Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/zviFdjHLm_et12jJeZL2IR3cbS8.roa
File:                     zviFdjHLm_et12jJeZL2IR3cbS8.roa (raw, json)
Hash identifier:          nQRh/+6mimqjve2fp76LASMtxMg2EIKZN+0Utt8oe/Y=
Subject key identifier:   CE:F8:85:76:31:CB:9B:F7:AD:D7:68:C9:79:92:F6:21:1D:DC:6D:2F
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/zviFdjHLm_et12jJeZL2IR3cbS8.roa
Signing time:             Thu 15 Sep 2022 02:42:30 +0000
ROA not before:           Thu 15 Sep 2022 02:42:30 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38843
IP address blocks:        223.27.39.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2985 (0xba9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Sep 15 02:42:30 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=CEF8857631CB9BF7ADD768C97992F6211DDC6D2F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:4b:1a:f6:f5:17:9a:4f:c2:fa:37:e5:81:02:
                    25:0a:09:40:2b:17:ce:ee:19:5a:43:20:e6:e7:65:
                    2c:61:7c:ff:8b:9d:d7:e0:b6:a4:1d:14:06:8d:e5:
                    49:23:92:d2:4a:95:03:de:5b:a7:69:20:c2:23:17:
                    af:27:a5:7a:b3:d7:f7:53:35:04:af:2f:8e:40:4b:
                    ca:f8:56:d5:1c:7d:9a:8f:92:7b:96:d1:7f:ca:e2:
                    c1:ca:7c:70:4a:3a:68:4d:c6:a6:0e:42:60:83:d4:
                    37:96:bb:aa:67:77:d4:81:53:6a:d1:bf:23:6a:da:
                    ed:58:7a:5d:97:76:52:1b:41:3a:d2:78:f1:56:68:
                    6c:cb:ff:3c:9e:bc:fe:79:c1:5b:fd:15:3c:ee:b4:
                    4e:a2:38:63:a3:b9:cb:9f:7e:8c:5c:f3:b9:0f:13:
                    ce:d9:4a:5e:94:f6:ac:eb:34:de:1f:ed:63:7d:df:
                    87:cc:84:ed:13:78:96:a0:84:57:83:3a:19:d1:95:
                    43:1b:78:f8:b0:45:b3:e8:9b:2e:f6:a5:04:79:3a:
                    25:2b:83:2c:64:1b:2c:d1:29:5e:40:1a:72:8f:04:
                    e0:b4:75:8b:bb:1d:f9:59:af:20:94:60:a2:39:d6:
                    d2:eb:80:c5:55:f7:2f:9c:a2:f7:30:20:f0:62:ae:
                    35:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F8:85:76:31:CB:9B:F7:AD:D7:68:C9:79:92:F6:21:1D:DC:6D:2F
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/zviFdjHLm_et12jJeZL2IR3cbS8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:b6:e8:32:f0:85:8e:fd:c1:11:9c:d9:64:11:a1:f0:8f:d4:
         ae:c9:36:a5:a2:e3:41:32:48:fb:8f:a9:f3:c2:9f:1d:67:36:
         9a:ec:0d:1e:2a:8c:b1:fe:ed:64:f7:01:bb:8d:8c:28:0d:a3:
         83:7b:03:b5:33:13:fc:f1:7e:b2:98:b8:58:6e:39:b1:2a:39:
         9b:9d:93:0f:15:d6:23:58:b1:63:84:bc:67:cd:07:84:f7:16:
         ec:f9:84:40:c8:97:21:74:6c:6d:ca:8e:d7:0a:7c:5d:c7:2e:
         52:fb:d7:77:5f:b6:9f:ad:71:c0:bf:e2:a5:b1:32:e4:cb:f6:
         13:50:83:ad:5d:c3:bb:ea:b8:e9:9a:62:1d:32:81:4b:90:97:
         34:6d:7b:66:74:78:5c:3f:ac:58:f7:3c:76:c1:55:1f:f5:1f:
         ec:da:26:a3:cb:56:48:a5:9d:27:e0:d0:f7:32:cc:a2:91:97:
         77:34:3b:48:57:7f:61:87:b0:6c:e6:4c:b4:c1:2c:61:79:40:
         8e:24:59:6b:8e:6c:2f:c4:99:24:61:a6:0b:26:fd:71:29:21:
         97:00:bc:c2:2d:05:52:cc:31:49:a3:58:13:7a:d3:ba:9e:9a:
         96:94:0e:b3:f5:47:e2:52:47:95:db:fe:b6:76:fe:c5:91:e4:
         d0:8e:49:3a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENFRjg4NTc2MzFDQjlC
RjdBREQ3NjhDOTc5OTJGNjIxMUREQzZEMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOSxr29ReaT8L6N+WBAiUKCUArF87uGVpDIObnZSxhfP+Lndfg
tqQdFAaN5UkjktJKlQPeW6dpIMIjF68npXqz1/dTNQSvL45AS8r4VtUcfZqPknuW
0X/K4sHKfHBKOmhNxqYOQmCD1DeWu6pnd9SBU2rRvyNq2u1Yel2XdlIbQTrSePFW
aGzL/zyevP55wVv9FTzutE6iOGOjucuffoxc87kPE87ZSl6U9qzrNN4f7WN934fM
hO0TeJaghFeDOhnRlUMbePiwRbPomy72pQR5OiUrgyxkGyzRKV5AGnKPBOC0dYu7
HflZryCUYKI51tLrgMVV9y+covcwIPBirjUNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUzviFdjHLm/et12jJeZL2IR3cbS8wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8venZpRmRqSExtX2V0MTJqSmVaTDJJ
UjNjYlM4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bJzAN
BgkqhkiG9w0BAQsFAAOCAQEAKLboMvCFjv3BEZzZZBGh8I/Ursk2paLjQTJI+4+p
88KfHWc2muwNHiqMsf7tZPcBu42MKA2jg3sDtTMT/PF+spi4WG45sSo5m52TDxXW
I1ixY4S8Z80HhPcW7PmEQMiXIXRsbcqO1wp8XccuUvvXd1+2n61xwL/ipbEy5Mv2
E1CDrV3Du+q46ZpiHTKBS5CXNG17ZnR4XD+sWPc8dsFVH/Uf7Nomo8tWSKWdJ+DQ
9zLMopGXdzQ7SFd/YYewbOZMtMEsYXlAjiRZa45sL8SZJGGmCyb9cSkhlwC8wi0F
UswxSaNYE3rTup6alpQOs/VH4lJHldv+tnb+xZHk0I5JOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org