Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/7U4M5s2TV6ljycQuwG32VxzM1mk.roa
File:                     7U4M5s2TV6ljycQuwG32VxzM1mk.roa (raw, json)
Hash identifier:          rYcd3kWVS9AJ5A1Yoz2JMhScoyY38UR+Lo0OOSDQHVg=
Subject key identifier:   ED:4E:0C:E6:CD:93:57:A9:63:C9:C4:2E:C0:6D:F6:57:1C:CC:D6:69
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       079C
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/7U4M5s2TV6ljycQuwG32VxzM1mk.roa
Signing time:             Tue 29 Sep 2020 09:59:46 +0000
ROA not before:           Tue 29 Sep 2020 09:59:46 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     4780
IP address blocks:        211.78.0.0/18 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1948 (0x79c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Sep 29 09:59:46 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=ED4E0CE6CD9357A963C9C42EC06DF6571CCCD669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:4b:1e:31:9d:f4:94:cd:1b:4e:af:9a:a1:e0:
                    33:c7:0c:9f:16:ff:5d:6b:c1:a4:4e:b3:18:c5:89:
                    38:f5:a7:e6:ce:87:bd:f6:09:77:ee:8b:f3:03:4c:
                    e0:9d:76:1f:1d:54:9c:1d:ca:10:fb:49:d7:cb:3b:
                    c6:b0:57:84:cb:aa:48:b2:e6:c7:7a:0e:98:31:46:
                    e1:55:e6:06:36:a3:96:c0:be:74:64:12:dd:22:26:
                    70:01:eb:cb:c3:16:f6:49:77:50:5e:4d:9e:1c:8c:
                    22:6e:53:61:4f:36:d3:ed:d5:93:7d:85:f7:7b:85:
                    ca:bd:83:80:ed:ef:9e:1d:b9:ea:f1:f5:7c:b8:bd:
                    80:67:a8:d5:2e:9e:b4:0d:3a:f7:a5:78:04:6d:d7:
                    b7:85:6e:ff:32:7c:d9:fc:0c:85:d2:b6:ec:98:8a:
                    74:fa:c5:b8:b6:ff:00:62:ba:dd:83:47:5e:88:1b:
                    0e:b9:6d:e4:33:3b:04:f3:9c:10:c5:cd:5d:74:86:
                    99:23:5c:77:01:d9:19:f9:22:6f:3d:70:29:28:3c:
                    2d:d9:72:e5:d1:92:73:a9:50:89:10:ec:15:4a:fe:
                    ca:f7:4b:bd:02:b5:24:fb:71:c5:fe:bb:89:0b:3e:
                    7c:dd:3c:33:f1:bc:8f:c0:5f:33:84:a0:60:3c:e1:
                    0b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:4E:0C:E6:CD:93:57:A9:63:C9:C4:2E:C0:6D:F6:57:1C:CC:D6:69
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/7U4M5s2TV6ljycQuwG32VxzM1mk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.78.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         68:95:71:49:3a:14:f3:f3:e2:64:c8:53:0b:ee:f3:34:9c:93:
         0e:54:a0:fb:dc:13:ab:4f:c9:bb:44:78:3f:a5:23:72:7f:27:
         b5:47:5a:99:c0:17:b0:67:75:20:6f:99:2c:eb:2e:51:78:ab:
         ff:bc:ca:2a:83:1c:35:c4:27:1b:e8:5a:85:6d:a0:a7:d1:7f:
         ab:27:e1:6b:f0:a3:a0:3f:0d:bf:d3:5f:fc:61:8a:6e:62:f9:
         91:50:f3:1f:67:3b:e0:19:30:6b:0e:90:aa:ad:e1:07:1f:a0:
         a3:97:09:2a:1a:31:a6:39:b5:6f:84:06:c0:1a:78:a9:22:4e:
         31:06:a8:92:80:f2:98:26:2b:66:b1:0f:31:36:9e:16:25:87:
         94:63:3f:f0:e8:af:8d:fd:5d:a5:3c:49:71:31:be:5b:7d:b4:
         f1:62:c7:bb:45:75:2c:f7:d4:12:8e:60:0d:e2:04:7a:5f:ce:
         4f:48:8a:5b:d1:a4:7d:1a:8f:a5:7f:b2:f4:90:7b:d9:77:1d:
         24:a9:82:cb:56:1e:f4:93:9a:5b:9f:20:cf:03:73:e2:c2:dd:
         b1:44:de:9d:fc:e5:b4:13:ed:c2:4d:c5:3e:27:eb:55:98:4f:
         53:cb:ce:f1:82:e6:6f:db:7f:f8:cc:29:de:4e:3c:42:f2:3d:
         3a:66:31:7f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICB5wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMDA5Mjkw
OTU5NDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEVENEUwQ0U2Q0Q5MzU3
QTk2M0M5QzQyRUMwNkRGNjU3MUNDQ0Q2NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7Sx4xnfSUzRtOr5qh4DPHDJ8W/11rwaROsxjFiTj1p+bOh732
CXfui/MDTOCddh8dVJwdyhD7SdfLO8awV4TLqkiy5sd6DpgxRuFV5gY2o5bAvnRk
Et0iJnAB68vDFvZJd1BeTZ4cjCJuU2FPNtPt1ZN9hfd7hcq9g4Dt754duerx9Xy4
vYBnqNUunrQNOveleARt17eFbv8yfNn8DIXStuyYinT6xbi2/wBiut2DR16IGw65
beQzOwTznBDFzV10hpkjXHcB2Rn5Im89cCkoPC3ZcuXRknOpUIkQ7BVK/sr3S70C
tST7ccX+u4kLPnzdPDPxvI/AXzOEoGA84QtHAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU7U4M5s2TV6ljycQuwG32VxzM1mkwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzdVNE01czJUVjZsanljUXV3RzMyVnh6
TTFtay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbTTgAwDQYJ
KoZIhvcNAQELBQADggEBAGiVcUk6FPPz4mTIUwvu8zSckw5UoPvcE6tPybtEeD+l
I3J/J7VHWpnAF7BndSBvmSzrLlF4q/+8yiqDHDXEJxvoWoVtoKfRf6sn4Wvwo6A/
Db/TX/xhim5i+ZFQ8x9nO+AZMGsOkKqt4QcfoKOXCSoaMaY5tW+EBsAaeKkiTjEG
qJKA8pgmK2axDzE2nhYlh5RjP/Dor439XaU8SXExvlt9tPFix7tFdSz31BKOYA3i
BHpfzk9IilvRpH0aj6V/svSQe9l3HSSpgstWHvSTmlufIM8Dc+LC3bFE3p385bQT
7cJNxT4n61WYT1PLzvGC5m/bf/jMKd5OPELyPTpmMX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org