Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/GeZFpc0BnDR6B6MPzUNA0fnvUZc.roa
File:                     GeZFpc0BnDR6B6MPzUNA0fnvUZc.roa (raw, json)
Hash identifier:          bkeR8IZddjG4HXJ5xc9JgXMytZBNzLz+3wZtA0QAwtg=
Subject key identifier:   19:E6:45:A5:CD:01:9C:34:7A:07:A3:0F:CD:43:40:D1:F9:EF:51:97
Certificate issuer:       /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial:       08D4
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/GeZFpc0BnDR6B6MPzUNA0fnvUZc.roa
Signing time:             Sun 07 Feb 2021 11:55:29 +0000
ROA not before:           Sun 07 Feb 2021 11:55:29 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18182
IP address blocks:        61.64.128.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2260 (0x8d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
        Validity
            Not Before: Feb  7 11:55:29 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=19E645A5CD019C347A07A30FCD4340D1F9EF5197
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:38:af:e5:ba:1c:90:9b:86:4d:7b:ac:20:ca:
                    58:82:70:64:f9:94:e6:ff:ab:24:49:b3:7f:d2:2d:
                    f7:4c:6a:9c:7c:db:56:4f:43:3d:cf:52:81:84:b9:
                    e7:9d:09:04:60:30:4f:00:63:a2:19:44:2c:da:23:
                    26:ae:eb:85:60:43:d5:19:d3:fe:95:6c:17:40:4c:
                    1e:b6:40:f5:80:1d:45:dc:1b:27:ff:bb:67:06:a3:
                    8e:eb:79:cb:55:dd:df:4d:4e:39:05:32:5d:5a:de:
                    f1:93:87:e1:d2:9a:21:2f:e6:25:51:b4:ed:5c:a9:
                    6d:55:e1:74:3a:dc:c0:86:9f:33:5c:8f:dd:e4:86:
                    a2:3b:a2:a5:e0:e9:5f:cc:41:8d:a1:14:85:3f:59:
                    74:6b:83:1e:73:7b:b5:93:45:43:27:e2:3a:9a:35:
                    bc:1e:a3:d5:12:9d:a4:7f:9d:fa:52:da:57:1f:8a:
                    ac:ab:d6:ce:8e:ec:e7:09:26:29:47:d9:38:a8:f6:
                    03:4a:12:b7:f6:1c:df:7b:e9:77:c8:52:1d:f9:06:
                    ed:89:b1:e7:4b:ef:94:ec:b6:ee:9c:2e:e3:ec:20:
                    a7:3a:64:ed:7e:ad:50:74:5a:6c:ec:9b:ca:a6:b8:
                    66:0b:af:0a:cf:ef:ea:24:63:9a:28:8d:a0:ef:54:
                    28:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:E6:45:A5:CD:01:9C:34:7A:07:A3:0F:CD:43:40:D1:F9:EF:51:97
            X509v3 Authority Key Identifier:
                keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/GeZFpc0BnDR6B6MPzUNA0fnvUZc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.64.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         9e:a5:9f:c9:f9:25:80:c0:36:f6:c2:bc:9f:bc:c6:5e:d6:e2:
         13:6b:b6:6d:4e:b3:8a:c8:2f:27:45:8f:3f:a1:16:ab:21:20:
         2e:b7:1c:8c:54:89:4d:06:88:ff:1f:4f:be:23:58:fd:92:fa:
         aa:1d:0d:ab:c6:34:04:ae:ee:8f:e2:7e:85:60:dd:98:a1:03:
         aa:19:89:1b:18:6d:c6:6b:21:a1:95:7f:a8:8c:bd:22:d4:35:
         92:28:c3:2f:3b:9f:e8:15:7e:df:dc:3b:c6:f6:35:04:28:b3:
         7b:08:b9:7b:da:ab:49:04:87:d6:89:00:e6:f8:2e:48:4f:fa:
         f7:36:7b:40:63:9a:b0:31:e5:38:37:33:58:1a:23:bd:f2:79:
         98:2e:40:b6:a5:b9:6d:ef:af:90:92:c1:74:40:2e:83:65:0d:
         e7:6c:20:b1:90:2f:c4:3d:4d:31:a6:78:c8:ee:17:f0:50:63:
         ae:31:bc:ec:a2:a9:cb:6e:f8:72:60:3b:76:61:c0:8d:e6:9d:
         b5:0a:ee:b8:0b:a3:9a:4e:24:33:ab:23:44:c9:a2:a4:54:27:
         90:bb:89:ed:12:c9:ad:df:71:8d:6c:6b:3d:09:33:44:33:eb:
         c1:b0:fc:32:eb:b2:c3:c3:b9:51:76:13:38:bd:1e:d3:f7:fd:
         1d:64:00:99
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCNQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yMTAyMDcx
MTU1MjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDE5RTY0NUE1Q0QwMTlD
MzQ3QTA3QTMwRkNENDM0MEQxRjlFRjUxOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClOK/luhyQm4ZNe6wgyliCcGT5lOb/qyRJs3/SLfdMapx821ZP
Qz3PUoGEueedCQRgME8AY6IZRCzaIyau64VgQ9UZ0/6VbBdATB62QPWAHUXcGyf/
u2cGo47rectV3d9NTjkFMl1a3vGTh+HSmiEv5iVRtO1cqW1V4XQ63MCGnzNcj93k
hqI7oqXg6V/MQY2hFIU/WXRrgx5ze7WTRUMn4jqaNbweo9USnaR/nfpS2lcfiqyr
1s6O7OcJJilH2Tio9gNKErf2HN976XfIUh35Bu2JsedL75Tstu6cLuPsIKc6ZO1+
rVB0Wmzsm8qmuGYLrwrP7+okY5oojaDvVCj5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUGeZFpc0BnDR6B6MPzUNA0fnvUZcwHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9HZVpGcGMwQm5EUjZCNk1QelVO
QTBmbnZVWmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHPUCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCepZ/J+SWAwDb2wryfvMZe1uITa7ZtTrOKyC8n
RY8/oRarISAutxyMVIlNBoj/H0++I1j9kvqqHQ2rxjQEru6P4n6FYN2YoQOqGYkb
GG3GayGhlX+ojL0i1DWSKMMvO5/oFX7f3DvG9jUEKLN7CLl72qtJBIfWiQDm+C5I
T/r3NntAY5qwMeU4NzNYGiO98nmYLkC2pblt76+QksF0QC6DZQ3nbCCxkC/EPU0x
pnjI7hfwUGOuMbzsoqnLbvhyYDt2YcCN5p21Cu64C6OaTiQzqyNEyaKkVCeQu4nt
Esmt33GNbGs9CTNEM+vBsPwy67LDw7lRdhM4vR7T9/0dZACZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:20 2024 by rpki-client on console-ams.rpki-client.org