Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/rk_hzTew2CnwI3hnRGidl-qDt3M.roa
File:                     rk_hzTew2CnwI3hnRGidl-qDt3M.roa (raw, json)
Hash identifier:          vgxKK9pSIqb7I92r+gCDQ0KpJhSYz80C6V/nDXbHTDE=
Subject key identifier:   AE:4F:E1:CD:37:B0:D8:29:F0:23:78:67:44:68:9D:97:EA:83:B7:73
Certificate issuer:       /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial:       0E2C
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/rk_hzTew2CnwI3hnRGidl-qDt3M.roa
Signing time:             Tue 29 Sep 2020 09:58:12 +0000
ROA not before:           Tue 29 Sep 2020 09:58:12 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131631
IP address blocks:        2403:aac0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3628 (0xe2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
        Validity
            Not Before: Sep 29 09:58:12 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=AE4FE1CD37B0D829F023786744689D97EA83B773
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cd:b8:ea:84:e2:05:b6:67:e4:fb:e0:93:37:
                    a2:1a:ca:76:b4:d2:f3:d1:75:4b:44:73:2d:bc:e0:
                    cb:0a:4c:e9:d3:78:1d:d4:31:84:6c:af:3a:33:5c:
                    bf:3e:c2:a3:0f:97:93:99:46:94:67:ba:4d:2f:c3:
                    09:2e:d9:c9:47:6a:a8:61:ad:74:4d:be:15:21:f1:
                    d1:61:a1:85:4c:53:a7:24:a1:13:b7:ba:60:17:c2:
                    f8:b6:b8:0f:69:03:53:12:cc:6b:43:67:0f:b3:11:
                    1d:07:50:a3:36:4d:e3:fd:5f:9f:69:2e:72:6e:9e:
                    0a:7c:7a:9d:d9:5f:d3:9a:e2:a9:35:c2:0a:70:cd:
                    f0:77:87:a9:71:2a:66:48:6f:64:e9:34:36:fe:a0:
                    96:7d:e5:f5:70:80:2c:bd:29:0e:4b:51:ae:d3:25:
                    62:aa:15:43:8e:d4:6f:48:64:68:e3:61:a5:b6:8b:
                    16:d5:28:8e:97:4f:21:40:e0:fd:4f:13:a6:ac:68:
                    a4:a5:0d:bf:c7:e0:8d:84:c0:bd:de:bf:02:9e:7e:
                    8b:d5:c8:12:03:ca:83:e8:98:95:ac:e4:48:13:a5:
                    e8:ff:e1:05:b0:7e:e1:47:fa:17:f0:d6:e9:dd:bc:
                    1f:e7:a6:03:15:9d:5c:bd:12:8f:02:f7:ce:ae:d1:
                    36:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:4F:E1:CD:37:B0:D8:29:F0:23:78:67:44:68:9D:97:EA:83:B7:73
            X509v3 Authority Key Identifier:
                keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/rk_hzTew2CnwI3hnRGidl-qDt3M.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:aac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:f1:7c:04:ed:48:1f:8f:95:f3:5c:0f:6a:97:f4:b8:0e:05:
         f0:97:d8:66:70:4a:f9:0b:b9:54:1d:ec:e8:a0:08:85:70:aa:
         8c:81:79:e7:af:8f:4e:0c:58:4f:ff:16:cc:8d:b9:ce:92:48:
         b2:26:aa:ef:ca:f3:bb:c1:d5:35:6c:54:66:b6:3e:19:cb:49:
         5f:5c:68:5a:cf:40:e8:26:6f:2b:30:5b:07:80:d0:5c:70:f6:
         6a:16:85:fb:8a:f4:2a:eb:b8:02:f2:7b:13:42:42:eb:2f:1f:
         fc:cd:09:f6:74:29:92:3b:59:38:fb:55:dc:7b:e8:01:01:7c:
         ae:be:85:b1:35:ee:93:0a:86:61:aa:54:bc:4c:9f:db:9d:12:
         f7:15:6c:52:b6:39:3d:6b:94:14:00:cc:d4:e4:86:bc:83:c1:
         db:35:1f:b3:5d:f8:2c:7d:05:87:2d:ef:68:e6:bb:c5:42:af:
         b4:b8:be:06:a6:84:49:b8:55:0f:1c:ee:63:e7:60:8f:a4:98:
         17:e1:4a:72:03:01:3d:27:aa:9b:e6:82:9c:ca:d4:5d:0b:51:
         9b:cd:65:d6:15:cd:d4:82:d9:af:7e:78:48:81:a5:e2:72:69:
         70:f3:c4:32:0c:28:39:64:6a:b6:fa:c2:14:86:21:08:af:a6:
         2b:74:94:ac
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICDiwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yMDA5Mjkw
OTU4MTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFFNEZFMUNEMzdCMEQ4
MjlGMDIzNzg2NzQ0Njg5RDk3RUE4M0I3NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIzbjqhOIFtmfk++CTN6Iayna00vPRdUtEcy284MsKTOnTeB3U
MYRsrzozXL8+wqMPl5OZRpRnuk0vwwku2clHaqhhrXRNvhUh8dFhoYVMU6ckoRO3
umAXwvi2uA9pA1MSzGtDZw+zER0HUKM2TeP9X59pLnJungp8ep3ZX9Oa4qk1wgpw
zfB3h6lxKmZIb2TpNDb+oJZ95fVwgCy9KQ5LUa7TJWKqFUOO1G9IZGjjYaW2ixbV
KI6XTyFA4P1PE6asaKSlDb/H4I2EwL3evwKefovVyBIDyoPomJWs5EgTpej/4QWw
fuFH+hfw1undvB/npgMVnVy9Eo8C986u0TYBAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUrk/hzTew2CnwI3hnRGidl+qDt3MwHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC9ya19oelRldzJDbndJM2huUkdp
ZGwtcUR0M00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAOq
wDANBgkqhkiG9w0BAQsFAAOCAQEAjPF8BO1IH4+V81wPapf0uA4F8JfYZnBK+Qu5
VB3s6KAIhXCqjIF556+PTgxYT/8WzI25zpJIsiaq78rzu8HVNWxUZrY+GctJX1xo
Ws9A6CZvKzBbB4DQXHD2ahaF+4r0Kuu4AvJ7E0JC6y8f/M0J9nQpkjtZOPtV3Hvo
AQF8rr6FsTXukwqGYapUvEyf250S9xVsUrY5PWuUFADM1OSGvIPB2zUfs134LH0F
hy3vaOa7xUKvtLi+BqaESbhVDxzuY+dgj6SYF+FKcgMBPSeqm+aCnMrUXQtRm81l
1hXN1ILZr354SIGl4nJpcPPEMgwoOWRqtvrCFIYhCK+mK3SUrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org