Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MINGYITEA/GHFGni1LHy2zsUji3XJVUQC33UI.roa
File:                     GHFGni1LHy2zsUji3XJVUQC33UI.roa (raw, json)
Hash identifier:          Ea1UMu4Tj0IZzY2oT3vIe+lqx3rWkBWIl3kbyPa/GRU=
Subject key identifier:   18:71:46:9E:2D:4B:1F:2D:B3:B1:48:E2:DD:72:55:51:00:B7:DD:42
Certificate issuer:       /CN=ADFE6E56DAF8492EC7DE88B3A906B3139B55B864
Certificate serial:       02F4
Authority key identifier: AD:FE:6E:56:DA:F8:49:2E:C7:DE:88:B3:A9:06:B3:13:9B:55:B8:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/rf5uVtr4SS7H3oizqQazE5tVuGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGYITEA/GHFGni1LHy2zsUji3XJVUQC33UI.roa
Signing time:             Tue 17 Nov 2020 11:02:41 +0000
ROA not before:           Tue 17 Nov 2020 11:02:41 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17415
IP address blocks:        2406:3540::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 756 (0x2f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ADFE6E56DAF8492EC7DE88B3A906B3139B55B864
        Validity
            Not Before: Nov 17 11:02:41 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=1871469E2D4B1F2DB3B148E2DD72555100B7DD42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:79:4c:2e:ce:d7:fe:bc:c3:cf:5a:6e:a5:1b:
                    07:d9:a9:4d:96:1c:c7:be:ab:90:3a:cc:ec:17:ab:
                    41:39:2f:0a:89:a3:b4:f9:c1:e2:35:b6:ca:d9:2f:
                    05:1f:76:d0:7b:12:16:08:09:4f:4e:80:f6:83:66:
                    71:24:0a:3e:fb:f5:5f:1c:3f:5c:5c:db:97:c1:05:
                    01:c8:9c:ad:71:bb:8b:fa:08:32:84:ea:7e:e3:e1:
                    ca:6f:26:35:10:44:8f:7a:d5:39:25:07:29:b9:a6:
                    67:99:b0:7a:16:93:e2:83:1a:33:a5:86:50:d4:44:
                    5b:e2:76:e1:0a:cd:7b:0b:ad:b6:12:8d:03:8c:9b:
                    93:39:67:4d:71:db:8e:48:59:1d:53:0e:d5:78:9f:
                    45:6c:cc:f6:e2:39:04:4e:52:29:e2:08:1d:37:f5:
                    20:d1:b0:cf:fc:af:d5:06:ad:cd:31:35:24:a6:25:
                    a2:c0:02:e7:c2:cc:a9:65:e7:82:81:75:40:9e:98:
                    2e:f2:e0:36:fd:fc:2b:a0:5f:a5:a9:d3:40:b9:bc:
                    ef:9d:27:4d:06:89:a0:2c:49:e0:21:8f:d5:bd:12:
                    2b:18:f3:2a:9b:59:b3:35:e8:7a:03:32:4f:9d:13:
                    c7:fd:0d:1a:9f:33:21:ee:4a:8b:e3:d9:6d:b8:9b:
                    cd:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:71:46:9E:2D:4B:1F:2D:B3:B1:48:E2:DD:72:55:51:00:B7:DD:42
            X509v3 Authority Key Identifier:
                keyid:AD:FE:6E:56:DA:F8:49:2E:C7:DE:88:B3:A9:06:B3:13:9B:55:B8:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGYITEA/rf5uVtr4SS7H3oizqQazE5tVuGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/rf5uVtr4SS7H3oizqQazE5tVuGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGYITEA/GHFGni1LHy2zsUji3XJVUQC33UI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:3540::/32

