae:5f:1b:46:26:fb:cd:b8:0f:c5:d7:
                    3f:f4:96:a4:dd:60:fd:57:33:51:38:b5:a9:53:95:
                    dc:95:d0:b7:af:8d:43:60:30:95:d0:6d:f4:0d:06:
                    b0:e1:c1:eb:5b:78:cd:c2:27:2b:13:13:45:70:f3:
                    3f:fa:42:91:0b:ca:13:3c:9f:71:8c:bb:13:a1:77:
                    53:35:f4:80:47:5f:a3:35:7c:46:9e:b3:96:30:e4:
                    7f:e0:f7:ba:03:60:84:ed:f6:a7:58:c6:90:2b:dd:
                    9f:00:94:92:20:05:2e:d3:8f:10:28:37:81:97:9b:
                    a5:3a:b8:05:10:81:0f:33:80:f1:af:3a:c3:89:d0:
                    7d:fd:3f:27:4b:be:49:2b:b0:2b:02:c5:b7:5e:5a:
                    82:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:28:04:88:AB:11:9D:D2:F2:DD:62:D3:9D:8F:C9:5A:55:70:88:B4
            X509v3 Authority Key Identifier:
                keyid:61:E0:EE:79:42:8B:85:ED:AB:B5:F6:EB:95:78:EF:B1:9E:63:C9:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCLOUD/YeDueUKLhe2rtfbrlXjvsZ5jyY8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YeDueUKLhe2rtfbrlXjvsZ5jyY8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCLOUD/FSgEiKsRndLy3WLTnY_JWlVwiLQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:a3c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:7b:23:65:98:33:c6:a5:51:9c:e1:aa:49:02:a0:60:e2:b8:
         00:3d:86:18:06:db:93:c8:06:6d:19:ea:b3:17:6c:1d:6c:d8:
         98:94:6b:1c:87:ef:7a:81:fa:45:84:04:19:aa:73:ac:7c:3e:
         bc:c4:c1:51:72:c6:cb:cc:84:f1:d2:64:72:4f:23:01:51:fa:
         11:d9:c2:11:2c:cc:03:d4:56:e1:ef:bf:c5:4c:f3:f1:60:d8:
         6a:d7:63:49:76:c1:87:ff:29:77:ce:7a:7d:34:71:85:76:b6:
         e3:47:36:b0:65:0b:8a:96:c6:fa:9b:ca:b3:52:db:a6:bd:d0:
         fb:40:94:a1:a4:20:47:5a:cc:68:a1:4e:69:4f:fd:10:64:3e:
         77:7f:4a:d4:ab:b7:96:19:d4:c6:c3:54:7e:21:55:c7:c8:27:
         c6:f4:aa:ce:71:01:90:a1:94:a3:85:87:f2:b7:af:fa:e5:f4:
         b3:59:fa:7e:fb:01:fa:14:fb:fb:0e:11:d2:db:b9:93:2e:85:
         80:26:d3:8f:5c:6b:85:36:fc:86:11:e7:23:31:5d:33:cd:d6:
         46:4a:1b:bd:c9:59:54:74:e9:4e:87:72:1c:12:13:35:7c:68:
         27:bf:5e:0d:e4:8c:ef:dc:0a:8c:32:a1:5d:62:41:1b:3c:b8:
         76:3b:4f:80
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICCugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjFF
MEVFNzk0MjhCODVFREFCQjVGNkVCOTU3OEVGQjE5RTYzQzk4RjAeFw0yMDExMzAx
NzQ1NDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDE1MjgwNDg4QUIxMTlE
RDJGMkRENjJEMzlEOEZDOTVBNTU3MDg4QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUlM+e3S1Ahl7x36bnvQ1cWGuAcOxiCwMcUpOxBUXAAxM7TqVF
usEmTtFV/McBaMcfeQgOI1x7Wxk2TlVhO689to2tX3tWUf+EOTFg1S0rFguczgNw
+jH7amvgwubL/RWNQcjN5zMr7PrBI2muXxtGJvvNuA/F1z/0lqTdYP1XM1E4talT
ldyV0LevjUNgMJXQbfQNBrDhwetbeM3CJysTE0Vw8z/6QpELyhM8n3GMuxOhd1M1
9IBHX6M1fEaes5Yw5H/g97oDYITt9qdYxpAr3Z8AlJIgBS7TjxAoN4GXm6U6uAUQ
gQ8zgPGvOsOJ0H39PydLvkkrsCsCxbdeWoLjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFSgEiKsRndLy3WLTnY/JWlVwiLQwHwYDVR0jBBgwFoAUYeDueUKLhe2rtfbr
lXjvsZ5jyY8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSU1DTE9V
RC9ZZUR1ZVVLTGhlMnJ0ZmJybFhqdnNaNWp5WTguY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1llRHVlVUtMaGUycnRmYnJsWGp2c1o1anlZOC5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0lNQ0xPVUQvRlNnRWlLc1JuZEx5M1dM
VG5ZX0pXbFZ3aUxRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQEo8AwDQYJKoZIhvcNAQELBQADggEBAC97I2WYM8alUZzhqkkCoGDiuAA9hhgG
25PIBm0Z6rMXbB1s2JiUaxyH73qB+kWEBBmqc6x8PrzEwVFyxsvMhPHSZHJPIwFR
+hHZwhEszAPUVuHvv8VM8/Fg2GrXY0l2wYf/KXfOen00cYV2tuNHNrBlC4qWxvqb
yrNS26a90PtAlKGkIEdazGihTmlP/RBkPnd/StSrt5YZ1MbDVH4hVcfIJ8b0qs5x
AZChlKOFh/K3r/rl9LNZ+n77AfoU+/sOEdLbuZMuhYAm049ca4U2/IYR5yMxXTPN
1kZKG73JWVR06U6HchwSEzV8aCe/Xg3kjO/cCowyoV1iQRs8uHY7T4A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org