Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/2vDgNy_Cesn5LHnXFTNQ-ywtN6A.roa
File:                     2vDgNy_Cesn5LHnXFTNQ-ywtN6A.roa (raw, json)
Hash identifier:          zYZrudvYYG4GmqcX3hIffkZFMH34N7IKCPg+8Dmjcek=
Subject key identifier:   DA:F0:E0:37:2F:C2:7A:C9:F9:2C:79:D7:15:33:50:FB:2C:2D:37:A0
Certificate issuer:       /CN=01A53261B2001FA7EB57793E2E579B7322F8E76A
Certificate serial:       09C0
Authority key identifier: 01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/2vDgNy_Cesn5LHnXFTNQ-ywtN6A.roa
Signing time:             Wed 29 Sep 2021 02:38:36 +0000
ROA not before:           Wed 29 Sep 2021 02:38:36 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9676
IP address blocks:        61.58.192.0/18 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2496 (0x9c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01A53261B2001FA7EB57793E2E579B7322F8E76A
        Validity
            Not Before: Sep 29 02:38:36 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=DAF0E0372FC27AC9F92C79D7153350FB2C2D37A0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:61:e7:75:7a:72:39:74:8f:48:8b:2a:50:f7:
                    d7:58:31:36:05:49:2e:dd:81:dd:7d:15:91:39:e5:
                    be:16:9e:31:b6:40:b0:e1:94:e9:42:0d:47:a9:d1:
                    99:80:ca:4c:2e:72:e9:2f:d7:a8:37:9a:6d:2a:75:
                    d9:4c:a5:50:48:85:d2:63:f6:5d:56:e2:4f:44:aa:
                    4b:32:00:44:e0:1a:86:80:8a:68:1b:f9:bf:68:0a:
                    d1:55:03:ca:af:a2:08:9b:81:23:db:7c:1a:7c:9e:
                    f7:ab:3b:51:eb:ec:7e:c6:d5:61:ab:c1:23:17:f2:
                    f6:ff:5f:95:ac:0a:71:dc:ff:92:70:ba:36:3c:88:
                    da:9f:eb:df:d8:32:40:9a:f3:a2:13:67:32:9a:98:
                    0b:50:33:ed:c9:09:55:f4:da:bf:f3:f8:b9:3c:8e:
                    69:98:b5:cc:d2:af:e1:39:15:e6:4f:a5:48:d3:dd:
                    cf:70:64:f9:2a:b0:99:28:dd:d9:c9:88:5f:00:5e:
                    3e:47:28:e6:99:1c:d0:7e:8e:2f:9d:0e:20:cd:5e:
                    3d:0b:4a:44:7f:d2:38:85:e9:79:db:d2:1a:c6:32:
                    f9:5f:e6:9a:07:96:3c:18:bc:58:c5:22:ac:54:f1:
                    53:55:c5:e8:e5:22:2e:98:f5:33:35:7b:50:b6:bb:
                    8d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:F0:E0:37:2F:C2:7A:C9:F9:2C:79:D7:15:33:50:FB:2C:2D:37:A0
            X509v3 Authority Key Identifier:
                keyid:01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/2vDgNy_Cesn5LHnXFTNQ-ywtN6A.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.58.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         7c:66:30:00:d8:76:72:1a:33:70:e3:23:16:b7:85:30:3f:9c:
         58:1a:07:c8:d9:fc:86:99:9c:b8:3c:56:40:87:2f:06:65:be:
         08:8f:d8:78:a1:68:37:d2:d3:68:38:bd:b9:3f:ca:78:84:f3:
         1c:01:e7:b4:d1:af:b5:aa:77:34:53:42:ba:01:b2:70:fe:2f:
         b1:8c:2d:4a:74:f3:96:aa:f1:76:e4:e8:39:79:66:7d:05:c3:
         02:81:67:90:97:6f:ad:0f:b0:61:79:c8:35:1f:a3:80:4e:3b:
         2e:9f:b9:ac:1d:92:c3:d0:1d:ae:54:f4:c2:78:0e:58:8d:d6:
         1d:5f:91:c4:74:e2:c9:cb:0f:06:d7:67:57:fe:17:a8:16:8e:
         c2:99:c0:27:59:0b:04:0e:71:d0:93:89:03:a5:81:3c:59:21:
         40:1b:3d:22:a1:56:b0:85:d3:2a:dd:5a:0b:6b:54:6d:c2:32:
         9e:67:2e:6f:57:01:05:d6:8c:09:a7:d6:f6:2d:7c:ac:54:75:
         dd:71:99:c6:d1:ed:45:91:af:2c:9b:aa:d7:d8:e3:fd:ec:dd:
         35:f1:c1:3e:5f:97:40:15:f5:06:3d:19:52:a7:ec:46:3f:27:
         22:f8:1d:0b:2b:77:89:d7:c6:69:ee:e3:c3:6c:14:e6:7f:de:
         80:22:85:ee
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDFB
NTMyNjFCMjAwMUZBN0VCNTc3OTNFMkU1NzlCNzMyMkY4RTc2QTAeFw0yMTA5Mjkw
MjM4MzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERBRjBFMDM3MkZDMjdB
QzlGOTJDNzlENzE1MzM1MEZCMkMyRDM3QTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKYed1enI5dI9IiypQ99dYMTYFSS7dgd19FZE55b4WnjG2QLDh
lOlCDUep0ZmAykwucukv16g3mm0qddlMpVBIhdJj9l1W4k9EqksyAETgGoaAimgb
+b9oCtFVA8qvogibgSPbfBp8nverO1Hr7H7G1WGrwSMX8vb/X5WsCnHc/5JwujY8
iNqf69/YMkCa86ITZzKamAtQM+3JCVX02r/z+Lk8jmmYtczSr+E5FeZPpUjT3c9w
ZPkqsJko3dnJiF8AXj5HKOaZHNB+ji+dDiDNXj0LSkR/0jiF6Xnb0hrGMvlf5poH
ljwYvFjFIqxU8VNVxejlIi6Y9TM1e1C2u42bAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2vDgNy/Cesn5LHnXFTNQ+ywtN6AwHwYDVR0jBBgwFoAUAaUyYbIAH6frV3k+
LlebcyL452owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FWRUNP
TS9BYVV5WWJJQUg2ZnJWM2stTGxlYmN5TDQ1Mm8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0FhVXlZYklBSDZmclYzay1MbGViY3lMNDUyby5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBVkVDT00vMnZEZ055X0Nlc241TEhu
WEZUTlEteXd0TjZBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Bj06wDANBgkqhkiG9w0BAQsFAAOCAQEAfGYwANh2chozcOMjFreFMD+cWBoHyNn8
hpmcuDxWQIcvBmW+CI/YeKFoN9LTaDi9uT/KeITzHAHntNGvtap3NFNCugGycP4v
sYwtSnTzlqrxduToOXlmfQXDAoFnkJdvrQ+wYXnINR+jgE47Lp+5rB2Sw9AdrlT0
wngOWI3WHV+RxHTiycsPBtdnV/4XqBaOwpnAJ1kLBA5x0JOJA6WBPFkhQBs9IqFW
sIXTKt1aC2tUbcIynmcub1cBBdaMCafW9i18rFR13XGZxtHtRZGvLJuq19jj/ezd
NfHBPl+XQBX1Bj0ZUqfsRj8nIvgdCyt3idfGae7jw2wU5n/egCKF7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org