Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/bHM3ocFOqINkp08Ggit4xqo5vRU.roa
File:                     bHM3ocFOqINkp08Ggit4xqo5vRU.roa (raw, json)
Hash identifier:          iu+rC4NmhdmlKJU7jh1/D7ytsS4zLtTZp5HrCeMNqyc=
Subject key identifier:   6C:73:37:A1:C1:4E:A8:83:64:A7:4F:06:82:2B:78:C6:AA:39:BD:15
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       0AE5
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/bHM3ocFOqINkp08Ggit4xqo5vRU.roa
Signing time:             Thu 15 Sep 2022 02:49:46 +0000
ROA not before:           Thu 15 Sep 2022 02:49:46 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18049
IP address blocks:        61.61.52.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2789 (0xae5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Sep 15 02:49:46 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=6C7337A1C14EA88364A74F06822B78C6AA39BD15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:07:54:28:b9:73:0f:1c:bb:92:80:fe:ef:fc:
                    20:93:6f:05:d6:e9:ef:73:01:5f:ef:dd:85:58:86:
                    48:77:2f:54:11:4e:e5:db:68:e3:05:72:99:38:da:
                    89:0e:03:a9:75:c7:ed:21:e7:c8:77:45:67:10:67:
                    cb:5f:d5:9b:b1:b8:2a:e4:63:f5:c5:13:3a:6d:d8:
                    49:6f:bd:48:fc:af:18:5b:65:96:b7:f9:2f:f5:33:
                    2f:d1:2d:3d:d3:b8:dc:8a:63:97:e9:56:a0:40:28:
                    9f:ae:2c:cc:f2:54:59:27:91:4a:2a:9f:a1:b1:54:
                    3c:03:85:23:93:fd:af:9e:e3:f0:98:8e:2a:89:32:
                    a9:52:ed:eb:05:1f:fe:0f:12:dd:9c:04:55:5b:ba:
                    4a:d8:25:0b:6b:66:93:b7:50:22:cf:07:2a:b4:90:
                    72:37:b2:e7:4a:37:ee:86:fb:6a:33:f2:ab:48:64:
                    9e:fc:5e:59:ad:59:23:da:25:09:3e:f6:66:4d:dc:
                    ca:cc:d0:9d:14:51:21:fc:09:c2:0d:1c:cb:1e:5f:
                    54:b7:f0:54:38:29:41:2e:df:b6:50:31:28:81:39:
                    fb:6a:20:86:84:d9:58:a2:f7:f6:a8:46:21:0f:a2:
                    fd:52:20:3a:27:f8:03:f6:e0:1e:50:ee:a4:71:c3:
                    11:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:73:37:A1:C1:4E:A8:83:64:A7:4F:06:82:2B:78:C6:AA:39:BD:15
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/bHM3ocFOqINkp08Ggit4xqo5vRU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:04:85:88:a2:f9:81:a1:94:75:70:74:b4:2c:9f:ce:21:25:
         05:f8:0f:7d:6b:50:29:5e:01:7a:84:ab:74:52:cc:c8:c9:3e:
         b0:72:15:a7:05:b9:6d:87:e1:e7:c8:3e:74:d3:a3:c0:a5:f2:
         f6:53:04:32:53:0f:f5:d0:6e:b1:e0:bb:22:85:49:b8:8a:b6:
         7f:94:14:1b:f6:b4:71:30:5b:6b:60:ae:e7:e8:97:8b:7d:48:
         8e:31:ec:f9:5a:fd:44:70:fb:77:14:ab:89:fe:67:3b:86:88:
         49:7a:37:81:a0:cf:31:a0:f1:e8:54:fb:a5:ae:79:1c:40:2b:
         48:b7:bf:29:43:f2:73:b9:82:37:d3:5f:55:91:f4:c6:9c:9d:
         07:51:ef:18:1c:c0:d3:4d:f1:d1:4a:d0:e4:38:ad:ac:44:5c:
         b2:91:2e:9f:3e:e5:4e:9c:08:22:9b:2d:f7:24:92:e1:6e:81:
         e4:56:0e:d1:44:bf:36:93:e3:5a:f7:5c:46:27:17:8b:67:e5:
         15:03:35:71:c1:7b:f8:26:2d:c6:33:fd:a3:6d:bd:2d:60:31:
         d2:3f:27:b0:37:e7:66:c5:1f:1c:a3:f4:6a:72:63:00:36:06:
         9d:ff:09:98:b7:8d:cf:62:53:1d:90:8c:99:83:d4:6c:17:a8:
         16:8b:87:2d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjA5MTUw
MjQ5NDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDZDNzMzN0ExQzE0RUE4
ODM2NEE3NEYwNjgyMkI3OEM2QUEzOUJEMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIB1QouXMPHLuSgP7v/CCTbwXW6e9zAV/v3YVYhkh3L1QRTuXb
aOMFcpk42okOA6l1x+0h58h3RWcQZ8tf1ZuxuCrkY/XFEzpt2ElvvUj8rxhbZZa3
+S/1My/RLT3TuNyKY5fpVqBAKJ+uLMzyVFknkUoqn6GxVDwDhSOT/a+e4/CYjiqJ
MqlS7esFH/4PEt2cBFVbukrYJQtrZpO3UCLPByq0kHI3sudKN+6G+2oz8qtIZJ78
XlmtWSPaJQk+9mZN3MrM0J0UUSH8CcINHMseX1S38FQ4KUEu37ZQMSiBOftqIIaE
2Vii9/aoRiEPov1SIDon+AP24B5Q7qRxwxEnAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUbHM3ocFOqINkp08Ggit4xqo5vRUwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2JITTNvY0ZPcUlOa3AwOEdnaXQ0eHFv
NXZSVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PTQwDQYJ
KoZIhvcNAQELBQADggEBAEIEhYii+YGhlHVwdLQsn84hJQX4D31rUCleAXqEq3RS
zMjJPrByFacFuW2H4efIPnTTo8Cl8vZTBDJTD/XQbrHguyKFSbiKtn+UFBv2tHEw
W2tgrufol4t9SI4x7Pla/URw+3cUq4n+ZzuGiEl6N4GgzzGg8ehU+6WueRxAK0i3
vylD8nO5gjfTX1WR9MacnQdR7xgcwNNN8dFK0OQ4raxEXLKRLp8+5U6cCCKbLfck
kuFugeRWDtFEvzaT41r3XEYnF4tn5RUDNXHBe/gmLcYz/aNtvS1gMdI/J7A352bF
Hxyj9GpyYwA2Bp3/CZi3jc9iUx2QjJmD1GwXqBaLhy0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org