Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/Nl27hH6nKQZwrvLDNkHJAqokYg0.roa
File:                     Nl27hH6nKQZwrvLDNkHJAqokYg0.roa (raw, json)
Hash identifier:          bhTCP75SsC22kn1TVqrGhMnMHj3w24TadncneNnWHA4=
Subject key identifier:   36:5D:BB:84:7E:A7:29:06:70:AE:F2:C3:36:41:C9:02:AA:24:62:0D
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       0900
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Nl27hH6nKQZwrvLDNkHJAqokYg0.roa
Signing time:             Sun 07 Feb 2021 06:49:41 +0000
ROA not before:           Sun 07 Feb 2021 06:49:41 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9918
IP address blocks:        61.61.0.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2304 (0x900)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Feb  7 06:49:41 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=365DBB847EA7290670AEF2C33641C902AA24620D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1f:97:c6:08:85:6e:d2:7e:cd:ec:2c:ed:38:
                    87:78:4c:50:7a:3b:da:c1:cb:ee:13:0b:ae:d8:97:
                    b9:48:a0:d4:52:b4:63:19:66:3e:fc:7b:9a:5c:a4:
                    77:30:86:ee:b1:2b:6e:74:0c:5a:ec:79:6d:56:79:
                    73:3c:d5:b8:dd:3e:7b:52:28:f7:8d:9d:f4:94:9d:
                    c9:80:8c:a2:a1:96:6d:bc:d3:54:e4:64:46:08:91:
                    bd:a4:d6:77:ea:a1:62:d0:85:51:93:8a:0f:ed:a4:
                    6f:55:ec:32:01:c5:d5:90:21:d8:24:2b:1f:28:83:
                    05:e8:5d:61:2d:ee:18:3c:b2:1a:ae:ee:2d:b0:92:
                    2c:26:ac:bb:65:3d:27:90:39:8a:a2:9b:e0:11:cb:
                    d4:8e:1d:bc:36:0f:8b:bf:6e:64:8e:c9:c0:94:af:
                    86:b9:e4:bc:9f:4e:65:c7:2a:6d:81:ec:a4:8c:68:
                    e1:22:3f:67:66:9e:50:9b:78:3b:39:90:04:12:c0:
                    92:77:22:60:8f:ee:6b:e7:f4:65:d6:39:d7:34:69:
                    56:25:29:34:fa:6f:92:0a:9c:15:ca:5f:ce:c0:d9:
                    62:b4:37:5b:c5:fe:6a:6f:bf:cb:ee:0e:9b:6e:be:
                    a2:e0:bc:09:d6:12:86:cd:f6:0a:28:86:43:5f:d7:
                    b2:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:5D:BB:84:7E:A7:29:06:70:AE:F2:C3:36:41:C9:02:AA:24:62:0D
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Nl27hH6nKQZwrvLDNkHJAqokYg0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         3a:e8:29:06:31:d6:36:89:b5:3e:fd:ea:88:a6:f7:70:49:f2:
         e1:1c:52:41:ff:1c:c8:37:9c:5b:1d:36:6b:a9:6f:17:69:e6:
         f3:a7:7a:f7:7c:04:57:db:29:ba:93:9f:9d:24:a2:e9:9c:f3:
         45:c4:63:37:ff:01:98:34:31:b5:d4:5e:89:ba:02:b1:20:55:
         1f:81:d0:38:77:e0:84:75:f5:0b:4e:8d:91:b8:23:1f:af:14:
         9e:58:73:6c:ab:03:3e:60:0c:58:48:69:14:74:25:24:cf:99:
         62:d9:04:c4:18:87:cd:64:d3:6c:51:5f:35:fd:76:60:c3:48:
         56:d9:e6:3d:b8:70:f2:7d:dc:dc:b6:d0:10:c6:23:6c:18:df:
         60:97:4d:01:ec:13:0c:4b:dc:82:72:22:a3:6b:4b:25:0c:51:
         bc:20:31:f0:d2:b3:b1:eb:2e:8b:30:55:b9:c5:7f:ef:1c:e2:
         6b:c4:2f:47:4a:ef:78:50:52:84:88:e0:e6:aa:79:7d:88:74:
         01:50:b4:6d:85:f3:78:c5:10:87:30:fd:7e:a6:3e:68:52:ec:
         6e:b0:2c:87:1a:26:f8:7f:90:1a:11:49:71:44:05:18:7c:25:
         78:d5:da:8e:7e:0e:dc:6b:39:bc:69:14:b6:09:4f:37:30:3b:
         38:60:3b:95
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTAyMDcw
NjQ5NDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM2NURCQjg0N0VBNzI5
MDY3MEFFRjJDMzM2NDFDOTAyQUEyNDYyMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4H5fGCIVu0n7N7CztOId4TFB6O9rBy+4TC67Yl7lIoNRStGMZ
Zj78e5pcpHcwhu6xK250DFrseW1WeXM81bjdPntSKPeNnfSUncmAjKKhlm2801Tk
ZEYIkb2k1nfqoWLQhVGTig/tpG9V7DIBxdWQIdgkKx8ogwXoXWEt7hg8shqu7i2w
kiwmrLtlPSeQOYqim+ARy9SOHbw2D4u/bmSOycCUr4a55LyfTmXHKm2B7KSMaOEi
P2dmnlCbeDs5kAQSwJJ3ImCP7mvn9GXWOdc0aVYlKTT6b5IKnBXKX87A2WK0N1vF
/mpvv8vuDptuvqLgvAnWEobN9goohkNf17I3AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUNl27hH6nKQZwrvLDNkHJAqokYg0wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL05sMjdoSDZuS1Fad3J2TEROa0hKQXFv
a1lnMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc9PQAwDQYJ
KoZIhvcNAQELBQADggEBADroKQYx1jaJtT796oim93BJ8uEcUkH/HMg3nFsdNmup
bxdp5vOnevd8BFfbKbqTn50koumc80XEYzf/AZg0MbXUXom6ArEgVR+B0Dh34IR1
9QtOjZG4Ix+vFJ5Yc2yrAz5gDFhIaRR0JSTPmWLZBMQYh81k02xRXzX9dmDDSFbZ
5j24cPJ93Ny20BDGI2wY32CXTQHsEwxL3IJyIqNrSyUMUbwgMfDSs7HrLoswVbnF
f+8c4mvEL0dK73hQUoSI4OaqeX2IdAFQtG2F83jFEIcw/X6mPmhS7G6wLIcaJvh/
kBoRSXFEBRh8JXjV2o5+DtxrObxpFLYJTzcwOzhgO5U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org