Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/bFiHn_fCb3b3TEecF81dS0xGnmg.roa
File:                     bFiHn_fCb3b3TEecF81dS0xGnmg.roa (raw, json)
Hash identifier:          B0CquQQzfgChQ69ldSpyqmt1k8LexR/o6kAuJxcnhYQ=
Subject key identifier:   6C:58:87:9F:F7:C2:6F:76:F7:4C:47:9C:17:CD:5D:4B:4C:46:9E:68
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       08A8
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/bFiHn_fCb3b3TEecF81dS0xGnmg.roa
Signing time:             Wed 18 Nov 2020 10:19:44 +0000
ROA not before:           Wed 18 Nov 2020 10:19:44 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131627
IP address blocks:        61.61.144.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2216 (0x8a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Nov 18 10:19:44 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=6C58879FF7C26F76F74C479C17CD5D4B4C469E68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:1f:f2:65:28:cd:e8:cf:f7:c5:5e:3f:30:ea:
                    11:4c:9b:cc:66:90:f3:9b:97:38:2b:a3:bc:51:35:
                    91:e5:b4:2a:30:c9:c0:71:d5:09:4a:34:88:76:27:
                    bc:67:18:00:20:2d:b6:44:e3:e8:d7:2c:5a:ea:c6:
                    d9:ec:24:5b:64:03:3d:c8:06:f3:74:b0:35:80:12:
                    f5:7f:63:74:a2:c2:fc:c1:7a:e0:e0:e2:ad:6c:98:
                    04:96:79:b0:cf:10:be:84:c5:94:82:28:9b:a4:39:
                    d8:16:67:c5:66:7f:6c:c6:63:4c:e8:ff:cc:f2:fa:
                    d0:e1:1f:c2:c1:14:fd:13:00:32:c3:47:95:87:c3:
                    e5:98:cd:8e:8f:0b:ac:80:fc:b3:d8:4e:52:f3:37:
                    48:5d:1f:21:eb:24:6c:61:96:61:04:50:16:d3:5e:
                    5d:f6:eb:09:ae:cc:02:0c:1c:6d:81:46:21:1e:cb:
                    82:91:3c:1b:42:30:0e:36:40:d9:96:11:f4:3d:93:
                    97:21:02:a2:91:ef:4d:11:2c:4e:9d:fa:3b:ec:ef:
                    0d:08:37:7a:ab:cd:2c:55:9b:e8:0a:3f:56:c2:42:
                    24:e1:aa:25:44:88:74:1e:43:b9:cc:a0:81:fc:c8:
                    f1:cc:78:30:57:42:99:a1:b1:05:da:08:e4:9d:7e:
                    2e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:58:87:9F:F7:C2:6F:76:F7:4C:47:9C:17:CD:5D:4B:4C:46:9E:68
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/bFiHn_fCb3b3TEecF81dS0xGnmg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         76:a1:18:82:81:99:40:3c:bd:2d:99:c8:bc:07:9b:23:81:e1:
         9c:57:7b:38:22:b4:b3:83:f0:57:41:19:f1:c5:ee:69:f5:bd:
         f5:eb:95:66:43:b3:eb:7d:e7:84:49:37:b3:8d:2e:f2:e4:6b:
         7a:d8:ee:3e:c8:31:b3:7b:9b:14:c7:f7:ee:74:05:e6:f6:f8:
         2d:dd:4a:92:fc:09:da:70:d5:95:c2:eb:6a:7f:ff:33:24:66:
         66:2f:5c:84:cf:ed:c1:d3:e4:3c:e7:b7:ac:ab:26:84:aa:32:
         97:9d:25:41:90:b4:d7:e5:6f:9c:de:1f:d6:af:14:7b:5a:8a:
         54:42:57:b7:1b:bd:b6:6e:02:3a:d5:34:76:47:52:e9:60:ae:
         f8:77:d4:f2:82:91:4a:68:2f:8d:df:ff:1c:8c:a0:31:7b:46:
         94:46:d3:b7:1c:60:7d:74:7f:8e:87:88:a7:62:4c:5b:36:09:
         73:c0:81:6f:17:f3:e5:fb:71:56:82:58:6a:7b:91:58:c5:02:
         93:24:fc:65:7e:1b:95:98:4b:a0:38:c9:14:11:8e:85:da:64:
         33:5a:88:94:35:49:1e:f8:5e:de:cd:ff:a8:cc:71:53:49:5a:
         09:f2:f2:1a:9c:5d:a1:60:27:05:31:52:f8:7b:a4:23:a0:43:
         99:9d:65:8a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMDExMTgx
MDE5NDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZDNTg4NzlGRjdDMjZG
NzZGNzRDNDc5QzE3Q0Q1RDRCNEM0NjlFNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuH/JlKM3oz/fFXj8w6hFMm8xmkPOblzgro7xRNZHltCowycBx
1QlKNIh2J7xnGAAgLbZE4+jXLFrqxtnsJFtkAz3IBvN0sDWAEvV/Y3SiwvzBeuDg
4q1smASWebDPEL6ExZSCKJukOdgWZ8Vmf2zGY0zo/8zy+tDhH8LBFP0TADLDR5WH
w+WYzY6PC6yA/LPYTlLzN0hdHyHrJGxhlmEEUBbTXl326wmuzAIMHG2BRiEey4KR
PBtCMA42QNmWEfQ9k5chAqKR700RLE6d+jvs7w0IN3qrzSxVm+gKP1bCQiThqiVE
iHQeQ7nMoIH8yPHMeDBXQpmhsQXaCOSdfi6zAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUbFiHn/fCb3b3TEecF81dS0xGnmgwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2JGaUhuX2ZDYjNiM1RFZWNGODFkUzB4
R25tZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PZAwDQYJ
KoZIhvcNAQELBQADggEBAHahGIKBmUA8vS2ZyLwHmyOB4ZxXezgitLOD8FdBGfHF
7mn1vfXrlWZDs+t954RJN7ONLvLka3rY7j7IMbN7mxTH9+50Beb2+C3dSpL8Cdpw
1ZXC62p//zMkZmYvXITP7cHT5Dznt6yrJoSqMpedJUGQtNflb5zeH9avFHtailRC
V7cbvbZuAjrVNHZHUulgrvh31PKCkUpoL43f/xyMoDF7RpRG07ccYH10f46HiKdi
TFs2CXPAgW8X8+X7cVaCWGp7kVjFApMk/GV+G5WYS6A4yRQRjoXaZDNaiJQ1SR74
Xt7N/6jMcVNJWgny8hqcXaFgJwUxUvh7pCOgQ5mdZYo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org