Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/YhUnJ3KvkRtJ3nvJtQbm9249SKo.roa
File:                     YhUnJ3KvkRtJ3nvJtQbm9249SKo.roa (raw, json)
Hash identifier:          TF9zI5v2b0ali7x0UvDqV7KOX3SpvzmQUUMhMYAD8Og=
Subject key identifier:   62:15:27:27:72:AF:91:1B:49:DE:7B:C9:B5:06:E6:F7:6E:3D:48:AA
Certificate issuer:       /CN=6E398C52CC2A079DA90148210AC85328C11BBE96
Certificate serial:       07B1
Authority key identifier: 6E:39:8C:52:CC:2A:07:9D:A9:01:48:21:0A:C8:53:28:C1:1B:BE:96
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/YhUnJ3KvkRtJ3nvJtQbm9249SKo.roa
Signing time:             Thu 15 Sep 2022 02:37:38 +0000
ROA not before:           Thu 15 Sep 2022 02:37:38 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131674
IP address blocks:        2405:b8c0::/32 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1969 (0x7b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6E398C52CC2A079DA90148210AC85328C11BBE96
        Validity
            Not Before: Sep 15 02:37:38 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=6215272772AF911B49DE7BC9B506E6F76E3D48AA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0a:b3:bb:16:15:e6:67:f9:e1:6e:77:1b:6a:
                    d1:cf:ab:4a:3b:b8:a5:ab:a3:f9:35:31:92:45:1e:
                    a0:fd:9b:c2:18:bb:5f:e3:97:f4:a9:b4:20:fa:09:
                    af:84:72:e0:91:73:b0:b0:2d:ea:b2:f7:8e:b1:16:
                    3b:4c:4b:52:e5:1d:02:70:26:3e:5b:f0:bf:01:96:
                    8d:2b:9b:c8:8f:f8:1c:d2:cb:62:55:27:d1:c0:8d:
                    86:e9:c9:33:08:e7:e0:b4:29:1a:18:eb:4c:23:d9:
                    b7:db:77:33:1a:b8:58:39:33:e3:4d:59:6b:45:b9:
                    ff:7d:6e:99:df:9a:fc:be:62:04:8b:9b:e0:65:8f:
                    84:3d:a2:bc:e4:7a:0b:a7:f5:07:4a:d4:60:99:59:
                    87:77:0c:97:6e:3d:ed:3d:c0:dc:0a:aa:6d:47:ba:
                    86:ad:f0:ab:db:af:6b:e9:38:b6:e0:0e:a7:96:69:
                    f3:51:3a:80:2b:03:e9:a2:c5:33:bb:ac:92:5b:86:
                    91:f0:ba:d1:90:c0:82:f0:9d:7c:0f:5a:1b:2d:79:
                    54:bd:e5:af:b5:18:8f:8e:30:b0:e2:7b:92:69:c6:
                    df:58:72:43:b9:92:4d:b8:2e:f7:f3:ec:9c:6a:36:
                    18:b0:f8:7e:78:48:d6:4a:33:fc:81:08:62:bd:07:
                    7d:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:15:27:27:72:AF:91:1B:49:DE:7B:C9:B5:06:E6:F7:6E:3D:48:AA
            X509v3 Authority Key Identifier:
                keyid:6E:39:8C:52:CC:2A:07:9D:A9:01:48:21:0A:C8:53:28:C1:1B:BE:96

