Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/iynattrzqikcoyeck5RDlhQtlRU.roa
File:                     iynattrzqikcoyeck5RDlhQtlRU.roa (raw, json)
Hash identifier:          G+cJgZFX8TciRV0Fq4SoSwX4EW15cT3lC0S0KvfkLRs=
Subject key identifier:   8B:29:DA:B6:DA:F3:AA:29:1C:A3:27:9C:93:94:43:96:14:2D:95:15
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       091E
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/iynattrzqikcoyeck5RDlhQtlRU.roa
Signing time:             Sun 07 Feb 2021 11:42:43 +0000
ROA not before:           Sun 07 Feb 2021 11:42:43 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131627
IP address blocks:        61.61.70.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2334 (0x91e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Feb  7 11:42:43 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=8B29DAB6DAF3AA291CA3279C93944396142D9515
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a7:2f:11:e3:56:68:f8:b9:d4:61:c4:cb:9a:
                    98:40:fe:d9:20:4c:e3:b4:fd:89:12:85:f7:85:d9:
                    5b:04:7f:fb:0d:c3:7f:b6:93:b4:1e:c9:8f:fe:98:
                    8c:3c:53:6a:57:73:19:7a:fe:d6:e4:30:d2:25:d1:
                    0d:0b:48:a7:fe:47:ce:a6:3e:c9:64:18:33:58:50:
                    4a:a2:15:48:10:99:a1:04:0e:10:61:a1:3e:b3:4d:
                    1e:af:6a:ff:53:5c:58:7c:79:7c:d4:8a:7e:b0:0a:
                    3d:7c:bb:ba:56:28:2d:c1:c9:12:87:6d:52:07:41:
                    7d:ab:50:17:af:d2:9d:a0:e9:bc:bb:2b:31:fd:89:
                    2b:10:cb:d4:9c:86:c0:72:86:2c:20:7e:42:e1:5e:
                    d5:e2:7c:46:19:4e:e2:f0:9d:4e:18:d0:40:13:a8:
                    29:ea:b5:10:15:41:3c:c7:21:65:9c:72:52:ca:e0:
                    e7:1f:d3:75:32:ea:3c:2c:6d:31:c0:32:9c:da:c6:
                    e0:e3:5b:83:f5:93:35:35:9d:c6:d0:87:e5:91:58:
                    ad:c3:5d:97:3d:18:5f:34:a1:2b:7a:c0:25:5c:db:
                    b4:77:a7:1c:d1:13:4e:a0:2f:6e:d3:d6:f5:fd:9f:
                    38:d2:f1:9a:f0:70:2a:dc:de:3f:55:fc:c2:8a:ca:
                    37:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:29:DA:B6:DA:F3:AA:29:1C:A3:27:9C:93:94:43:96:14:2D:95:15
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/iynattrzqikcoyeck5RDlhQtlRU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:43:1b:2a:f4:be:f1:f0:12:cf:cc:84:4b:a7:7b:f2:0d:d3:
         cd:f6:04:aa:01:a3:e0:d7:75:74:d7:dc:70:60:e6:28:d0:35:
         fa:d8:d6:dd:5c:d3:d3:8f:03:aa:f3:51:dc:d9:b7:42:da:73:
         a2:00:6a:d0:94:7f:2d:4a:23:61:47:85:bf:1d:eb:11:09:7d:
         84:5b:ac:10:f5:69:34:e0:97:2b:e8:4b:b2:9f:4e:e2:21:a9:
         a3:f2:e3:70:b7:e8:ae:12:a3:5e:64:04:9e:29:47:3c:81:37:
         95:f2:1e:ce:9d:b0:89:c0:58:30:e9:f9:ed:7d:d1:96:7a:d5:
         5b:13:81:2f:6d:3c:38:21:af:9f:e1:37:fb:df:c3:ce:f6:78:
         c8:d5:42:f5:c9:5d:91:cc:3f:06:e6:3b:1c:07:d9:49:d7:4c:
         08:25:ec:95:36:b7:e6:f9:fe:3d:0a:4f:27:df:08:38:fc:f4:
         9d:a1:00:c1:f4:fd:5d:43:b6:d7:25:76:9d:5a:c9:43:f8:e4:
         ef:7f:c6:b4:be:52:93:57:58:d8:77:9e:0d:d1:7d:ac:94:c4:
         2c:97:82:a0:b6:38:8e:68:b9:30:74:de:7c:6c:79:5c:7e:8f:
         12:cb:9a:44:bd:62:7c:95:71:22:d6:17:9e:f7:a5:f0:60:39:
         ab:8d:e0:f4
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMTAyMDcx
MTQyNDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDhCMjlEQUI2REFGM0FB
MjkxQ0EzMjc5QzkzOTQ0Mzk2MTQyRDk1MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9py8R41Zo+LnUYcTLmphA/tkgTOO0/YkShfeF2VsEf/sNw3+2
k7QeyY/+mIw8U2pXcxl6/tbkMNIl0Q0LSKf+R86mPslkGDNYUEqiFUgQmaEEDhBh
oT6zTR6vav9TXFh8eXzUin6wCj18u7pWKC3ByRKHbVIHQX2rUBev0p2g6by7KzH9
iSsQy9SchsByhiwgfkLhXtXifEYZTuLwnU4Y0EATqCnqtRAVQTzHIWWcclLK4Ocf
03Uy6jwsbTHAMpzaxuDjW4P1kzU1ncbQh+WRWK3DXZc9GF80oSt6wCVc27R3pxzR
E06gL27T1vX9nzjS8ZrwcCrc3j9V/MKKyjfTAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUiynattrzqikcoyeck5RDlhQtlRUwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2l5bmF0dHJ6cWlrY295ZWNrNVJEbGhR
dGxSVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PUYwDQYJ
KoZIhvcNAQELBQADggEBAJpDGyr0vvHwEs/MhEune/IN0832BKoBo+DXdXTX3HBg
5ijQNfrY1t1c09OPA6rzUdzZt0Lac6IAatCUfy1KI2FHhb8d6xEJfYRbrBD1aTTg
lyvoS7KfTuIhqaPy43C36K4So15kBJ4pRzyBN5XyHs6dsInAWDDp+e190ZZ61VsT
gS9tPDghr5/hN/vfw872eMjVQvXJXZHMPwbmOxwH2UnXTAgl7JU2t+b5/j0KTyff
CDj89J2hAMH0/V1Dttcldp1ayUP45O9/xrS+UpNXWNh3ng3RfayUxCyXgqC2OI5o
uTB03nxseVx+jxLLmkS9YnyVcSLWF573pfBgOauN4PQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org