Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IMCLOUD/XqUDmqRNTue7WBt2L0x1sIPvKes.roa
File:                     XqUDmqRNTue7WBt2L0x1sIPvKes.roa (raw, json)
Hash identifier:          LgWMZwkBEoy4KgNSRLt83aL2VeopjITaKS4wNQNRpUc=
Subject key identifier:   5E:A5:03:9A:A4:4D:4E:E7:BB:58:1B:76:2F:4C:75:B0:83:EF:29:EB
Certificate issuer:       /CN=61E0EE79428B85EDABB5F6EB9578EFB19E63C98F
Certificate serial:       0C3B
Authority key identifier: 61:E0:EE:79:42:8B:85:ED:AB:B5:F6:EB:95:78:EF:B1:9E:63:C9:8F
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/YeDueUKLhe2rtfbrlXjvsZ5jyY8.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCLOUD/XqUDmqRNTue7WBt2L0x1sIPvKes.roa
Signing time:             Thu 14 Apr 2022 13:17:20 +0000
ROA not before:           Thu 14 Apr 2022 13:17:20 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9833
IP address blocks:        2404:a3c0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3131 (0xc3b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61E0EE79428B85EDABB5F6EB9578EFB19E63C98F
        Validity
            Not Before: Apr 14 13:17:20 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=5EA5039AA44D4EE7BB581B762F4C75B083EF29EB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:29:af:03:0d:f9:fa:2d:27:cf:db:f3:72:f0:
                    b0:d6:06:64:65:af:c2:06:91:65:f8:82:1e:a3:5d:
                    5b:c2:32:64:8e:fe:48:cb:3e:90:fb:6b:d7:e3:ca:
                    ab:fd:66:6a:50:14:09:8b:7d:9f:1b:dd:bb:0b:58:
                    2d:08:a3:e2:21:8c:b1:6f:6c:39:b7:d6:0a:db:49:
                    cb:32:a1:cb:f0:19:a7:6b:d2:74:cd:ee:dc:cf:38:
                    d0:3f:27:91:5b:73:64:a3:af:83:73:f1:a9:24:f0:
                    68:fd:2d:79:5f:cc:e9:40:c5:2a:75:95:9d:60:e5:
                    76:31:7e:93:2c:5e:48:f8:b2:b8:e9:bd:57:c1:4b:
                    fa:7e:9c:11:76:e4:50:80:81:eb:56:97:91:59:b1:
                    40:88:52:47:3d:69:b8:20:5d:6e:7b:b1:d5:c3:53:
                    d9:f2:72:bf:ae:11:1a:1c:09:36:e6:3b:0a:cc:62:
                    1f:f9:d8:59:68:3b:19:a9:3c:c8:b5:24:e7:93:03:
                    77:ad:ad:5c:a0:92:c3:8f:34:4e:f8:6e:da:5c:da:
                    39:eb:27:cd:57:46:ae:7b:6b:59:df:d5:7d:63:19:
                    ad:df:e3:f5:5e:4b:6b:15:ef:7c:82:27:00:3c:f5:
                    f1:47:88:59:76:98:62:67:2b:3d:fa:e8:65:93:1b:
                    80:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:A5:03:9A:A4:4D:4E:E7:BB:58:1B:76:2F:4C:75:B0:83:EF:29:EB
            X509v3 Authority Key Identifier:
