Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/zHLFBht3nP7dnUv4unJgfyg8Xls.roa
File:                     zHLFBht3nP7dnUv4unJgfyg8Xls.roa (raw, json)
Hash identifier:          CoE+1ptNB2me/stgP0qribqWvLsSodOZFmm+CsNw5aI=
Subject key identifier:   CC:72:C5:06:1B:77:9C:FE:DD:9D:4B:F8:BA:72:60:7F:28:3C:5E:5B
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       099F
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/zHLFBht3nP7dnUv4unJgfyg8Xls.roa
Signing time:             Sun 07 Feb 2021 13:09:54 +0000
ROA not before:           Sun 07 Feb 2021 13:09:54 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38843
IP address blocks:        223.27.43.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2463 (0x99f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Feb  7 13:09:54 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=CC72C5061B779CFEDD9D4BF8BA72607F283C5E5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:63:2d:4e:ef:38:e1:2a:6b:07:42:a0:65:cf:
                    08:dc:66:3f:3a:94:6c:e7:ff:bb:f2:6d:18:17:9d:
                    c9:7e:01:f2:eb:c7:a4:91:4e:6e:51:b7:34:10:f1:
                    c5:6c:ba:ab:f4:81:06:b4:6a:16:87:3a:58:d9:5b:
                    b0:4b:d4:b7:db:ec:db:97:9b:92:50:3a:16:f0:73:
                    1b:31:70:e6:18:55:94:0a:53:20:98:f6:dc:3a:b5:
                    06:01:c2:72:dd:f6:80:1c:43:12:72:60:35:34:82:
                    de:01:66:40:9e:90:e9:17:aa:52:74:32:1c:b4:bc:
                    7e:de:16:97:31:df:d2:dc:68:a1:83:eb:bd:61:59:
                    0a:a9:63:11:e0:89:48:14:18:d5:c6:65:dc:7b:0d:
                    ed:03:1e:e3:57:f3:28:ec:cc:48:34:50:e4:a2:67:
                    01:4c:ac:11:6e:a7:8f:2f:15:01:a7:63:43:ff:2e:
                    81:fb:b7:7f:ff:dc:2b:85:7e:46:86:14:34:ab:2e:
                    89:0a:02:30:ae:59:7c:6d:2c:8c:7d:4e:af:b7:70:
                    74:39:1c:23:7d:d1:73:38:89:8d:d3:a6:19:fa:57:
                    5f:5e:fd:cd:cb:3d:18:cb:89:9a:af:3d:46:34:dc:
                    55:ac:30:f7:88:34:0a:82:c4:cb:99:1a:97:df:10:
                    1a:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:72:C5:06:1B:77:9C:FE:DD:9D:4B:F8:BA:72:60:7F:28:3C:5E:5B
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/zHLFBht3nP7dnUv4unJgfyg8Xls.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:3d:6c:bd:f8:3c:8e:0b:2f:58:76:d5:b1:a6:fa:a3:e1:e5:
         8a:3a:d9:02:1d:a4:d4:51:3d:3e:9c:cd:24:e0:47:9b:b3:7e:
         68:0e:7b:24:4e:a6:8a:89:5c:0b:22:29:14:28:ef:42:ef:7c:
         5f:8b:a2:d1:0d:70:62:e6:24:32:e0:1a:aa:be:19:fd:79:1b:
         97:0b:cc:72:ec:a7:71:b7:d7:d3:52:a2:00:11:1b:49:aa:75:
         87:b6:28:f3:9d:33:63:26:2c:fe:2e:7d:2e:e6:56:e3:35:ff:
         aa:6d:9f:d3:70:43:74:0d:e6:4b:64:c8:fd:6b:a7:cc:23:5c:
         8c:4a:39:bc:89:4b:04:3e:70:c0:bb:8f:6b:94:1f:3e:99:c6:
         0a:e4:2f:71:75:a7:66:69:cb:69:91:0d:4d:db:3b:85:43:f8:
         90:60:7a:b4:2b:c5:60:da:f3:47:fd:d7:1e:17:cf:6e:00:13:
         12:3d:ba:f4:3d:13:34:1c:32:6a:b1:82:00:42:e7:e8:87:e8:
         a3:8c:64:c7:47:20:13:1e:86:c3:c6:86:39:c3:27:b0:81:aa:
         4e:20:d9:55:24:97:b7:19:3f:c7:b8:46:89:b7:a1:3b:c4:2a:
         51:e0:a8:a5:bf:a7:13:1a:01:04:04:64:51:97:ff:88:c4:1c:
         5b:81:05:a1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCZ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMTAyMDcx
MzA5NTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENDNzJDNTA2MUI3NzlD
RkVERDlENEJGOEJBNzI2MDdGMjgzQzVFNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfYy1O7zjhKmsHQqBlzwjcZj86lGzn/7vybRgXncl+AfLrx6SR
Tm5RtzQQ8cVsuqv0gQa0ahaHOljZW7BL1Lfb7NuXm5JQOhbwcxsxcOYYVZQKUyCY
9tw6tQYBwnLd9oAcQxJyYDU0gt4BZkCekOkXqlJ0Mhy0vH7eFpcx39LcaKGD671h
WQqpYxHgiUgUGNXGZdx7De0DHuNX8yjszEg0UOSiZwFMrBFup48vFQGnY0P/LoH7
t3//3CuFfkaGFDSrLokKAjCuWXxtLIx9Tq+3cHQ5HCN90XM4iY3Tphn6V19e/c3L
PRjLiZqvPUY03FWsMPeINAqCxMuZGpffEBqNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUzHLFBht3nP7dnUv4unJgfyg8XlswHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vekhMRkJodDNuUDdkblV2NHVuSmdm
eWc4WGxzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKzAN
BgkqhkiG9w0BAQsFAAOCAQEASD1svfg8jgsvWHbVsab6o+HlijrZAh2k1FE9PpzN
JOBHm7N+aA57JE6miolcCyIpFCjvQu98X4ui0Q1wYuYkMuAaqr4Z/XkblwvMcuyn
cbfX01KiABEbSap1h7Yo850zYyYs/i59LuZW4zX/qm2f03BDdA3mS2TI/WunzCNc
jEo5vIlLBD5wwLuPa5QfPpnGCuQvcXWnZmnLaZENTds7hUP4kGB6tCvFYNrzR/3X
HhfPbgATEj269D0TNBwyarGCAELn6Ifoo4xkx0cgEx6Gw8aGOcMnsIGqTiDZVSSX
txk/x7hGibehO8QqUeCopb+nExoBBARkUZf/iMQcW4EFoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org