Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/GkstY8dKW4zIkfrt6fp_2rIsjwU.roa
File:                     GkstY8dKW4zIkfrt6fp_2rIsjwU.roa (raw, json)
Hash identifier:          B7h8kccVagHdJqzTLj7fSdVQkS0FZgSZ/tuOPSog+fs=
Subject key identifier:   1A:4B:2D:63:C7:4A:5B:8C:C8:91:FA:ED:E9:FA:7F:DA:B2:2C:8F:05
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       0AAB
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/GkstY8dKW4zIkfrt6fp_2rIsjwU.roa
Signing time:             Wed 06 Oct 2021 07:16:15 +0000
ROA not before:           Wed 06 Oct 2021 07:16:15 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38843
IP address blocks:        223.27.56.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2731 (0xaab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Oct  6 07:16:15 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=1A4B2D63C74A5B8CC891FAEDE9FA7FDAB22C8F05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f2:41:c3:b5:63:96:f3:73:60:a7:3f:a6:98:
                    2c:2a:f4:6d:c8:30:73:82:07:1f:dc:16:01:ca:44:
                    ac:ac:4b:70:d2:de:75:1b:13:d5:57:6c:f4:5a:f6:
                    6b:e8:c8:68:2c:3f:bf:01:a7:7e:b8:96:3c:1b:81:
                    7c:f4:11:51:f8:ce:e0:6b:40:f7:e9:6d:6e:2c:07:
                    1c:b2:4b:db:9a:56:69:33:c3:cc:cf:4c:08:61:0a:
                    80:9a:ee:a5:66:b6:8c:f3:69:9f:8a:88:f6:7d:24:
                    d3:f0:e3:c1:8f:68:52:6f:47:42:25:10:c6:3d:da:
                    d4:02:80:d0:59:68:01:bb:33:52:c2:4a:41:12:c5:
                    f1:da:5d:26:ed:0b:d6:66:16:93:99:78:51:b2:07:
                    9c:a3:6a:08:11:0f:66:44:f5:b9:66:b2:e8:1b:eb:
                    97:c0:1b:89:e4:6c:a0:2f:f8:ba:3e:14:72:27:b7:
                    e2:0e:b5:b4:a1:3d:34:01:23:26:c8:20:f1:be:97:
                    f6:f5:3e:d9:6d:0e:93:2c:76:94:b7:a0:ae:eb:11:
                    2c:de:c2:4d:b5:97:4c:79:e7:49:a4:7a:8f:2e:93:
                    4a:e4:bf:5b:c9:b7:85:f8:8a:58:0e:76:2f:b7:11:
                    ff:45:d6:74:8b:86:a4:cb:ca:46:3b:e6:d0:bd:0f:
                    d6:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:4B:2D:63:C7:4A:5B:8C:C8:91:FA:ED:E9:FA:7F:DA:B2:2C:8F:05
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/GkstY8dKW4zIkfrt6fp_2rIsjwU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a1:2e:fe:e6:3e:17:e9:53:68:3d:de:63:78:c7:db:b3:78:70:
         5a:f0:86:f4:e3:4b:cb:3d:cd:bf:dc:b0:c1:77:96:08:8b:fa:
         53:c4:94:06:45:60:8e:4b:f2:12:b1:91:02:8c:27:b4:8e:81:
         94:dd:99:35:55:28:58:9b:d8:8c:f9:12:46:33:d8:d5:a3:27:
         d6:46:d7:29:cf:7d:18:f5:43:cf:07:7e:7c:1c:58:ef:e3:e0:
         fa:ca:14:ad:73:32:63:49:42:e1:91:2c:82:d0:3e:e0:7d:8d:
         7a:cd:3b:d1:c3:6c:d0:94:1b:2a:5c:c7:ef:68:c6:cd:03:91:
         79:c7:8b:46:15:35:38:a2:2d:e3:50:51:e8:b3:52:7c:99:8e:
         86:ba:b2:d2:58:f7:de:20:fd:78:db:40:51:87:1d:6b:81:e0:
         b6:20:02:61:2a:c9:57:d4:d8:9b:94:c3:ef:32:5b:06:4e:68:
         34:03:4e:8c:19:7b:5b:05:79:97:db:2d:1f:ac:0e:a4:1e:78:
         55:f0:c8:8a:3a:5c:e5:32:0d:bb:15:b5:1e:71:ed:b1:d9:70:
         c1:28:31:37:a9:d2:98:05:96:54:2c:f6:f1:04:69:dc:82:e9:
         fc:73:5f:16:22:be:6c:af:58:48:42:6f:7f:d6:70:36:33:d3:
         c7:02:38:86
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCqswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTEwMDYw
NzE2MTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFBNEIyRDYzQzc0QTVC
OENDODkxRkFFREU5RkE3RkRBQjIyQzhGMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU8kHDtWOW83Ngpz+mmCwq9G3IMHOCBx/cFgHKRKysS3DS3nUb
E9VXbPRa9mvoyGgsP78Bp364ljwbgXz0EVH4zuBrQPfpbW4sBxyyS9uaVmkzw8zP
TAhhCoCa7qVmtozzaZ+KiPZ9JNPw48GPaFJvR0IlEMY92tQCgNBZaAG7M1LCSkES
xfHaXSbtC9ZmFpOZeFGyB5yjaggRD2ZE9blmsugb65fAG4nkbKAv+Lo+FHInt+IO
tbShPTQBIybIIPG+l/b1PtltDpMsdpS3oK7rESzewk21l0x550mkeo8uk0rkv1vJ
t4X4ilgOdi+3Ef9F1nSLhqTLykY75tC9D9YDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUGkstY8dKW4zIkfrt6fp/2rIsjwUwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vR2tzdFk4ZEtXNHpJa2ZydDZmcF8y
cklzandVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA98bODAN
BgkqhkiG9w0BAQsFAAOCAQEAoS7+5j4X6VNoPd5jeMfbs3hwWvCG9ONLyz3Nv9yw
wXeWCIv6U8SUBkVgjkvyErGRAowntI6BlN2ZNVUoWJvYjPkSRjPY1aMn1kbXKc99
GPVDzwd+fBxY7+Pg+soUrXMyY0lC4ZEsgtA+4H2Nes070cNs0JQbKlzH72jGzQOR
eceLRhU1OKIt41BR6LNSfJmOhrqy0lj33iD9eNtAUYcda4HgtiACYSrJV9TYm5TD
7zJbBk5oNANOjBl7WwV5l9stH6wOpB54VfDIijpc5TINuxW1HnHtsdlwwSgxN6nS
mAWWVCz28QRp3ILp/HNfFiK+bK9YSEJvf9ZwNjPTxwI4hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org