Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/8HQMv7mRm_q3UWu6Juh5Frz6hOM.roa
File:                     8HQMv7mRm_q3UWu6Juh5Frz6hOM.roa (raw, json)
Hash identifier:          HmP1vFGdfPXuyhtos8Qv/AQ3MuMsS3UOv9RK0ZpDklk=
Subject key identifier:   F0:74:0C:BF:B9:91:9B:FA:B7:51:6B:BA:26:E8:79:16:BC:FA:84:E3
Certificate issuer:       /CN=602CBCE32DD76D0BB39F5A706324248869119435
Certificate serial:       0954
Authority key identifier: 60:2C:BC:E3:2D:D7:6D:0B:B3:9F:5A:70:63:24:24:88:69:11:94:35
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/YCy84y3XbQuzn1pwYyQkiGkRlDU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/8HQMv7mRm_q3UWu6Juh5Frz6hOM.roa
Signing time:             Wed 29 Sep 2021 02:41:43 +0000
ROA not before:           Wed 29 Sep 2021 02:41:43 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131587
IP address blocks:        2400:d580::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2388 (0x954)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=602CBCE32DD76D0BB39F5A706324248869119435
        Validity
            Not Before: Sep 29 02:41:43 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=F0740CBFB9919BFAB7516BBA26E87916BCFA84E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0a:c3:86:1c:32:1d:39:53:44:3e:5f:a1:44:
                    21:5f:e6:31:44:07:cf:13:73:60:3a:50:5c:1b:90:
                    83:26:f2:4b:81:42:ed:91:8f:fa:8d:80:51:cb:bf:
                    1d:1f:c0:10:30:31:9f:21:f5:9d:bd:94:aa:d7:78:
                    7d:4c:23:80:fb:cc:e4:f6:16:31:9a:4d:dc:c4:5b:
                    3e:30:d7:d4:d1:93:db:99:07:51:5f:31:c9:85:e4:
                    62:99:3e:ca:6a:40:05:de:44:a0:39:92:ae:43:a2:
                    c7:07:cf:a8:50:8d:30:91:79:29:bd:3d:0b:ce:6a:
                    e0:95:da:55:2b:c4:15:27:dc:51:c6:09:01:fb:8a:
                    93:a6:1b:74:04:fb:3f:19:1c:36:89:a8:d8:d1:7a:
                    10:75:83:87:02:f9:83:a3:dd:89:86:e8:5f:00:93:
                    0a:47:03:39:fa:ba:70:e2:98:77:97:c5:28:18:18:
                    bc:54:50:a5:e3:e5:40:46:10:ad:9f:68:97:a3:18:
                    9f:cd:c2:5c:ae:d1:dd:38:d7:c3:26:e0:6a:d5:9c:
                    30:37:8e:92:81:a3:c9:8b:d8:c6:0d:4e:df:7f:23:
                    4b:ce:53:91:c0:d0:17:02:18:82:f0:d5:f6:22:6e:
                    00:75:d4:e1:6c:72:bf:c7:ca:4f:9a:74:dd:5d:21:
                    82:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:74:0C:BF:B9:91:9B:FA:B7:51:6B:BA:26:E8:79:16:BC:FA:84:E3
            X509v3 Authority Key Identifier:
                keyid:60:2C:BC:E3:2D:D7:6D:0B:B3:9F:5A:70:63:24:24:88:69:11:94:35

