Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ITRINET/xVzJ5YVgxJaIWk0uNPn46Vv_2B0.roa
File:                     xVzJ5YVgxJaIWk0uNPn46Vv_2B0.roa (raw, json)
Hash identifier:          3xZNfFmXer1qIW6ge20iZSwsWEbHU03VXf4s7ZDipZk=
Subject key identifier:   C5:5C:C9:E5:85:60:C4:96:88:5A:4D:2E:34:F9:F8:E9:5B:FF:D8:1D
Certificate issuer:       /CN=2F9BECFFE7DA09CA053A2F9681412B19FB004A74
Certificate serial:       0A33
Authority key identifier: 2F:9B:EC:FF:E7:DA:09:CA:05:3A:2F:96:81:41:2B:19:FB:00:4A:74
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/L5vs_-faCcoFOi-WgUErGfsASnQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ITRINET/xVzJ5YVgxJaIWk0uNPn46Vv_2B0.roa
Signing time:             Thu 15 Sep 2022 02:49:38 +0000
ROA not before:           Thu 15 Sep 2022 02:49:38 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18422
IP address blocks:        61.61.240.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2611 (0xa33)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F9BECFFE7DA09CA053A2F9681412B19FB004A74
        Validity
            Not Before: Sep 15 02:49:38 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C55CC9E58560C496885A4D2E34F9F8E95BFFD81D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f4:20:5e:10:62:c2:45:0d:b3:df:7f:9c:ce:
                    02:b6:49:c6:15:6d:e4:5f:21:e1:77:b9:d5:d4:a2:
                    cc:ff:51:d7:b7:ab:44:66:05:a7:cd:5d:cf:7b:3f:
                    e1:ff:10:02:68:5b:df:3c:af:b3:75:36:0b:f4:1b:
                    3a:a3:04:f0:4f:18:ac:3b:95:8c:e7:3d:1b:fb:3e:
                    73:65:47:f2:47:8b:0e:82:2d:e3:4e:b0:a4:cc:1e:
                    18:9d:57:60:bc:8d:2b:08:ee:b0:9c:3f:58:8f:a3:
                    e3:49:a0:93:7a:b0:5e:d8:98:2e:cb:5a:49:eb:ac:
                    1a:66:cf:6d:07:d1:ae:60:0e:c8:67:78:ac:da:01:
                    af:3d:31:17:d5:52:6d:f9:8b:69:e9:71:70:ce:4f:
                    88:e0:34:0a:ff:59:39:c2:bb:c7:d0:37:f7:00:2c:
                    c6:b6:c3:66:88:fb:e6:a5:6b:e3:cc:03:6b:1b:ff:
                    aa:df:8d:c1:e0:0e:40:6e:e6:51:9f:aa:dd:62:21:
                    f1:ce:ad:0c:6b:00:cc:ea:18:e2:57:f0:ee:80:3a:
                    42:b2:23:39:99:0d:ca:48:f3:8d:9b:78:6f:3f:46:
                    af:40:d5:dc:b9:16:43:f5:76:64:c4:e4:5d:43:ae:
                    7c:f0:86:7d:02:a2:ca:30:6d:3a:52:a1:5d:5d:cf:
                    dd:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:5C:C9:E5:85:60:C4:96:88:5A:4D:2E:34:F9:F8:E9:5B:FF:D8:1D
            X509v3 Authority Key Identifier:
                keyid:2F:9B:EC:FF:E7:DA:09:CA:05:3A:2F:96:81:41:2B:19:FB:00:4A:74