    Signature Algorithm: sha256WithRSAEncryption
         4c:9a:fd:17:b6:6d:55:27:94:67:e5:7a:b3:00:a5:a2:6f:48:
         21:86:ea:fa:f2:de:b1:58:64:2f:5b:34:5e:e6:b7:c7:8d:9a:
         ba:36:4d:d5:1a:1d:e5:23:ba:d3:f8:74:63:8f:88:78:ae:0d:
         a0:03:10:d6:a9:d3:96:82:4d:08:79:90:71:74:af:21:62:95:
         45:3d:a3:09:e8:99:9b:bb:53:75:9e:82:57:df:21:b0:59:60:
         28:a9:70:24:a8:b9:10:7b:ee:0d:bd:f2:d4:f6:4c:8e:63:c4:
         ec:54:b7:d4:f0:b6:3b:87:7e:f8:e8:ea:8d:e1:8e:4c:0e:55:
         50:1b:64:a2:fe:0e:bb:15:06:61:a2:bd:0b:df:90:a7:57:8a:
         fa:77:a3:b9:7a:11:9f:e3:b9:ca:b7:3f:93:38:2f:cf:92:8a:
         92:a5:78:97:d8:77:fc:91:53:75:e4:23:93:0b:52:5f:8b:dd:
         40:28:ee:14:7f:53:16:6d:71:9d:90:0d:76:0c:f3:fb:af:55:
         cd:d9:5e:e2:32:b0:1f:4a:59:7d:9d:6c:81:36:bf:18:37:e4:
         dc:41:05:38:ab:d8:d9:0b:9e:e8:ad:b9:87:8d:66:1b:da:cc:
         af:ca:10:55:3d:49:06:43:ff:a7:64:ad:82:20:82:ad:94:d1:
         61:7b:45:61
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICAvQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQURG
RTZFNTZEQUY4NDkyRUM3REU4OEIzQTkwNkIzMTM5QjU1Qjg2NDAeFw0yMDExMTcx
MTAyNDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDE4NzE0NjlFMkQ0QjFG
MkRCM0IxNDhFMkRENzI1NTUxMDBCN0RENDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPeUwuztf+vMPPWm6lGwfZqU2WHMe+q5A6zOwXq0E5LwqJo7T5
weI1tsrZLwUfdtB7EhYICU9OgPaDZnEkCj779V8cP1xc25fBBQHInK1xu4v6CDKE
6n7j4cpvJjUQRI961TklBym5pmeZsHoWk+KDGjOlhlDURFviduEKzXsLrbYSjQOM
m5M5Z01x245IWR1TDtV4n0VszPbiOQROUiniCB039SDRsM/8r9UGrc0xNSSmJaLA
AufCzKll54KBdUCemC7y4Db9/CugX6Wp00C5vO+dJ00GiaAsSeAhj9W9EisY8yqb
WbM16HoDMk+dE8f9DRqfMyHuSovj2W24m81bAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUGHFGni1LHy2zsUji3XJVUQC33UIwHwYDVR0jBBgwFoAUrf5uVtr4SS7H3oiz
qQazE5tVuGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUlOR1lJ
VEVBL3JmNXVWdHI0U1M3SDNvaXpxUWF6RTV0VnVHUS5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvcmY1dVZ0cjRTUzdIM29penFRYXpFNXRWdUdRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUlOR1lJVEVBL0dIRkduaTFMSHky
enNVamkzWEpWVVFDMzNVSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAkBjVAMA0GCSqGSIb3DQEBCwUAA4IBAQBMmv0Xtm1VJ5Rn5XqzAKWib0gh
hur68t6xWGQvWzRe5rfHjZq6Nk3VGh3lI7rT+HRjj4h4rg2gAxDWqdOWgk0IeZBx
dK8hYpVFPaMJ6Jmbu1N1noJX3yGwWWAoqXAkqLkQe+4NvfLU9kyOY8TsVLfU8LY7
h3746OqN4Y5MDlVQG2Si/g67FQZhor0L35CnV4r6d6O5ehGf47nKtz+TOC/PkoqS
pXiX2Hf8kVN15COTC1Jfi91AKO4Uf1MWbXGdkA12DPP7r1XN2V7iMrAfSll9nWyB
Nr8YN+TcQQU4q9jZC57orbmHjWYb2syvyhBVPUkGQ/+nZK2CIIKtlNFhe0Vh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org