Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/lV8oy3z5gvJKpvVw9_5fAScsJzQ.roa
File:                     lV8oy3z5gvJKpvVw9_5fAScsJzQ.roa (raw, json)
Hash identifier:          uDhox+HeC37HBJlrAzK/fbPdDkugmavA/gDernDr7Hw=
Subject key identifier:   95:5F:28:CB:7C:F9:82:F2:4A:A6:F5:70:F7:FE:5F:01:27:2C:27:34
Certificate issuer:       /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial:       0A6C
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/lV8oy3z5gvJKpvVw9_5fAScsJzQ.roa
Signing time:             Thu 15 Sep 2022 02:49:21 +0000
ROA not before:           Thu 15 Sep 2022 02:49:21 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18182
IP address blocks:        61.56.128.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2668 (0xa6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
        Validity
            Not Before: Sep 15 02:49:21 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=955F28CB7CF982F24AA6F570F7FE5F01272C2734
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:fa:24:d1:a8:28:48:76:81:6f:1a:62:03:83:
                    90:ca:b5:ad:0e:2e:15:ea:97:03:94:29:28:3d:5b:
                    76:ac:4a:a3:89:5e:5f:a4:cc:d1:53:b4:64:89:52:
                    b5:a2:81:f5:dd:d5:b1:81:52:13:56:d1:7f:3b:2d:
                    c6:50:6c:59:7c:f9:ae:d7:8c:d3:be:ec:ca:66:ee:
                    fb:50:94:83:85:2f:83:96:1d:29:95:70:a5:f7:9a:
                    da:c4:94:95:4a:c2:de:78:3e:81:b5:40:f9:3b:5a:
                    29:dc:08:ce:c5:93:57:71:6f:74:2d:06:38:25:34:
                    8a:11:17:37:c4:ef:ad:a7:67:40:b0:8c:f1:a1:9e:
                    f1:7f:13:c9:d3:a2:40:13:fe:f8:71:43:81:ac:55:
                    55:9e:9c:af:4f:51:cc:96:fb:64:7c:db:e1:4c:0d:
                    4b:42:39:5d:60:87:e0:61:52:64:e6:a6:95:7a:99:
                    ad:70:ca:16:86:69:59:b3:a9:9a:91:ec:c0:bc:55:
                    77:34:6b:4f:f1:1a:74:c8:9c:77:7a:e8:45:8b:06:
                    6f:f2:13:db:9a:62:bf:f1:a4:55:32:bb:e5:61:43:
                    3d:bb:01:f1:1a:e5:2f:20:5e:6e:79:6e:d9:29:7d:
                    ff:b1:09:d4:ff:ba:b4:16:e3:b1:30:96:3e:ae:40:
                    40:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:5F:28:CB:7C:F9:82:F2:4A:A6:F5:70:F7:FE:5F:01:27:2C:27:34
            X509v3 Authority Key Identifier:
                keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/lV8oy3z5gvJKpvVw9_5fAScsJzQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.56.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ca:17:a5:59:68:20:3f:4a:4c:b2:8b:4f:2c:6a:32:84:20:51:
         8f:14:32:79:ab:8f:d1:cb:83:cb:67:c1:d4:01:e7:7d:b7:da:
         de:fb:81:1e:7b:b6:28:fa:98:30:66:97:c6:c2:e1:cd:08:4b:
         38:15:f7:59:80:e3:ef:f7:22:dd:fc:0f:3e:45:71:96:3e:71:
         d0:cb:84:33:ad:90:4d:8f:b3:64:09:db:4f:b2:bf:35:e7:da:
         29:64:a7:b9:8e:82:c7:f7:23:b1:3c:9c:2b:a5:9d:d7:5a:f4:
         fe:a0:83:3b:6a:4e:a4:63:fc:92:6b:75:41:2d:cd:3f:d5:c8:
         39:e9:ab:d9:51:2b:95:a2:ac:af:6a:25:9f:ff:6f:67:08:aa:
         75:3a:84:c5:b6:88:bf:75:77:ed:13:f0:c0:c2:e4:d4:da:f8:
         f6:7f:8d:be:7e:68:5b:fc:22:03:93:d3:32:60:81:f9:68:ca:
         1f:e9:ce:77:61:c5:45:eb:a4:cf:a7:0e:e4:45:c6:83:c3:11:
         13:d7:a3:29:28:25:65:7b:f1:c7:9d:66:13:b3:e9:5b:b0:71:
         23:ab:ed:6f:1c:95:b9:dd:01:62:f7:ee:d3:73:f5:8b:69:63:
         12:24:d3:c2:93:39:bb:2b:05:24:54:ba:4a:5c:42:50:9c:9f:
         41:f5:11:1a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCmwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yMjA5MTUw
MjQ5MjFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk1NUYyOENCN0NGOTgy
RjI0QUE2RjU3MEY3RkU1RjAxMjcyQzI3MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY+iTRqChIdoFvGmIDg5DKta0OLhXqlwOUKSg9W3asSqOJXl+k
zNFTtGSJUrWigfXd1bGBUhNW0X87LcZQbFl8+a7XjNO+7Mpm7vtQlIOFL4OWHSmV
cKX3mtrElJVKwt54PoG1QPk7WincCM7Fk1dxb3QtBjglNIoRFzfE762nZ0CwjPGh
nvF/E8nTokAT/vhxQ4GsVVWenK9PUcyW+2R82+FMDUtCOV1gh+BhUmTmppV6ma1w
yhaGaVmzqZqR7MC8VXc0a0/xGnTInHd66EWLBm/yE9uaYr/xpFUyu+VhQz27AfEa
5S8gXm55btkpff+xCdT/urQW47Ewlj6uQEDNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUlV8oy3z5gvJKpvVw9/5fAScsJzQwHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9sVjhveTN6NWd2SktwdlZ3OV81
ZkFTY3NKelEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPTiA
MA0GCSqGSIb3DQEBCwUAA4IBAQDKF6VZaCA/Skyyi08sajKEIFGPFDJ5q4/Ry4PL
Z8HUAed9t9re+4Eee7Yo+pgwZpfGwuHNCEs4FfdZgOPv9yLd/A8+RXGWPnHQy4Qz
rZBNj7NkCdtPsr8159opZKe5joLH9yOxPJwrpZ3XWvT+oIM7ak6kY/ySa3VBLc0/
1cg56avZUSuVoqyvaiWf/29nCKp1OoTFtoi/dXftE/DAwuTU2vj2f42+fmhb/CID
k9MyYIH5aMof6c53YcVF66TPpw7kRcaDwxET16MpKCVle/HHnWYTs+lbsHEjq+1v
HJW53QFi9+7Tc/WLaWMSJNPCkzm7KwUkVLpKXEJQnJ9B9REa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org