                keyid:61:E0:EE:79:42:8B:85:ED:AB:B5:F6:EB:95:78:EF:B1:9E:63:C9:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCLOUD/YeDueUKLhe2rtfbrlXjvsZ5jyY8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YeDueUKLhe2rtfbrlXjvsZ5jyY8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCLOUD/XqUDmqRNTue7WBt2L0x1sIPvKes.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:a3c0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:0b:3b:43:52:68:f7:1c:f0:8d:fd:ba:c8:a6:b0:42:38:6c:
         d5:b4:8d:68:9f:35:cb:8b:65:73:d8:cf:d3:34:44:24:27:58:
         14:dd:f0:76:10:70:a9:78:ff:92:f5:e5:97:18:dd:8f:a8:e1:
         c1:41:00:75:ab:4a:66:0a:74:6c:57:16:aa:3d:0f:6d:7e:37:
         51:4a:53:13:6e:dc:72:bd:aa:9f:4c:ef:bc:35:a6:82:13:a6:
         51:3b:b8:69:48:e4:e4:fd:45:4b:a5:7d:ee:fc:6d:f0:9a:29:
         33:b2:6b:a2:ea:eb:dc:bf:c4:07:55:f2:ca:9c:c4:0b:73:4d:
         22:e8:cd:7c:b9:04:55:fd:e6:f3:32:5c:c3:3a:7d:ad:26:b1:
         fa:2e:90:14:28:4a:c6:5d:79:c2:e3:68:2e:4a:f5:7d:1a:68:
         dd:2c:50:de:f7:99:b5:c8:8d:0b:d3:ad:4c:b3:64:92:09:8b:
         05:04:98:f5:27:af:6f:5a:3b:f6:5b:4c:71:cc:01:2d:4d:dd:
         76:c1:db:4e:04:fd:4f:df:fe:59:d9:90:7f:e5:2e:7e:04:d3:
         fb:60:94:06:38:87:77:50:7c:c0:bc:cf:52:2f:95:3b:24:eb:
         c8:2c:30:ce:e3:02:7c:44:f4:8f:14:7c:25:56:ad:71:de:e5:
         40:78:4d:87
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDDswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjFF
MEVFNzk0MjhCODVFREFCQjVGNkVCOTU3OEVGQjE5RTYzQzk4RjAeFw0yMjA0MTQx
MzE3MjBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDVFQTUwMzlBQTQ0RDRF
RTdCQjU4MUI3NjJGNEM3NUIwODNFRjI5RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Ka8DDfn6LSfP2/Ny8LDWBmRlr8IGkWX4gh6jXVvCMmSO/kjL
PpD7a9fjyqv9ZmpQFAmLfZ8b3bsLWC0Io+IhjLFvbDm31grbScsyocvwGadr0nTN
7tzPONA/J5Fbc2Sjr4Nz8akk8Gj9LXlfzOlAxSp1lZ1g5XYxfpMsXkj4srjpvVfB
S/p+nBF25FCAgetWl5FZsUCIUkc9abggXW57sdXDU9nycr+uERocCTbmOwrMYh/5
2FloOxmpPMi1JOeTA3etrVygksOPNE74btpc2jnrJ81XRq57a1nf1X1jGa3f4/Ve
S2sV73yCJwA89fFHiFl2mGJnKz366GWTG4BZAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUXqUDmqRNTue7WBt2L0x1sIPvKeswHwYDVR0jBBgwFoAUYeDueUKLhe2rtfbr
lXjvsZ5jyY8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSU1DTE9V
RC9ZZUR1ZVVLTGhlMnJ0ZmJybFhqdnNaNWp5WTguY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1llRHVlVUtMaGUycnRmYnJsWGp2c1o1anlZOC5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0lNQ0xPVUQvWHFVRG1xUk5UdWU3V0J0
MkwweDFzSVB2S2VzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACQEo8AAATANBgkqhkiG9w0BAQsFAAOCAQEAEQs7Q1Jo9xzwjf26yKawQjhs1bSN
aJ81y4tlc9jP0zREJCdYFN3wdhBwqXj/kvXllxjdj6jhwUEAdatKZgp0bFcWqj0P
bX43UUpTE27ccr2qn0zvvDWmghOmUTu4aUjk5P1FS6V97vxt8JopM7Jrourr3L/E
B1XyypzEC3NNIujNfLkEVf3m8zJcwzp9rSax+i6QFChKxl15wuNoLkr1fRpo3SxQ
3veZtciNC9OtTLNkkgmLBQSY9Sevb1o79ltMccwBLU3ddsHbTgT9T9/+WdmQf+Uu
fgTT+2CUBjiHd1B8wLzPUi+VOyTryCwwzuMCfET0jxR8JVatcd7lQHhNhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org