Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/VQGIQ0DT_DZahT0mhSkE9I0o-4E.roa
File:                     VQGIQ0DT_DZahT0mhSkE9I0o-4E.roa (raw, json)
Hash identifier:          +H9xKVoomqUP/aXnl3FaxULTOSh9Gjmqs+DbQoCPXhI=
Subject key identifier:   55:01:88:43:40:D3:FC:36:5A:85:3D:26:85:29:04:F4:8D:28:FB:81
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       0A66
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/VQGIQ0DT_DZahT0mhSkE9I0o-4E.roa
Signing time:             Wed 29 Sep 2021 02:42:44 +0000
ROA not before:           Wed 29 Sep 2021 02:42:44 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38843
IP address blocks:        223.27.43.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2662 (0xa66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Sep 29 02:42:44 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=5501884340D3FC365A853D26852904F48D28FB81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fc:bf:1f:b2:87:ff:90:b3:e8:68:78:cb:d2:
                    65:a1:07:04:f3:94:ef:1e:6e:91:22:04:91:45:f3:
                    0d:27:9f:e3:b5:02:dd:89:04:26:a7:f4:fa:2a:ee:
                    a4:80:00:57:77:f5:8d:6c:af:f1:e7:fa:cb:04:6b:
                    42:6c:41:c3:56:f5:f3:3f:bc:fb:dc:79:f0:4b:5d:
                    fd:a9:5c:89:2f:fb:58:75:f2:fb:23:04:f0:7e:bc:
                    de:a5:92:4a:ad:42:40:be:8e:5c:2e:c0:f4:10:49:
                    9d:60:f1:b1:c2:ec:c1:e9:92:91:0d:c5:9b:11:c2:
                    92:7a:77:00:55:15:8f:f0:ae:0f:d1:60:c0:8a:7f:
                    a4:d2:87:b2:4f:94:39:ab:8a:14:bd:af:ae:bf:99:
                    03:31:c4:4c:59:40:f9:21:1a:64:14:f9:7c:07:e2:
                    da:29:19:2a:e8:6b:ad:00:96:b8:95:09:70:1e:85:
                    e8:58:60:21:6d:3a:f5:ff:ac:07:cf:80:03:62:da:
                    9c:99:97:c7:72:98:16:07:bf:71:f6:fa:56:a1:38:
                    f4:20:59:ef:c5:8e:ae:73:30:d8:21:e6:fb:97:4a:
                    78:4f:9c:07:74:90:a5:ad:51:5d:cf:52:d4:46:43:
                    55:00:e0:d9:09:59:bc:3d:a4:97:f0:0f:06:9f:65:
                    5a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:01:88:43:40:D3:FC:36:5A:85:3D:26:85:29:04:F4:8D:28:FB:81
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/VQGIQ0DT_DZahT0mhSkE9I0o-4E.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:50:bc:d7:0a:96:1b:24:58:a0:02:bb:77:a3:58:72:50:ad:
         ad:31:23:b0:f7:a7:13:22:16:22:63:9e:6a:8b:7c:bb:ae:c6:
         36:47:49:ee:5f:52:0d:30:33:bc:1e:a8:93:fe:56:5b:d8:34:
         41:30:8c:70:b8:2f:7c:b5:66:a0:1a:2b:99:93:75:06:77:96:
         d2:44:1e:a4:b3:90:2d:3f:53:7c:42:76:12:3b:6f:5f:8c:88:
         92:35:f6:6f:e7:7f:bf:e2:ff:2a:4f:0f:4e:82:43:cd:fa:55:
         86:43:87:79:ff:c2:58:48:a5:3b:58:0f:69:2a:59:90:8b:4e:
         21:e7:c9:11:5b:6b:1e:02:ba:b7:98:70:b9:0a:ad:75:60:94:
         e6:32:2b:ab:00:bf:03:6a:49:d6:a8:b4:3a:d3:8b:29:62:1d:
         33:8e:69:8a:75:3a:ea:aa:51:23:8f:ab:b2:f3:e7:b5:f9:ff:
         b5:b7:e3:fe:c7:1d:8f:9a:da:c3:10:27:8e:3e:2d:26:4e:82:
         5a:a4:87:1b:d1:09:a0:03:83:86:a2:6a:43:2f:39:c3:04:55:
         5f:f5:12:0e:cb:3d:00:1b:94:99:34:05:8d:78:ef:11:2b:ed:
         2e:e0:29:ec:80:fa:b6:0a:ab:b3:0f:fc:2b:4f:25:ea:10:ca:
         6f:2d:12:35
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCmYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTA5Mjkw
MjQyNDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDU1MDE4ODQzNDBEM0ZD
MzY1QTg1M0QyNjg1MjkwNEY0OEQyOEZCODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp/L8fsof/kLPoaHjL0mWhBwTzlO8ebpEiBJFF8w0nn+O1At2J
BCan9Poq7qSAAFd39Y1sr/Hn+ssEa0JsQcNW9fM/vPvcefBLXf2pXIkv+1h18vsj
BPB+vN6lkkqtQkC+jlwuwPQQSZ1g8bHC7MHpkpENxZsRwpJ6dwBVFY/wrg/RYMCK
f6TSh7JPlDmrihS9r66/mQMxxExZQPkhGmQU+XwH4topGSroa60AlriVCXAehehY
YCFtOvX/rAfPgANi2pyZl8dymBYHv3H2+lahOPQgWe/Fjq5zMNgh5vuXSnhPnAd0
kKWtUV3PUtRGQ1UA4NkJWbw9pJfwDwafZVrXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUVQGIQ0DT/DZahT0mhSkE9I0o+4EwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vVlFHSVEwRFRfRFphaFQwbWhTa0U5
STBvLTRFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKzAN
BgkqhkiG9w0BAQsFAAOCAQEAOlC81wqWGyRYoAK7d6NYclCtrTEjsPenEyIWImOe
aot8u67GNkdJ7l9SDTAzvB6ok/5WW9g0QTCMcLgvfLVmoBormZN1BneW0kQepLOQ
LT9TfEJ2EjtvX4yIkjX2b+d/v+L/Kk8PToJDzfpVhkOHef/CWEilO1gPaSpZkItO
IefJEVtrHgK6t5hwuQqtdWCU5jIrqwC/A2pJ1qi0OtOLKWIdM45pinU66qpRI4+r
svPntfn/tbfj/scdj5rawxAnjj4tJk6CWqSHG9EJoAODhqJqQy85wwRVX/USDss9
ABuUmTQFjXjvESvtLuAp7ID6tgqrsw/8K08l6hDKby0SNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org