Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/hVPsEUBAVNs9v0xXN6DwvFe8cP0.roa
File:                     hVPsEUBAVNs9v0xXN6DwvFe8cP0.roa (raw, json)
Hash identifier:          jHAWgnEbJf+Y4XFknM3zLBNwXCITzHnsIb5fhgKZrBs=
Subject key identifier:   85:53:EC:11:40:40:54:DB:3D:BF:4C:57:37:A0:F0:BC:57:BC:70:FD
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       0BB4
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/hVPsEUBAVNs9v0xXN6DwvFe8cP0.roa
Signing time:             Tue 04 Jul 2023 03:04:56 +0000
ROA not before:           Tue 04 Jul 2023 03:04:56 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9922
IP address blocks:        61.61.4.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2996 (0xbb4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Jul  4 03:04:56 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=8553EC11404054DB3DBF4C5737A0F0BC57BC70FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e1:6e:1c:66:8c:d9:9b:2e:0a:84:7c:b0:f3:
                    71:1a:7a:91:5d:b1:6f:ba:77:fa:a0:4a:4f:3a:a7:
                    7a:63:f8:8e:e4:a5:9c:e0:02:20:26:c5:fe:cc:dd:
                    a0:bd:3c:52:40:b3:4e:aa:05:d1:c5:bb:a0:75:8c:
                    be:59:d1:a7:c1:bc:47:69:29:eb:c0:a0:5e:72:32:
                    39:8c:aa:6e:f4:98:73:11:41:99:65:19:c8:58:5b:
                    f6:a9:97:38:54:75:95:e8:bd:dd:51:71:63:3a:cb:
                    71:eb:0f:dd:c7:87:06:7a:39:28:d4:fd:c3:fc:35:
                    dd:5a:2f:d1:66:39:79:08:a7:6b:47:df:e9:03:d9:
                    a0:25:b0:57:84:66:78:f7:b4:5b:9d:64:3d:97:3c:
                    e0:20:20:0d:26:97:45:0d:e1:b3:ce:3c:4a:cd:88:
                    97:e0:fd:64:dd:c0:9f:07:6d:6d:1c:4c:4e:0d:8a:
                    b0:59:81:cc:d9:d0:e8:2b:0e:24:1d:1c:e8:ce:24:
                    51:a9:74:81:5b:6f:96:a4:ec:2a:57:f6:76:7d:76:
                    49:26:5d:74:57:9f:97:ac:ff:36:66:34:97:4a:99:
                    e0:03:9c:82:89:a6:a9:b7:e3:95:de:53:4d:2e:6e:
                    df:5f:a6:ef:c3:c9:54:31:25:bc:1c:43:b8:86:a2:
                    aa:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:53:EC:11:40:40:54:DB:3D:BF:4C:57:37:A0:F0:BC:57:BC:70:FD
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/hVPsEUBAVNs9v0xXN6DwvFe8cP0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         86:58:b5:c6:17:62:65:87:9b:93:92:7b:ae:9a:2d:c8:63:f1:
         4a:02:78:b2:bf:fc:24:b6:81:42:cb:c0:21:f4:21:f3:b6:05:
         fa:a5:d3:83:bf:de:2e:5c:0c:e7:7c:3a:f5:68:dd:85:57:87:
         ad:4a:b1:c4:74:7c:2a:ad:2a:58:eb:4f:87:4a:62:8b:75:e3:
         9f:03:e9:ac:23:a6:b2:f0:ea:e4:17:ee:1d:3e:b6:f6:c1:f7:
         d5:e0:bd:c5:93:d0:68:11:27:7a:e0:95:16:04:6a:e0:85:48:
         4e:66:aa:bc:52:22:76:86:c0:e7:1b:44:1a:35:28:b1:66:37:
         a8:13:2d:31:e2:90:e9:60:67:be:77:b1:61:e5:92:53:47:62:
         ff:75:29:9c:83:57:44:b1:51:97:1c:bc:80:3c:94:59:88:ed:
         e6:45:20:1f:49:6e:b9:c6:77:96:6b:c4:8a:99:fa:9c:e0:69:
         1e:a3:93:75:d5:9c:c9:50:19:bf:9b:ee:37:33:12:46:cf:a8:
         15:a6:25:74:dd:03:c3:00:77:5e:98:4b:1b:6d:ce:c6:a4:da:
         03:af:ef:c2:b5:a0:71:5b:59:6f:c6:1b:e7:31:eb:c0:6e:7f:
         10:dc:14:96:03:9c:65:f4:91:99:d1:2a:15:ba:dc:23:61:6f:
         e8:54:5f:3d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC7QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA3MDQw
MzA0NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg1NTNFQzExNDA0MDU0
REIzREJGNEM1NzM3QTBGMEJDNTdCQzcwRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCb4W4cZozZmy4KhHyw83EaepFdsW+6d/qgSk86p3pj+I7kpZzg
AiAmxf7M3aC9PFJAs06qBdHFu6B1jL5Z0afBvEdpKevAoF5yMjmMqm70mHMRQZll
GchYW/aplzhUdZXovd1RcWM6y3HrD93HhwZ6OSjU/cP8Nd1aL9FmOXkIp2tH3+kD
2aAlsFeEZnj3tFudZD2XPOAgIA0ml0UN4bPOPErNiJfg/WTdwJ8HbW0cTE4NirBZ
gczZ0OgrDiQdHOjOJFGpdIFbb5ak7CpX9nZ9dkkmXXRXn5es/zZmNJdKmeADnIKJ
pqm345XeU00ubt9fpu/DyVQxJbwcQ7iGoqozAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUhVPsEUBAVNs9v0xXN6DwvFe8cP0wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2hWUHNFVUJBVk5zOXYweFhONkR3dkZl
OGNQMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAE9PQQwDQYJ
KoZIhvcNAQELBQADggEBAIZYtcYXYmWHm5OSe66aLchj8UoCeLK//CS2gULLwCH0
IfO2Bfql04O/3i5cDOd8OvVo3YVXh61KscR0fCqtKljrT4dKYot1458D6awjprLw
6uQX7h0+tvbB99XgvcWT0GgRJ3rglRYEauCFSE5mqrxSInaGwOcbRBo1KLFmN6gT
LTHikOlgZ753sWHlklNHYv91KZyDV0SxUZccvIA8lFmI7eZFIB9JbrnGd5ZrxIqZ
+pzgaR6jk3XVnMlQGb+b7jczEkbPqBWmJXTdA8MAd16YSxttzsak2gOv78K1oHFb
WW/GG+cx68BufxDcFJYDnGX0kZnRKhW63CNhb+hUXz0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org