Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/O8S9h8fCkrWAylcbfmCAhlEniXQ.roa
File:                     O8S9h8fCkrWAylcbfmCAhlEniXQ.roa (raw, json)
Hash identifier:          374ot0v2Ra/PiLa0a0BMXaKit2BdAozN4sA+ztKWSfM=
Subject key identifier:   3B:C4:BD:87:C7:C2:92:B5:80:CA:57:1B:7E:60:80:86:51:27:89:74
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       090A
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/O8S9h8fCkrWAylcbfmCAhlEniXQ.roa
Signing time:             Sun 07 Feb 2021 06:50:46 +0000
ROA not before:           Sun 07 Feb 2021 06:50:46 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     4780
IP address blocks:        61.61.128.0/18 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2314 (0x90a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Feb  7 06:50:46 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=3BC4BD87C7C292B580CA571B7E60808651278974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2c:8a:39:88:e0:ae:b6:00:31:ca:99:23:de:
                    3b:02:55:41:e0:8a:6a:e3:a3:f0:2c:0a:12:48:3a:
                    7f:96:dd:ab:e2:ef:61:a8:ba:f7:93:cf:a5:c7:d1:
                    c9:7c:61:0a:ba:0c:ae:ce:46:9e:ba:e1:ea:9f:b6:
                    06:48:69:a0:5f:b8:19:b3:30:e2:f4:77:a7:a3:c4:
                    24:03:88:bf:e8:b7:a7:1f:fb:6a:49:26:b0:a6:ec:
                    49:72:5e:26:43:f6:8d:22:72:42:96:b6:74:1b:ca:
                    1b:78:7c:3e:91:42:67:f0:22:c3:8b:b0:45:f0:87:
                    c4:22:cc:5e:64:02:ce:41:f5:a4:27:ef:05:b9:ea:
                    d8:df:b7:2c:cd:7e:44:24:fd:db:7e:4a:9b:55:23:
                    d7:3a:62:25:25:65:95:e9:0c:54:33:8c:5a:1e:e0:
                    1f:a7:7f:65:4a:aa:3c:cc:6e:2a:93:71:30:9b:f1:
                    b7:0b:c8:5f:29:c0:5b:3b:95:15:24:98:51:3c:c1:
                    f8:b8:a6:60:2c:20:e9:f7:78:62:fc:53:36:b5:66:
                    39:d3:3b:25:31:74:a9:a8:15:f6:86:7d:88:8a:8c:
                    83:4e:56:36:4c:15:0e:8c:9b:b7:45:be:7f:a5:90:
                    58:b3:b6:c5:a5:1e:e7:20:83:42:b9:18:47:a0:cc:
                    05:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:C4:BD:87:C7:C2:92:B5:80:CA:57:1B:7E:60:80:86:51:27:89:74
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/O8S9h8fCkrWAylcbfmCAhlEniXQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         6e:f9:52:a7:1f:17:43:3f:73:85:0f:9b:e3:11:85:c9:a8:6c:
         b5:c8:6c:b0:e1:aa:3c:8b:6e:65:3f:88:9a:f8:3d:5c:51:a3:
         38:d6:d0:1e:14:4a:1a:32:c0:f0:18:05:a4:bb:66:58:3c:91:
         dc:ee:30:c7:da:92:76:ba:5c:12:26:4b:1d:1c:7a:5b:ef:f4:
         45:b6:3b:9c:06:d4:8a:d3:9d:56:b7:6e:5c:92:f8:ae:23:61:
         96:0c:b8:4d:7b:5a:a2:dc:94:fd:a9:18:14:71:76:fb:af:8d:
         68:7d:4a:25:8a:af:15:9c:2e:5c:6b:56:d7:37:c5:86:04:31:
         62:7b:4f:57:3a:31:dd:96:0d:71:23:27:83:21:9a:eb:3b:b6:
         5a:07:ce:b1:eb:66:20:24:5d:ec:b5:f6:ed:a9:17:d3:40:40:
         ca:f5:8a:a9:20:f1:d4:b2:06:a4:bb:c9:67:a0:c7:77:bd:22:
         fd:73:9e:8f:6d:65:f8:af:73:25:8c:8f:d9:70:f0:5f:3d:84:
         01:eb:91:2b:3f:65:a6:44:b8:f0:ab:48:3a:b5:44:7f:7a:d3:
         48:9b:21:db:a6:33:72:dc:3d:c1:49:cf:2b:6d:52:18:f6:cf:
         51:b4:9d:8d:f9:b3:e0:40:ff:b4:15:f2:ef:9b:cc:cb:d2:51:
         70:2a:85:66
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTAyMDcw
NjUwNDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNCQzRCRDg3QzdDMjky
QjU4MENBNTcxQjdFNjA4MDg2NTEyNzg5NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwLIo5iOCutgAxypkj3jsCVUHgimrjo/AsChJIOn+W3avi72Go
uveTz6XH0cl8YQq6DK7ORp664eqftgZIaaBfuBmzMOL0d6ejxCQDiL/ot6cf+2pJ
JrCm7ElyXiZD9o0ickKWtnQbyht4fD6RQmfwIsOLsEXwh8QizF5kAs5B9aQn7wW5
6tjftyzNfkQk/dt+SptVI9c6YiUlZZXpDFQzjFoe4B+nf2VKqjzMbiqTcTCb8bcL
yF8pwFs7lRUkmFE8wfi4pmAsIOn3eGL8Uza1ZjnTOyUxdKmoFfaGfYiKjINOVjZM
FQ6Mm7dFvn+lkFiztsWlHucgg0K5GEegzAWZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUO8S9h8fCkrWAylcbfmCAhlEniXQwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL084UzloOGZDa3JXQXlsY2JmbUNBaGxF
bmlYUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAY9PYAwDQYJ
KoZIhvcNAQELBQADggEBAG75UqcfF0M/c4UPm+MRhcmobLXIbLDhqjyLbmU/iJr4
PVxRozjW0B4UShoywPAYBaS7Zlg8kdzuMMfakna6XBImSx0celvv9EW2O5wG1IrT
nVa3blyS+K4jYZYMuE17WqLclP2pGBRxdvuvjWh9SiWKrxWcLlxrVtc3xYYEMWJ7
T1c6Md2WDXEjJ4Mhmus7tloHzrHrZiAkXey19u2pF9NAQMr1iqkg8dSyBqS7yWeg
x3e9Iv1zno9tZfivcyWMj9lw8F89hAHrkSs/ZaZEuPCrSDq1RH9600ibIdumM3Lc
PcFJzyttUhj2z1G0nY35s+BA/7QV8u+bzMvSUXAqhWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org