Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/YR7x5bAE67n50-7PisRtPWnsU2w.roa
File:                     YR7x5bAE67n50-7PisRtPWnsU2w.roa (raw, json)
Hash identifier:          kbr8CQUjgjtcFUyVAoCWJBhuHxc+Pvj22LhsdkY9GSs=
Subject key identifier:   61:1E:F1:E5:B0:04:EB:B9:F9:D3:EE:CF:8A:C4:6D:3D:69:EC:53:6C
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       0B70
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/YR7x5bAE67n50-7PisRtPWnsU2w.roa
Signing time:             Fri 07 Apr 2023 00:54:25 +0000
ROA not before:           Fri 07 Apr 2023 00:54:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131602
IP address blocks:        211.78.4.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2928 (0xb70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Apr  7 00:54:25 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=611EF1E5B004EBB9F9D3EECF8AC46D3D69EC536C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:fd:16:46:8b:b1:21:51:30:84:c8:df:61:61:
                    e1:8f:fe:f7:b2:6a:f7:20:fc:29:a3:57:a2:f4:a8:
                    cb:d1:6f:5e:92:97:05:fc:0e:d8:0b:02:31:c4:33:
                    99:1d:e9:4f:9c:94:50:23:6b:a8:f3:8b:90:8d:0f:
                    c6:22:18:c7:65:f9:cd:3a:e8:02:8c:dc:01:8a:64:
                    23:92:96:a5:08:b8:99:92:ec:07:69:44:09:0b:b5:
                    a3:2d:1f:b9:3b:09:db:10:f1:82:be:3a:ee:7b:85:
                    19:e7:5e:ae:7c:59:ea:e4:91:2b:ab:a0:03:95:01:
                    6d:3c:ab:a6:b8:5b:76:27:03:7a:a3:c2:16:8d:41:
                    ac:8d:42:7c:44:38:dc:a9:36:e2:6e:e6:23:80:ab:
                    6d:30:c2:ae:48:cd:63:5d:89:e0:99:3f:e9:0c:14:
                    23:bf:04:9b:25:4b:ec:66:dd:23:84:22:fc:84:af:
                    0d:d2:04:d1:a5:10:c4:c1:fb:93:ab:78:e0:f9:e6:
                    4f:4e:a8:eb:33:f1:d5:78:73:dc:8e:ba:90:ef:bd:
                    ad:1b:f0:83:a8:44:2b:b5:eb:44:30:08:8f:0c:5d:
                    07:4b:b6:44:62:75:7d:43:cc:27:af:c2:fc:61:ce:
                    6d:b2:c0:c2:7d:0d:63:0d:d5:fa:a9:6e:ed:d0:83:
                    5e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:1E:F1:E5:B0:04:EB:B9:F9:D3:EE:CF:8A:C4:6D:3D:69:EC:53:6C
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/YR7x5bAE67n50-7PisRtPWnsU2w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.78.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:66:2b:23:f6:93:9e:7a:04:34:0f:4c:11:30:2c:d2:b6:46:
         73:e4:5e:2b:aa:e0:1b:5f:01:6c:5b:c7:b4:d3:1e:01:6a:4c:
         55:42:49:68:c9:8b:cd:08:37:c7:6f:93:ef:0d:5b:b6:84:f4:
         9a:24:7d:7a:eb:0f:cd:1b:0c:b5:1a:8a:bc:ad:73:01:94:3e:
         e0:39:8d:fc:01:f8:92:7e:32:88:60:c9:bb:4b:27:cc:09:c8:
         07:90:0a:35:d9:1d:38:0b:10:6a:ca:d2:a4:c0:51:e0:71:74:
         4b:93:7c:40:ac:a1:b7:cc:db:d2:9a:7b:63:a4:d6:35:59:f1:
         12:be:5b:76:a1:28:64:78:c0:52:6b:94:4d:3f:20:c6:b6:a8:
         eb:b6:ca:ca:ed:b1:ec:7d:1f:f1:96:63:a6:93:7a:c7:13:9a:
         5a:7d:6d:e3:ab:b6:59:4b:bd:b2:c2:9f:18:86:ca:f0:69:f7:
         a2:09:94:b4:6d:ee:71:a7:38:47:41:42:3a:21:f8:fe:ce:8a:
         e0:bb:08:99:00:29:42:70:3e:33:11:23:d2:e6:75:f0:1c:d2:
         ed:81:bb:b0:27:e4:dd:0e:18:ee:ed:00:c8:e0:ac:b4:11:09:
         0c:af:92:66:22:b4:21:7c:a0:5b:cb:d9:5f:c3:b5:3e:5d:01:
         82:a9:cb:1a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA0MDcw
MDU0MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYxMUVGMUU1QjAwNEVC
QjlGOUQzRUVDRjhBQzQ2RDNENjlFQzUzNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS/RZGi7EhUTCEyN9hYeGP/veyavcg/CmjV6L0qMvRb16SlwX8
DtgLAjHEM5kd6U+clFAja6jzi5CND8YiGMdl+c066AKM3AGKZCOSlqUIuJmS7Adp
RAkLtaMtH7k7CdsQ8YK+Ou57hRnnXq58WerkkSuroAOVAW08q6a4W3YnA3qjwhaN
QayNQnxEONypNuJu5iOAq20wwq5IzWNdieCZP+kMFCO/BJslS+xm3SOEIvyErw3S
BNGlEMTB+5OreOD55k9OqOsz8dV4c9yOupDvva0b8IOoRCu160QwCI8MXQdLtkRi
dX1DzCevwvxhzm2ywMJ9DWMN1fqpbu3Qg15XAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUYR7x5bAE67n50+7PisRtPWnsU2wwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1lSN3g1YkFFNjduNTAtN1Bpc1J0UFdu
c1Uydy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTgQwDQYJ
KoZIhvcNAQELBQADggEBAE9mKyP2k556BDQPTBEwLNK2RnPkXiuq4BtfAWxbx7TT
HgFqTFVCSWjJi80IN8dvk+8NW7aE9JokfXrrD80bDLUairytcwGUPuA5jfwB+JJ+
MohgybtLJ8wJyAeQCjXZHTgLEGrK0qTAUeBxdEuTfECsobfM29Kae2Ok1jVZ8RK+
W3ahKGR4wFJrlE0/IMa2qOu2ysrtsex9H/GWY6aTescTmlp9beOrtllLvbLCnxiG
yvBp96IJlLRt7nGnOEdBQjoh+P7OiuC7CJkAKUJwPjMRI9LmdfAc0u2Bu7An5N0O
GO7tAMjgrLQRCQyvkmYitCF8oFvL2V/DtT5dAYKpyxo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org