Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/2H-6d3gcBhZ3VGY2ds6euTxoQys.roa
File:                     2H-6d3gcBhZ3VGY2ds6euTxoQys.roa (raw, json)
Hash identifier:          nJgfj03knHb1ltJPC+sab/1Y6dwwnmd1JF7VWfKvjxs=
Subject key identifier:   D8:7F:BA:77:78:1C:06:16:77:54:66:36:76:CE:9E:B9:3C:68:43:2B
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       0910
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/2H-6d3gcBhZ3VGY2ds6euTxoQys.roa
Signing time:             Sun 07 Feb 2021 11:42:34 +0000
ROA not before:           Sun 07 Feb 2021 11:42:34 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9922
IP address blocks:        61.61.76.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2320 (0x910)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Feb  7 11:42:34 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=D87FBA77781C06167754663676CE9EB93C68432B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d7:8c:8f:b8:e7:d6:de:6e:9e:02:0a:57:1e:
                    87:eb:ab:92:0e:47:19:0c:f5:d4:bc:5c:61:74:99:
                    12:67:90:f4:af:39:78:2b:16:2d:0e:bd:b7:e1:a2:
                    af:12:68:5d:3a:f6:41:de:4a:7e:2c:9b:88:2c:be:
                    3e:6e:3a:68:33:69:17:29:dd:4e:92:8a:c0:30:57:
                    cb:f1:e6:d3:37:74:20:b5:fd:79:74:ea:ac:6a:81:
                    32:1f:bb:2b:2f:b2:7e:ed:c0:b7:42:9e:49:fe:fd:
                    0e:a0:3a:4e:62:02:57:bc:5e:c2:45:3a:62:87:e5:
                    95:59:65:73:16:bd:a6:6b:58:2d:16:4b:94:2b:d8:
                    60:c4:c6:e9:ac:2d:dd:6a:32:fb:fb:61:19:f5:5d:
                    19:7d:8d:d3:9a:5f:bc:02:74:f4:52:6a:f6:5e:38:
                    b1:fd:f8:91:84:fb:65:4c:00:53:6c:65:82:04:3c:
                    83:36:5b:0a:6a:a6:de:ea:84:27:84:e0:f7:28:a7:
                    77:32:58:2d:fe:9b:15:64:c8:e2:da:6d:7e:a8:43:
                    8e:d5:7b:93:a5:84:bb:4b:e3:ec:b1:fc:9b:d0:70:
                    6a:0a:51:da:80:c7:6f:c9:a4:7c:03:da:83:d4:30:
                    6b:68:bf:72:c8:fb:ad:72:c7:ad:6c:6e:f2:76:e1:
                    ed:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:7F:BA:77:78:1C:06:16:77:54:66:36:76:CE:9E:B9:3C:68:43:2B
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/2H-6d3gcBhZ3VGY2ds6euTxoQys.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:82:a9:4c:e5:81:0e:8e:12:9a:ae:70:60:8c:86:df:9b:bd:
         74:99:be:72:02:1c:f2:76:fb:24:ad:d2:2b:20:8a:23:ad:97:
         b0:74:ff:70:ac:3e:74:40:86:24:ae:3f:2e:3f:a0:22:de:bb:
         f2:5a:05:e5:ba:d0:5a:8e:ea:65:37:e5:95:32:7d:d1:77:07:
         95:0d:ec:ff:3e:42:6a:9f:e8:27:45:5a:9e:cc:51:5a:30:30:
         e6:55:ed:74:28:40:ad:99:59:8d:7f:3c:b8:8f:28:65:23:49:
         8e:92:e8:1e:6f:9b:7c:5c:f2:b6:a8:4b:da:12:70:cf:05:e5:
         fd:45:da:c4:80:24:d5:d3:2a:db:db:4f:45:99:6d:48:1c:fa:
         2f:74:c0:ba:95:46:3f:5c:68:bb:8a:79:db:20:1a:45:c8:84:
         84:67:46:46:00:31:4c:94:8d:ed:e2:2a:8e:6e:0d:e6:44:00:
         f4:0c:aa:15:48:4c:e5:ce:c6:75:5f:19:3c:fc:59:d8:1d:c0:
         0a:bb:4b:32:fa:3a:a9:69:ec:09:69:39:0f:32:f9:73:ea:d0:
         27:b7:8e:50:4b:07:44:0f:2d:ae:57:bf:7e:a5:16:b9:88:98:
         e2:13:d5:01:2e:29:9a:20:87:bd:22:ef:40:3d:56:e9:18:61:
         35:ee:4d:e6
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCRAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTAyMDcx
MTQyMzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ4N0ZCQTc3NzgxQzA2
MTY3NzU0NjYzNjc2Q0U5RUI5M0M2ODQzMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq14yPuOfW3m6eAgpXHofrq5IORxkM9dS8XGF0mRJnkPSvOXgr
Fi0Ovbfhoq8SaF069kHeSn4sm4gsvj5uOmgzaRcp3U6SisAwV8vx5tM3dCC1/Xl0
6qxqgTIfuysvsn7twLdCnkn+/Q6gOk5iAle8XsJFOmKH5ZVZZXMWvaZrWC0WS5Qr
2GDExumsLd1qMvv7YRn1XRl9jdOaX7wCdPRSavZeOLH9+JGE+2VMAFNsZYIEPIM2
Wwpqpt7qhCeE4Pcop3cyWC3+mxVkyOLabX6oQ47Ve5OlhLtL4+yx/JvQcGoKUdqA
x2/JpHwD2oPUMGtov3LI+61yx61sbvJ24e1VAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU2H+6d3gcBhZ3VGY2ds6euTxoQyswHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzJILTZkM2djQmhaM1ZHWTJkczZldVR4
b1F5cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PUwwDQYJ
KoZIhvcNAQELBQADggEBACqCqUzlgQ6OEpqucGCMht+bvXSZvnICHPJ2+ySt0isg
iiOtl7B0/3CsPnRAhiSuPy4/oCLeu/JaBeW60FqO6mU35ZUyfdF3B5UN7P8+Qmqf
6CdFWp7MUVowMOZV7XQoQK2ZWY1/PLiPKGUjSY6S6B5vm3xc8raoS9oScM8F5f1F
2sSAJNXTKtvbT0WZbUgc+i90wLqVRj9caLuKedsgGkXIhIRnRkYAMUyUje3iKo5u
DeZEAPQMqhVITOXOxnVfGTz8WdgdwAq7SzL6Oqlp7AlpOQ8y+XPq0Ce3jlBLB0QP
La5Xv36lFrmImOIT1QEuKZogh70i70A9VukYYTXuTeY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org