Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/l72Je3NFxQ71R8t9dAeiUgaln4c.roa
File:                     l72Je3NFxQ71R8t9dAeiUgaln4c.roa (raw, json)
Hash identifier:          w0k6BYjP22h48fU188ls1N2QZ0PO+S6ijqnBcwzR+1c=
Subject key identifier:   97:BD:89:7B:73:45:C5:0E:F5:47:CB:7D:74:07:A2:52:06:A5:9F:87
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       0AE5
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/l72Je3NFxQ71R8t9dAeiUgaln4c.roa
Signing time:             Thu 15 Sep 2022 02:49:48 +0000
ROA not before:           Thu 15 Sep 2022 02:49:48 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9919
IP address blocks:        61.61.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2789 (0xae5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Sep 15 02:49:48 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=97BD897B7345C50EF547CB7D7407A25206A59F87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:93:6e:90:db:b6:3f:9a:38:db:8b:39:73:e4:
                    ac:18:d8:35:ab:25:04:76:8c:cd:3f:e7:dc:f7:ec:
                    21:c0:2a:29:cf:c4:ca:03:af:52:f3:c1:62:84:6f:
                    5a:7f:4a:90:72:a8:3d:2a:a9:33:00:20:62:fc:7a:
                    43:e1:fa:a1:ab:ed:20:f6:95:02:5a:6a:17:20:40:
                    76:ba:f1:3c:62:15:25:54:d5:14:3d:f5:e7:b4:f3:
                    0f:72:65:be:d4:ff:01:fe:2c:56:12:60:9f:fa:9c:
                    85:8a:32:70:c2:a2:2a:f4:13:bb:27:13:ec:15:14:
                    51:73:31:78:eb:a8:02:fb:55:b6:f9:38:e0:97:d1:
                    e7:e3:75:4b:d6:1b:36:b9:8a:dd:6c:df:0e:bc:92:
                    c7:48:2f:f7:f1:c8:c5:87:ca:08:ba:72:64:04:e6:
                    1c:b3:d3:d5:3a:56:ed:7c:36:bb:83:e8:91:f0:49:
                    45:4e:ee:00:10:8b:2e:cd:4a:08:37:ec:bf:e6:58:
                    a1:ad:50:f9:fa:37:44:11:f0:a0:ed:01:b3:89:fb:
                    f9:4b:82:63:54:8c:77:93:ca:19:86:6f:90:17:c7:
                    3b:42:cc:ae:18:42:48:d0:79:57:56:3e:bb:13:48:
                    49:da:19:fb:42:11:99:cf:0f:be:6e:17:70:5b:b6:
                    67:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:BD:89:7B:73:45:C5:0E:F5:47:CB:7D:74:07:A2:52:06:A5:9F:87
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/l72Je3NFxQ71R8t9dAeiUgaln4c.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.61.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:42:ea:ac:0d:bd:38:51:5d:24:8d:49:83:7e:a9:4c:ea:1f:
         99:ac:ee:7e:fc:af:12:ac:e2:02:45:16:92:36:1f:f7:6c:8f:
         4e:68:c9:65:fa:8d:ba:d7:ea:c6:ce:e5:3d:6b:c1:59:da:5c:
         13:15:04:86:c5:13:a2:2b:28:a8:93:39:a5:5c:09:89:2b:8f:
         b7:ad:51:f9:35:d3:fa:37:aa:8f:81:55:92:a9:cb:b4:2d:c2:
         a1:19:f2:46:d6:2b:54:f5:39:50:ad:0e:85:7c:25:4c:6a:f6:
         f5:de:b0:5c:de:ec:28:a0:56:c5:c7:f9:72:8e:d8:d0:ac:d7:
         25:b5:e3:89:ae:61:f5:30:d3:62:86:d1:7b:45:f9:41:55:bc:
         e3:ba:89:0d:68:1f:23:a4:e5:38:c3:54:83:96:9d:23:8b:e2:
         fa:b6:c4:49:30:d3:ca:05:33:57:04:27:74:d2:10:f4:dc:b0:
         c4:66:53:48:fb:3e:95:40:b9:3b:ca:5e:b5:1d:b0:da:d9:80:
         59:7b:ea:f8:83:90:f3:36:bd:d6:98:05:ee:a3:d2:85:ea:00:
         f6:10:81:55:ca:c1:04:22:e5:8e:8e:76:f4:81:f7:74:95:ff:
         99:0e:0e:c6:e2:85:2f:20:d2:b3:ef:6e:c2:39:60:43:0b:55:
         d6:b7:08:fe
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjA5MTUw
MjQ5NDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk3QkQ4OTdCNzM0NUM1
MEVGNTQ3Q0I3RDc0MDdBMjUyMDZBNTlGODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyk26Q27Y/mjjbizlz5KwY2DWrJQR2jM0/59z37CHAKinPxMoD
r1LzwWKEb1p/SpByqD0qqTMAIGL8ekPh+qGr7SD2lQJaahcgQHa68TxiFSVU1RQ9
9ee08w9yZb7U/wH+LFYSYJ/6nIWKMnDCoir0E7snE+wVFFFzMXjrqAL7Vbb5OOCX
0efjdUvWGza5it1s3w68ksdIL/fxyMWHygi6cmQE5hyz09U6Vu18NruD6JHwSUVO
7gAQiy7NSgg37L/mWKGtUPn6N0QR8KDtAbOJ+/lLgmNUjHeTyhmGb5AXxztCzK4Y
QkjQeVdWPrsTSEnaGftCEZnPD75uF3BbtmcTAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUl72Je3NFxQ71R8t9dAeiUgaln4cwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2w3MkplM05GeFE3MVI4dDlkQWVpVWdh
bG40Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PTAwDQYJ
KoZIhvcNAQELBQADggEBAEpC6qwNvThRXSSNSYN+qUzqH5ms7n78rxKs4gJFFpI2
H/dsj05oyWX6jbrX6sbO5T1rwVnaXBMVBIbFE6IrKKiTOaVcCYkrj7etUfk10/o3
qo+BVZKpy7QtwqEZ8kbWK1T1OVCtDoV8JUxq9vXesFze7CigVsXH+XKO2NCs1yW1
44muYfUw02KG0XtF+UFVvOO6iQ1oHyOk5TjDVIOWnSOL4vq2xEkw08oFM1cEJ3TS
EPTcsMRmU0j7PpVAuTvKXrUdsNrZgFl76viDkPM2vdaYBe6j0oXqAPYQgVXKwQQi
5Y6OdvSB93SV/5kODsbihS8g0rPvbsI5YEMLVda3CP4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org