Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/h6o5A5Hv9iUd1T7ViNXPhIw2cAg.roa
File:                     h6o5A5Hv9iUd1T7ViNXPhIw2cAg.roa (raw, json)
Hash identifier:          PCc906MFlNAdkEgCYDLfQ27etGsQOQIyFn/YvqLJ6Ug=
Subject key identifier:   87:AA:39:03:91:EF:F6:25:1D:D5:3E:D5:88:D5:CF:84:8C:36:70:08
Certificate issuer:       /CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Certificate serial:       08BE
Authority key identifier: 00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/h6o5A5Hv9iUd1T7ViNXPhIw2cAg.roa
Signing time:             Thu 31 Dec 2020 02:55:11 +0000
ROA not before:           Thu 31 Dec 2020 02:55:11 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38047
IP address blocks:        2402:c340:eeee::/48 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2238 (0x8be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
        Validity
            Not Before: Dec 31 02:55:11 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=87AA390391EFF6251DD53ED588D5CF848C367008
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:12:00:23:bf:43:ac:32:0e:f0:a5:2e:a8:55:
                    fc:86:80:14:cb:ed:51:45:7c:25:3f:f5:4d:d2:dc:
                    12:0f:10:a3:80:4b:29:97:fa:41:2d:f8:19:bf:f6:
                    50:34:fb:de:7c:d4:3a:1b:48:f9:b4:8c:d8:20:2a:
                    92:32:da:e2:1e:22:22:71:f5:99:eb:05:8e:74:a1:
                    41:0b:a9:e8:05:61:6f:16:73:07:f0:4c:91:10:ae:
                    67:b6:7b:96:c8:f3:57:e0:7c:e0:44:78:2e:85:94:
                    96:6f:8f:6f:1c:b2:b9:6e:56:72:ff:ea:3a:5a:54:
                    f5:63:f7:3d:3a:a0:2e:3a:43:2d:88:3d:3d:8f:3d:
                    a0:67:8d:4b:9d:fa:46:fa:d7:df:3c:fc:95:02:41:
                    e9:cb:60:e8:f3:d0:4d:91:37:d6:a3:14:27:e3:f9:
                    cd:9a:5e:5f:16:9c:4f:39:06:3b:5e:ae:22:a8:a4:
                    67:fd:14:7e:3f:a6:c2:bb:e6:65:fe:13:ba:8c:fd:
                    c2:4b:5f:bc:e9:66:23:d5:2d:08:e7:b0:bd:45:92:
                    54:03:f6:f8:ce:1b:5b:ab:6a:12:8c:aa:78:1e:09:
                    b7:84:35:ac:3c:ef:0c:18:24:1f:f5:7f:a7:63:e4:
                    6e:c8:57:4e:d7:10:93:40:da:c4:39:f1:d3:a9:77:
                    b5:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:AA:39:03:91:EF:F6:25:1D:D5:3E:D5:88:D5:CF:84:8C:36:70:08
            X509v3 Authority Key Identifier:
                keyid:00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/AFcumcZO1lL6gdUB76Fs-dRK6Zw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/h6o5A5Hv9iUd1T7ViNXPhIw2cAg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:c340:eeee::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:d7:f4:c1:62:7f:c6:be:ce:44:d1:45:c2:3a:c2:90:8f:66:
         8f:ee:43:8a:c9:5c:9e:e0:47:2e:38:a7:9f:87:8c:af:34:ca:
         df:ae:ef:b1:b7:65:61:1a:02:41:c1:d3:bf:ae:86:ac:61:cf:
         22:f4:38:ae:1f:2f:ef:6e:85:e7:6d:02:d7:88:7a:0d:af:95:
         de:fd:a2:83:06:f1:33:59:5e:fe:15:4d:83:64:ef:e3:26:ee:
         1c:d1:87:7b:ec:e1:87:68:13:b2:44:f6:5b:f2:c9:cb:58:b6:
         c5:b8:80:95:eb:60:e3:0d:70:5f:84:9a:80:11:68:3f:49:5b:
         55:b1:f4:22:49:64:9e:5b:61:56:63:9f:d6:b2:56:6e:ac:35:
         0b:0f:3f:1f:d1:2b:3b:94:17:6f:d0:e5:0c:c6:ef:bc:bb:d5:
         63:03:6d:eb:56:d2:86:29:ab:82:73:63:1f:89:0c:ef:a8:30:
         0c:4f:00:8a:dc:38:ab:01:a4:88:52:c6:5a:51:7c:5a:31:b7:
         4c:b7:da:05:8c:22:1d:17:ac:fc:d2:2d:4c:eb:49:be:46:55:
         84:a0:b4:d7:60:62:da:ba:8f:c2:66:52:e6:d2:db:6a:2e:27:
         c9:c1:66:a7:67:be:af:1c:88:c3:bf:2a:60:0a:b6:55:16:3a:
         4e:d9:b4:19
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDA1
NzJFOTlDNjRFRDY1MkZBODFENTAxRUZBMTZDRjlENDRBRTk5QzAeFw0yMDEyMzEw
MjU1MTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg3QUEzOTAzOTFFRkY2
MjUxREQ1M0VENTg4RDVDRjg0OEMzNjcwMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4EgAjv0OsMg7wpS6oVfyGgBTL7VFFfCU/9U3S3BIPEKOASymX
+kEt+Bm/9lA0+9581DobSPm0jNggKpIy2uIeIiJx9ZnrBY50oUELqegFYW8Wcwfw
TJEQrme2e5bI81fgfOBEeC6FlJZvj28csrluVnL/6jpaVPVj9z06oC46Qy2IPT2P
PaBnjUud+kb61988/JUCQenLYOjz0E2RN9ajFCfj+c2aXl8WnE85BjteriKopGf9
FH4/psK75mX+E7qM/cJLX7zpZiPVLQjnsL1FklQD9vjOG1urahKMqngeCbeENaw8
7wwYJB/1f6dj5G7IV07XEJNA2sQ58dOpd7X9AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUh6o5A5Hv9iUd1T7ViNXPhIw2cAgwHwYDVR0jBBgwFoAUAFcumcZO1lL6gdUB
76Fs+dRK6ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNI
RU5HL0FGY3VtY1pPMWxMNmdkVUI3NkZzLWRSSzZady5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvQUZjdW1jWk8xbEw2Z2RVQjc2RnMtZFJLNlp3LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNIRU5HL2g2bzVBNUh2OWlV
ZDFUN1ZpTlhQaEl3MmNBZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAkAsNA7u4wDQYJKoZIhvcNAQELBQADggEBABfX9MFif8a+zkTRRcI6wpCP
Zo/uQ4rJXJ7gRy44p5+HjK80yt+u77G3ZWEaAkHB07+uhqxhzyL0OK4fL+9uhedt
AteIeg2vld79ooMG8TNZXv4VTYNk7+Mm7hzRh3vs4YdoE7JE9lvyyctYtsW4gJXr
YOMNcF+EmoARaD9JW1Wx9CJJZJ5bYVZjn9ayVm6sNQsPPx/RKzuUF2/Q5QzG77y7
1WMDbetW0oYpq4JzYx+JDO+oMAxPAIrcOKsBpIhSxlpRfFoxt0y32gWMIh0XrPzS
LUzrSb5GVYSgtNdgYtq6j8JmUubS22ouJ8nBZqdnvq8ciMO/KmAKtlUWOk7ZtBk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org