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YCy84y3XbQuzn1pwYyQkiGkRlDU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/8HQMv7mRm_q3UWu6Juh5Frz6hOM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d580::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:96:ac:28:dc:11:e0:c5:ef:96:f5:c7:e5:af:05:a0:6a:a2:
         c5:e6:90:87:1a:38:14:49:f4:0d:fa:5d:c0:05:26:2e:7a:53:
         9b:f9:11:e4:b1:18:47:b2:13:8f:2b:c8:aa:2f:ee:97:33:1e:
         06:4e:c9:74:70:1b:7f:0d:95:57:7e:79:e7:91:d1:64:01:dd:
         bb:3c:11:45:d6:20:60:d8:7b:30:cf:a0:12:cd:dc:b3:21:6b:
         fd:c9:4d:ac:89:57:e1:7b:3c:6e:c2:87:bb:a6:f6:46:02:8b:
         06:eb:2d:ac:3e:ff:27:b4:9d:c1:a2:78:c5:64:6b:41:17:db:
         5b:3b:4c:bc:5d:fb:ed:9b:14:b2:6a:fd:f4:8b:52:29:a8:24:
         66:ee:7e:6a:77:0f:37:ad:c9:8f:c5:a4:e0:c1:8d:02:e0:0b:
         43:89:02:cd:b8:44:52:43:32:36:44:a4:c3:fd:77:95:ce:d1:
         2b:40:84:6f:08:19:46:aa:d8:62:ec:e1:f4:1e:77:1a:22:e2:
         63:b3:aa:22:7f:ad:63:92:04:e5:46:48:08:86:3e:80:a4:df:
         14:a4:e9:a5:00:44:2c:b0:ef:8f:3d:95:94:6a:e2:df:69:f1:
         d8:92:48:96:02:0b:c0:e9:9a:03:1f:e6:2a:4b:51:d1:61:d3:
         91:41:bd:21
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCVQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjAy
Q0JDRTMyREQ3NkQwQkIzOUY1QTcwNjMyNDI0ODg2OTExOTQzNTAeFw0yMTA5Mjkw
MjQxNDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEYwNzQwQ0JGQjk5MTlC
RkFCNzUxNkJCQTI2RTg3OTE2QkNGQTg0RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/CsOGHDIdOVNEPl+hRCFf5jFEB88Tc2A6UFwbkIMm8kuBQu2R
j/qNgFHLvx0fwBAwMZ8h9Z29lKrXeH1MI4D7zOT2FjGaTdzEWz4w19TRk9uZB1Ff
McmF5GKZPspqQAXeRKA5kq5DoscHz6hQjTCReSm9PQvOauCV2lUrxBUn3FHGCQH7
ipOmG3QE+z8ZHDaJqNjRehB1g4cC+YOj3YmG6F8AkwpHAzn6unDimHeXxSgYGLxU
UKXj5UBGEK2faJejGJ/Nwlyu0d0418Mm4GrVnDA3jpKBo8mL2MYNTt9/I0vOU5HA
0BcCGILw1fYibgB11OFscr/Hyk+adN1dIYKdAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU8HQMv7mRm/q3UWu6Juh5Frz6hOMwHwYDVR0jBBgwFoAUYCy84y3XbQuzn1pw
YyQkiGkRlDUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVHQUlD
QkMvWUN5ODR5M1hiUXV6bjFwd1l5UWtpR2tSbERVLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ZQ3k4NHkzWGJRdXpuMXB3WXlRa2lHa1JsRFUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRUdBSUNCQy84SFFNdjdtUm1fcTNV
V3U2SnVoNUZyejZoT00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJADVgDANBgkqhkiG9w0BAQsFAAOCAQEAHZasKNwR4MXvlvXH5a8FoGqixeaQ
hxo4FEn0DfpdwAUmLnpTm/kR5LEYR7ITjyvIqi/ulzMeBk7JdHAbfw2VV35555HR
ZAHduzwRRdYgYNh7MM+gEs3csyFr/clNrIlX4Xs8bsKHu6b2RgKLBustrD7/J7Sd
waJ4xWRrQRfbWztMvF377ZsUsmr99ItSKagkZu5+ancPN63Jj8Wk4MGNAuALQ4kC
zbhEUkMyNkSkw/13lc7RK0CEbwgZRqrYYuzh9B53GiLiY7OqIn+tY5IE5UZICIY+
gKTfFKTppQBELLDvjz2VlGri32nx2JJIlgILwOmaAx/mKktR0WHTkUG9IQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org