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bjmMUswqB52pAUghCshTKMEbvpY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/YhUnJ3KvkRtJ3nvJtQbm9249SKo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:b8c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a0:e4:68:52:68:85:83:52:07:19:82:52:39:3f:5b:40:d7:02:
         31:bf:7a:a9:c9:8d:4f:bc:29:9b:4f:31:55:77:f1:af:33:a2:
         7a:a7:1e:87:73:27:90:3b:15:f4:2f:e7:31:4b:f0:fc:d2:6f:
         13:b1:88:dd:d8:c6:2f:6c:4d:51:4b:cb:21:eb:37:42:25:46:
         a4:c2:7c:95:88:74:af:0e:e4:6d:cc:d6:24:16:0a:c9:77:fd:
         9b:4e:c8:07:a0:3b:68:ca:d3:1e:b7:3b:57:1f:3f:fd:25:27:
         b2:1b:04:45:c0:ef:12:41:36:ee:d2:c9:29:08:a2:97:d4:0e:
         58:12:f5:c7:a6:06:85:4f:37:4b:9e:ad:7c:8f:33:b4:e8:1b:
         5b:92:96:79:ad:c3:02:06:c1:ea:5a:7d:d5:9e:cd:0d:7a:6b:
         b5:ff:77:46:82:5e:4a:2e:27:2e:84:99:85:ec:3e:20:05:71:
         0f:13:31:ca:aa:50:49:62:86:40:05:cc:d9:72:97:3b:1b:55:
         31:c3:74:43:08:0e:6b:f0:ef:bc:43:84:a9:7e:ea:24:a1:eb:
         06:6b:bb:df:98:58:7d:e6:7f:41:2b:46:98:21:95:d9:13:89:
         05:16:8d:2c:8c:31:b1:f5:eb:23:a5:a5:94:36:7c:19:c3:54:
         4b:10:9f:f6
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkUz
OThDNTJDQzJBMDc5REE5MDE0ODIxMEFDODUzMjhDMTFCQkU5NjAeFw0yMjA5MTUw
MjM3MzhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYyMTUyNzI3NzJBRjkx
MUI0OURFN0JDOUI1MDZFNkY3NkUzRDQ4QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFCrO7FhXmZ/nhbncbatHPq0o7uKWro/k1MZJFHqD9m8IYu1/j
l/SptCD6Ca+EcuCRc7CwLeqy946xFjtMS1LlHQJwJj5b8L8Blo0rm8iP+BzSy2JV
J9HAjYbpyTMI5+C0KRoY60wj2bfbdzMauFg5M+NNWWtFuf99bpnfmvy+YgSLm+Bl
j4Q9orzkegun9QdK1GCZWYd3DJduPe09wNwKqm1Huoat8Kvbr2vpOLbgDqeWafNR
OoArA+mixTO7rJJbhpHwutGQwILwnXwPWhsteVS95a+1GI+OMLDie5Jpxt9YckO5
kk24Lvfz7JxqNhiw+H54SNZKM/yBCGK9B33NAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUYhUnJ3KvkRtJ3nvJtQbm9249SKowHwYDVR0jBBgwFoAUbjmMUswqB52pAUgh
CshTKMEbvpYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTlJJ
Q0gvYmptTVVzd3FCNTJwQVVnaENzaFRLTUVidnBZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9iam1NVXN3cUI1MnBBVWdoQ3NoVEtNRWJ2cFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9PUEVOUklDSC9ZaFVuSjNLdmtSdEoz
bnZKdFFibTkyNDlTS28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAW4wDANBgkqhkiG9w0BAQsFAAOCAQEAoORoUmiFg1IHGYJSOT9bQNcCMb96
qcmNT7wpm08xVXfxrzOieqceh3MnkDsV9C/nMUvw/NJvE7GI3djGL2xNUUvLIes3
QiVGpMJ8lYh0rw7kbczWJBYKyXf9m07IB6A7aMrTHrc7Vx8//SUnshsERcDvEkE2
7tLJKQiil9QOWBL1x6YGhU83S56tfI8ztOgbW5KWea3DAgbB6lp91Z7NDXprtf93
RoJeSi4nLoSZhew+IAVxDxMxyqpQSWKGQAXM2XKXOxtVMcN0QwgOa/DvvEOEqX7q
JKHrBmu735hYfeZ/QStGmCGV2ROJBRaNLIwxsfXrI6WllDZ8GcNUSxCf9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org