Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/60ytzhBt95B9ZnBBkA2bsJ4ZtUc.roa
File:                     60ytzhBt95B9ZnBBkA2bsJ4ZtUc.roa (raw, json)
Hash identifier:          2kDjQ+MsUqmNbFuMLq5RoiNriGQbIaExlVL1+4RFZ2U=
Subject key identifier:   EB:4C:AD:CE:10:6D:F7:90:7D:66:70:41:90:0D:9B:B0:9E:19:B5:47
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       09E4
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/60ytzhBt95B9ZnBBkA2bsJ4ZtUc.roa
Signing time:             Wed 29 Sep 2021 02:52:19 +0000
ROA not before:           Wed 29 Sep 2021 02:52:19 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     4780
IP address blocks:        61.61.0.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2532 (0x9e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Sep 29 02:52:19 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=EB4CADCE106DF7907D667041900D9BB09E19B547
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:7e:01:1c:17:6e:28:45:6b:5c:49:95:4c:b5:
                    bc:5e:5e:ec:9b:73:32:ed:01:67:a1:63:32:9b:62:
                    ad:11:92:ba:be:7f:ab:52:32:eb:52:d7:72:cd:fe:
                    8c:79:f9:9c:99:4f:1b:b9:3e:7c:86:a6:11:f2:c9:
                    8f:44:f3:02:08:31:db:d0:a0:f9:63:71:df:29:8e:
                    3f:75:90:c8:12:2c:6c:e9:ad:b8:e4:1d:2d:e7:31:
                    ba:c4:a4:14:1f:a5:b7:e8:57:01:7b:48:39:4a:56:
                    7b:87:ce:db:9b:11:bd:58:cf:1c:d7:29:18:cf:08:
                    76:9f:61:39:04:35:f8:f0:15:89:2d:39:c0:4d:97:
                    2c:40:2e:02:95:85:d9:a3:fd:a1:72:20:a6:eb:b9:
                    c5:1b:21:93:33:0b:9b:6d:ff:8d:9d:e7:ae:be:ea:
                    04:a7:b9:2f:8e:8b:3a:a7:c6:8c:e3:b9:12:ea:db:
                    b9:cd:74:4c:6a:66:fd:22:49:95:45:2c:20:6c:bc:
                    77:32:c9:60:fc:60:66:d3:3e:cf:ff:32:ec:2e:37:
                    9f:c9:62:49:76:d6:70:cb:2d:aa:6d:d7:54:ee:d3:
                    2e:11:ed:51:34:34:38:aa:f4:8b:c5:0b:53:f2:33:
                    37:b1:19:6c:c4:16:4e:23:38:51:2a:10:c6:b3:d2:
                    42:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:4C:AD:CE:10:6D:F7:90:7D:66:70:41:90:0D:9B:B0:9E:19:B5:47
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/60ytzhBt95B9ZnBBkA2bsJ4ZtUc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         61:d5:28:bc:a0:3f:7a:c7:f5:b2:52:42:5e:2a:34:ac:ac:da:
         54:17:85:01:9b:ae:20:59:2a:89:cf:0f:1d:7f:a4:71:5f:02:
         d5:36:92:01:5b:33:61:29:65:65:72:78:5f:99:b3:40:55:1c:
         f5:aa:04:d2:d7:02:cc:ff:1f:0f:e5:c1:8d:e1:2b:3e:57:1e:
         70:fd:86:9f:1f:d7:ef:06:46:e7:5e:ab:6d:fe:65:82:ef:b9:
         c5:6e:8f:a1:7d:ac:1d:3b:f2:f4:0f:18:2d:c8:f9:1d:e4:8c:
         6e:5d:2b:25:d1:86:14:9a:6f:b8:60:37:cf:e0:24:2b:61:82:
         47:55:38:c7:c9:2f:38:3f:f9:94:cb:3a:be:d3:c6:a8:97:29:
         cf:f9:40:ad:a6:d7:44:47:08:c3:83:b5:d4:05:85:fa:d0:43:
         98:a2:4e:80:ec:53:ab:66:55:a9:ce:49:de:bc:db:bd:ea:67:
         fe:93:c2:e3:dc:fc:6f:f8:e9:8a:a8:f9:38:7d:3e:de:92:36:
         e0:82:54:a7:9a:4d:19:06:ec:11:19:a3:79:e8:1a:e6:d8:42:
         87:74:08:a9:6c:d2:3d:2a:75:68:16:a6:d4:83:12:99:20:f0:
         a5:35:a2:14:73:0a:6f:50:8f:1c:79:d2:58:e9:9b:eb:84:8f:
         27:a8:3f:49
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCeQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTA5Mjkw
MjUyMTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEVCNENBRENFMTA2REY3
OTA3RDY2NzA0MTkwMEQ5QkIwOUUxOUI1NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFfgEcF24oRWtcSZVMtbxeXuybczLtAWehYzKbYq0Rkrq+f6tS
MutS13LN/ox5+ZyZTxu5PnyGphHyyY9E8wIIMdvQoPljcd8pjj91kMgSLGzprbjk
HS3nMbrEpBQfpbfoVwF7SDlKVnuHztubEb1YzxzXKRjPCHafYTkENfjwFYktOcBN
lyxALgKVhdmj/aFyIKbrucUbIZMzC5tt/42d566+6gSnuS+OizqnxozjuRLq27nN
dExqZv0iSZVFLCBsvHcyyWD8YGbTPs//MuwuN5/JYkl21nDLLapt11Tu0y4R7VE0
NDiq9IvFC1PyMzexGWzEFk4jOFEqEMaz0kIdAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU60ytzhBt95B9ZnBBkA2bsJ4ZtUcwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzYweXR6aEJ0OTVCOVpuQkJrQTJic0o0
WnRVYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc9PQAwDQYJ
KoZIhvcNAQELBQADggEBAGHVKLygP3rH9bJSQl4qNKys2lQXhQGbriBZKonPDx1/
pHFfAtU2kgFbM2EpZWVyeF+Zs0BVHPWqBNLXAsz/Hw/lwY3hKz5XHnD9hp8f1+8G
Rudeq23+ZYLvucVuj6F9rB078vQPGC3I+R3kjG5dKyXRhhSab7hgN8/gJCthgkdV
OMfJLzg/+ZTLOr7TxqiXKc/5QK2m10RHCMODtdQFhfrQQ5iiToDsU6tmVanOSd68
273qZ/6TwuPc/G/46Yqo+Th9Pt6SNuCCVKeaTRkG7BEZo3noGubYQod0CKls0j0q
dWgWptSDEpkg8KU1ohRzCm9Qjxx50ljpm+uEjyeoP0k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org