Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/_3pcGG5CEpBBonkE-0GxJZIkibU.roa
File:                     _3pcGG5CEpBBonkE-0GxJZIkibU.roa (raw, json)
Hash identifier:          PfcCgf2qggUiFMJIDy13lemXISZB76JcKyYBhPqh8Yk=
Subject key identifier:   FF:7A:5C:18:6E:42:12:90:41:A2:79:04:FB:41:B1:25:92:24:89:B5
Certificate issuer:       /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial:       0798
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/_3pcGG5CEpBBonkE-0GxJZIkibU.roa
Signing time:             Tue 29 Sep 2020 10:04:26 +0000
ROA not before:           Tue 29 Sep 2020 10:04:26 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18042
IP address blocks:        61.63.0.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1944 (0x798)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
        Validity
            Not Before: Sep 29 10:04:26 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=FF7A5C186E42129041A27904FB41B125922489B5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0a:8f:c3:09:f6:12:93:0f:30:a0:d3:70:e0:
                    c8:66:73:ae:77:99:3d:d8:ac:16:40:c0:c9:57:6e:
                    41:db:b0:da:a5:45:1f:98:90:66:96:f8:7e:cb:0a:
                    02:f9:14:ac:3a:ee:5e:7b:2c:d0:47:3b:e3:20:e6:
                    da:16:4c:06:50:36:15:d8:e7:78:0c:a8:bc:ee:21:
                    37:08:26:89:31:bc:63:82:0d:f7:d3:64:e2:7e:d4:
                    b9:d3:dd:f9:c1:ed:f2:39:62:17:8e:81:6d:b2:5b:
                    e6:82:c4:dd:93:8b:69:02:3b:c5:99:c1:33:98:45:
                    e9:dd:1e:96:ef:49:f8:dc:84:e4:e8:9b:da:47:13:
                    74:5d:80:8e:53:01:b4:f2:d3:dc:33:ac:89:1f:87:
                    55:e0:db:c2:0b:cc:aa:6a:d0:58:db:30:a4:56:42:
                    43:a0:b1:7f:b7:2e:6a:64:b1:1b:3f:34:d4:ba:5c:
                    77:d8:f2:f1:a3:a4:29:55:52:dd:07:58:60:43:a6:
                    3c:25:33:7f:7c:f7:fa:eb:a3:0a:a0:de:54:cb:fc:
                    18:cb:59:d5:82:28:7e:ee:2d:fb:ae:5a:3e:2c:5c:
                    af:14:10:1d:c6:9a:4e:11:78:a9:e0:d5:85:86:05:
                    35:90:5b:7d:db:ad:84:c4:f9:2f:58:1a:33:4b:ad:
                    01:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:7A:5C:18:6E:42:12:90:41:A2:79:04:FB:41:B1:25:92:24:89:B5
            X509v3 Authority Key Identifier:
                keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/_3pcGG5CEpBBonkE-0GxJZIkibU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.63.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         97:d1:dc:f1:89:fe:72:4d:6b:21:cc:e4:2e:75:09:83:77:30:
         a3:29:d1:4e:0e:80:b1:b9:c7:92:e9:da:de:a4:36:9a:69:bb:
         46:53:e8:71:f4:68:7f:fb:bc:f1:15:95:77:80:12:2e:6a:72:
         a7:89:31:ac:e9:ff:2c:3e:fb:b2:2a:1c:d4:c2:bb:8e:9b:a5:
         9d:a5:6e:6e:7c:18:36:18:7d:7c:5f:35:65:f3:fd:12:4b:25:
         22:19:84:f9:e5:1c:7b:22:bd:21:1e:da:cf:16:31:ce:db:5b:
         3b:db:eb:a6:c3:bf:e7:e4:a8:0c:64:5a:d2:8c:bd:24:97:e5:
         e6:bb:a9:01:66:67:3e:41:4b:5f:6a:a2:71:c9:09:9b:ce:a0:
         5c:53:96:e0:be:34:4e:59:75:13:13:7b:63:66:33:3b:8b:33:
         d5:b9:ad:95:d8:d4:ae:f7:94:11:ad:62:29:89:f2:19:dd:be:
         ae:2f:4e:9c:e2:27:f3:c9:d6:75:a9:88:07:5a:67:61:1e:9f:
         59:ba:cc:dc:88:7b:e3:8e:69:3d:73:16:f6:70:c9:45:a6:43:
         51:8e:f6:03:ac:4b:85:66:4e:9f:68:df:d1:29:25:2f:e9:33:
         31:a8:73:38:72:d1:7f:83:87:e2:04:fe:46:71:27:8b:27:db:
         ed:ab:fe:e3
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMDA5Mjkx
MDA0MjZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEZGN0E1QzE4NkU0MjEy
OTA0MUEyNzkwNEZCNDFCMTI1OTIyNDg5QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7Co/DCfYSkw8woNNw4Mhmc653mT3YrBZAwMlXbkHbsNqlRR+Y
kGaW+H7LCgL5FKw67l57LNBHO+Mg5toWTAZQNhXY53gMqLzuITcIJokxvGOCDffT
ZOJ+1LnT3fnB7fI5YheOgW2yW+aCxN2Ti2kCO8WZwTOYRendHpbvSfjchOTom9pH
E3RdgI5TAbTy09wzrIkfh1Xg28ILzKpq0FjbMKRWQkOgsX+3LmpksRs/NNS6XHfY
8vGjpClVUt0HWGBDpjwlM3989/rrowqg3lTL/BjLWdWCKH7uLfuuWj4sXK8UEB3G
mk4ReKng1YWGBTWQW33brYTE+S9YGjNLrQHfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU/3pcGG5CEpBBonkE+0GxJZIkibUwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL18zcGNHRzVDRXBCQm9ua0UtMEd4SlpJ
a2liVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9PwAwDQYJ
KoZIhvcNAQELBQADggEBAJfR3PGJ/nJNayHM5C51CYN3MKMp0U4OgLG5x5Lp2t6k
Npppu0ZT6HH0aH/7vPEVlXeAEi5qcqeJMazp/yw++7IqHNTCu46bpZ2lbm58GDYY
fXxfNWXz/RJLJSIZhPnlHHsivSEe2s8WMc7bWzvb66bDv+fkqAxkWtKMvSSX5ea7
qQFmZz5BS19qonHJCZvOoFxTluC+NE5ZdRMTe2NmMzuLM9W5rZXY1K73lBGtYimJ
8hndvq4vTpziJ/PJ1nWpiAdaZ2Een1m6zNyIe+OOaT1zFvZwyUWmQ1GO9gOsS4Vm
Tp9o39EpJS/pMzGoczhy0X+Dh+IE/kZxJ4sn2+2r/uM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org