Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/PiCubky6-GXoWD_ej3yS02IzZXQ.roa
File:                     PiCubky6-GXoWD_ej3yS02IzZXQ.roa (raw, json)
Hash identifier:          rnKewScWCagBh4gx1zfanYJIMzAdyRBc+GxJmmiRtCs=
Subject key identifier:   3E:20:AE:6E:4C:BA:F8:65:E8:58:3F:DE:8F:7C:92:D3:62:33:65:74
Certificate issuer:       /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial:       079A
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/PiCubky6-GXoWD_ej3yS02IzZXQ.roa
Signing time:             Tue 29 Sep 2020 10:04:26 +0000
ROA not before:           Tue 29 Sep 2020 10:04:26 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18042
IP address blocks:        61.63.87.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1946 (0x79a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
        Validity
            Not Before: Sep 29 10:04:26 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=3E20AE6E4CBAF865E8583FDE8F7C92D362336574
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:3b:76:ba:75:99:6b:29:c5:6d:b2:de:0f:63:
                    9a:9a:92:2e:c5:d1:e2:f8:ff:3c:04:c6:0e:02:01:
                    c1:ae:70:a6:7f:55:9b:c7:8f:e6:b5:d9:40:12:90:
                    90:28:55:02:db:b7:bb:43:76:6b:74:88:ec:b8:dd:
                    e1:45:d9:fe:49:a8:a9:52:de:81:e5:68:5e:8e:0c:
                    ac:02:94:0c:80:c9:7c:aa:4b:e6:ed:60:cf:89:a3:
                    5a:09:19:c2:e7:7c:7d:6b:e3:55:5e:7f:ec:26:73:
                    14:b8:fe:55:30:10:38:4d:c2:cc:2c:50:59:54:6a:
                    b3:90:09:b5:cb:2f:bc:08:48:34:30:ba:b6:24:85:
                    f2:d7:15:80:39:17:2f:37:17:90:64:b0:37:4d:6c:
                    2d:fe:f4:a6:f4:71:6f:8e:92:14:bd:b1:8b:d7:1b:
                    bd:92:e6:bf:54:9a:eb:92:8d:3d:14:03:ae:7e:a8:
                    78:b9:a1:0a:59:8e:ea:23:9b:11:69:7c:19:f5:ed:
                    fa:96:6a:90:e3:41:a7:73:4d:6d:ff:bc:68:10:eb:
                    dc:0e:36:4a:bd:5b:50:a6:0c:d0:1c:2d:92:b2:a1:
                    7a:6f:9f:e8:0b:f1:a8:a6:64:fd:6d:3a:35:41:d2:
                    42:88:da:02:5c:e5:28:ca:d9:f9:40:24:58:2a:ad:
                    2b:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:20:AE:6E:4C:BA:F8:65:E8:58:3F:DE:8F:7C:92:D3:62:33:65:74
            X509v3 Authority Key Identifier:
                keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/PiCubky6-GXoWD_ej3yS02IzZXQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.63.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:1e:8f:ce:4c:b7:cd:65:d8:51:ec:a1:d3:81:d8:be:fd:7d:
         60:55:7f:f7:59:e2:f9:8d:ef:7e:b8:fb:a1:79:99:8e:8f:ae:
         e3:80:c8:08:38:9d:6d:03:9a:17:b4:c7:26:b4:14:17:68:0e:
         59:91:50:78:37:a8:54:d3:fb:78:6a:c9:ee:a6:ac:0f:38:90:
         dd:ab:78:8e:82:6b:48:b7:18:90:47:e8:fd:52:e8:ed:c1:d4:
         1f:99:21:53:de:16:7d:3b:02:6d:3f:b7:24:20:4e:16:a2:6a:
         68:1e:e0:54:f6:cc:b1:4d:7b:fa:e0:81:f7:b7:e4:69:dc:76:
         7c:d0:fa:2a:f4:17:ba:c4:26:c8:e4:d0:e8:c4:1f:ee:80:1f:
         80:c3:14:62:cb:d5:d9:7a:b5:1c:ff:ff:90:34:74:a7:b5:f2:
         fe:59:42:6e:60:c9:07:4a:39:25:9c:bc:4d:f9:42:67:97:61:
         34:79:4d:d7:89:38:3d:27:d4:60:62:c4:78:c7:c9:af:c5:69:
         75:c2:21:8a:12:03:42:a8:29:e4:2b:4e:d7:84:6f:4e:90:51:
         95:fd:75:8d:75:b7:36:5a:9a:c2:ee:f8:c6:a0:d4:18:33:1f:
         fd:90:6e:d6:04:cb:42:3b:d3:d0:9a:2b:9e:3a:fd:3c:07:38:
         a0:7a:7d:63
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMDA5Mjkx
MDA0MjZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNFMjBBRTZFNENCQUY4
NjVFODU4M0ZERThGN0M5MkQzNjIzMzY1NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOO3a6dZlrKcVtst4PY5qaki7F0eL4/zwExg4CAcGucKZ/VZvH
j+a12UASkJAoVQLbt7tDdmt0iOy43eFF2f5JqKlS3oHlaF6ODKwClAyAyXyqS+bt
YM+Jo1oJGcLnfH1r41Vef+wmcxS4/lUwEDhNwswsUFlUarOQCbXLL7wISDQwurYk
hfLXFYA5Fy83F5BksDdNbC3+9Kb0cW+OkhS9sYvXG72S5r9UmuuSjT0UA65+qHi5
oQpZjuojmxFpfBn17fqWapDjQadzTW3/vGgQ69wONkq9W1CmDNAcLZKyoXpvn+gL
8aimZP1tOjVB0kKI2gJc5SjK2flAJFgqrSsnAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUPiCubky6+GXoWD/ej3yS02IzZXQwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1BpQ3Via3k2LUdYb1dEX2VqM3lTMDJJ
elpYUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9P1cwDQYJ
KoZIhvcNAQELBQADggEBABwej85Mt81l2FHsodOB2L79fWBVf/dZ4vmN7364+6F5
mY6PruOAyAg4nW0Dmhe0xya0FBdoDlmRUHg3qFTT+3hqye6mrA84kN2reI6Ca0i3
GJBH6P1S6O3B1B+ZIVPeFn07Am0/tyQgThaiamge4FT2zLFNe/rggfe35GncdnzQ
+ir0F7rEJsjk0OjEH+6AH4DDFGLL1dl6tRz//5A0dKe18v5ZQm5gyQdKOSWcvE35
QmeXYTR5TdeJOD0n1GBixHjHya/FaXXCIYoSA0KoKeQrTteEb06QUZX9dY11tzZa
msLu+Mag1BgzH/2QbtYEy0I709CaK546/TwHOKB6fWM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org