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ITRINET/L5vs_-faCcoFOi-WgUErGfsASnQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/L5vs_-faCcoFOi-WgUErGfsASnQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ITRINET/xVzJ5YVgxJaIWk0uNPn46Vv_2B0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a0:d1:84:a7:8f:29:ea:5f:0d:1d:1f:ca:69:c8:3f:c0:e7:da:
         eb:3f:fc:5b:04:1c:7a:6b:98:71:c7:dd:16:c9:ca:5c:7c:d1:
         04:71:0f:85:91:69:d4:4a:d7:b0:ad:e5:11:d6:c7:05:40:46:
         37:0b:60:ec:50:00:41:ba:1a:28:1b:02:ba:27:24:6f:7e:71:
         df:ec:1e:09:72:81:e8:7c:a0:53:e3:ba:3b:ec:c7:03:12:d1:
         30:28:d8:e1:98:79:c9:96:f2:e6:02:03:bd:ab:4c:bb:bc:dd:
         56:db:f4:b7:93:42:f5:cb:58:8b:d6:df:ca:bd:b7:68:83:69:
         d1:78:3e:3f:39:b3:2f:2c:f3:91:d2:09:bd:c3:39:42:9e:34:
         2d:3e:51:48:89:ba:60:b3:4c:4f:d8:c3:4f:f8:1f:11:a3:89:
         e6:33:90:ac:79:d0:46:ad:c4:51:25:53:04:62:fc:47:df:2b:
         24:16:9f:e7:08:f4:8c:79:59:d7:4c:2b:f2:93:65:38:3d:f2:
         f9:8c:c3:22:2e:7f:6e:45:fe:59:06:12:34:2c:3e:43:8c:05:
         87:c9:ef:11:3b:38:f1:49:03:6e:ad:69:5a:4b:58:cb:13:8d:
         10:c8:94:c4:78:65:cf:c6:48:08:cf:5d:79:8b:91:bc:47:d5:
         51:84:40:30
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCjMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkY5
QkVDRkZFN0RBMDlDQTA1M0EyRjk2ODE0MTJCMTlGQjAwNEE3NDAeFw0yMjA5MTUw
MjQ5MzhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM1NUNDOUU1ODU2MEM0
OTY4ODVBNEQyRTM0RjlGOEU5NUJGRkQ4MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC9CBeEGLCRQ2z33+czgK2ScYVbeRfIeF3udXUosz/Ude3q0Rm
BafNXc97P+H/EAJoW988r7N1Ngv0GzqjBPBPGKw7lYznPRv7PnNlR/JHiw6CLeNO
sKTMHhidV2C8jSsI7rCcP1iPo+NJoJN6sF7YmC7LWknrrBpmz20H0a5gDshneKza
Aa89MRfVUm35i2npcXDOT4jgNAr/WTnCu8fQN/cALMa2w2aI++ala+PMA2sb/6rf
jcHgDkBu5lGfqt1iIfHOrQxrAMzqGOJX8O6AOkKyIzmZDcpI842beG8/Rq9A1dy5
FkP1dmTE5F1Drnzwhn0CosowbTpSoV1dz93lAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxVzJ5YVgxJaIWk0uNPn46Vv/2B0wHwYDVR0jBBgwFoAUL5vs/+faCcoFOi+W
gUErGfsASnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSVRSSU5F
VC9MNXZzXy1mYUNjb0ZPaS1XZ1VFckdmc0FTblEuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0w1dnNfLWZhQ2NvRk9pLVdnVUVyR2ZzQVNuUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0lUUklORVQveFZ6SjVZVmd4SmFJV2sw
dU5QbjQ2VnZfMkIwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BD098DANBgkqhkiG9w0BAQsFAAOCAQEAoNGEp48p6l8NHR/Kacg/wOfa6z/8WwQc
emuYccfdFsnKXHzRBHEPhZFp1ErXsK3lEdbHBUBGNwtg7FAAQboaKBsCuickb35x
3+weCXKB6HygU+O6O+zHAxLRMCjY4Zh5yZby5gIDvatMu7zdVtv0t5NC9ctYi9bf
yr23aINp0Xg+PzmzLyzzkdIJvcM5Qp40LT5RSIm6YLNMT9jDT/gfEaOJ5jOQrHnQ
Rq3EUSVTBGL8R98rJBaf5wj0jHlZ10wr8pNlOD3y+YzDIi5/bkX+WQYSNCw+Q4wF
h8nvETs48UkDbq1pWktYyxONEMiUxHhlz8ZICM9deYuRvEfVUYRAMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org