Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TECHDRIVEN/zf-Vsd7riXoXoWpREZSwsGeGbAI.roa
File:                     zf-Vsd7riXoXoWpREZSwsGeGbAI.roa (raw, json)
Hash identifier:          kvr9t22tPjX4o9bouigqfxVEp+Hw1m+CmDKwj8wx86A=
Subject key identifier:   CD:FF:95:B1:DE:EB:89:7A:17:A1:6A:51:11:94:B0:B0:67:86:6C:02
Certificate issuer:       /CN=9BFCFAA2106742B2C099E3F4C2A50428E5CD62D3
Certificate serial:       07
Authority key identifier: 9B:FC:FA:A2:10:67:42:B2:C0:99:E3:F4:C2:A5:04:28:E5:CD:62:D3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/m_z6ohBnQrLAmeP0wqUEKOXNYtM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TECHDRIVEN/zf-Vsd7riXoXoWpREZSwsGeGbAI.roa
Signing time:             Fri 09 Dec 2022 02:37:25 +0000
ROA not before:           Fri 09 Dec 2022 02:37:25 +0000
ROA not after:            Tue 05 Dec 2023 15:30:19 +0000
asID:                     131657
IP address blocks:        2400:c9a0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9BFCFAA2106742B2C099E3F4C2A50428E5CD62D3
        Validity
            Not Before: Dec  9 02:37:25 2022 GMT
            Not After : Dec  5 15:30:19 2023 GMT
        Subject: CN=CDFF95B1DEEB897A17A16A511194B0B067866C02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:35:c7:f7:0f:79:8e:36:cd:c7:78:34:d4:1a:
                    6d:ef:91:03:d8:22:6a:7e:94:e6:af:aa:14:bf:8a:
                    c0:bf:02:aa:a5:57:d0:da:68:08:a9:d8:da:07:fd:
                    a3:2b:cf:8f:5f:bd:ed:97:31:3c:4e:6d:d7:a7:98:
                    0a:6c:a4:c7:27:7c:23:0f:2c:97:97:7a:08:76:66:
                    1a:2a:35:7e:a7:03:9e:db:73:9c:8b:de:73:db:6d:
                    7c:74:c1:bb:63:ea:de:f6:3d:3b:4b:87:46:a9:98:
                    49:c4:8d:66:54:ff:eb:ac:90:d4:bb:ae:9e:fd:fe:
                    5d:eb:46:31:48:6c:66:09:96:26:11:2f:7f:0b:1e:
                    16:6a:d1:19:60:9c:9e:58:1f:ba:6b:18:5f:c6:02:
                    12:d5:98:f0:4b:31:4e:1c:37:a7:02:bc:0f:da:d3:
                    4f:de:75:e8:78:63:24:a3:6b:d8:64:38:2d:4d:35:
                    a1:e0:98:0e:14:7d:01:70:8a:e2:eb:67:9c:8b:fc:
                    84:2f:07:6d:16:9e:f0:7c:87:1b:ef:e5:f8:6d:9c:
                    59:5e:57:1f:89:3b:47:94:cb:e2:61:95:6c:10:76:
                    8c:6a:4b:60:ff:27:50:02:45:4a:af:36:fb:30:cf:
                    a7:f3:d7:c4:f1:61:85:d7:b5:4f:1a:bd:d9:08:11:
                    f3:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:FF:95:B1:DE:EB:89:7A:17:A1:6A:51:11:94:B0:B0:67:86:6C:02
            X509v3 Authority Key Identifier:
                keyid:9B:FC:FA:A2:10:67:42:B2:C0:99:E3:F4:C2:A5:04:28:E5:CD:62:D3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TECHDRIVEN/m_z6ohBnQrLAmeP0wqUEKOXNYtM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/m_z6ohBnQrLAmeP0wqUEKOXNYtM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TECHDRIVEN/zf-Vsd7riXoXoWpREZSwsGeGbAI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:c9a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:5a:26:3f:6a:f5:66:ff:18:bb:9b:8a:fd:75:12:f6:03:52:
         d1:2f:bd:05:a8:16:00:85:cb:6b:8f:3a:be:82:74:a8:dc:9a:
         31:d3:33:12:42:0c:98:05:a6:2d:82:d3:03:d9:9f:18:64:c8:
         f7:ca:b0:00:bb:5d:4c:bc:94:8e:47:06:08:37:b7:e4:01:36:
         a8:89:8a:d7:bb:fc:12:7d:5b:57:9c:11:0c:79:17:01:29:54:
         4c:81:53:8b:65:4f:dc:dc:97:1e:65:1f:24:7d:29:eb:ec:f2:
         2e:76:26:ff:9f:dd:e6:1a:52:51:2d:4f:78:71:35:fc:c6:f5:
         22:3b:bb:50:77:fa:93:c1:8b:83:a4:e2:61:43:1f:f8:4e:7b:
         a3:db:f5:9b:c3:bb:32:be:7a:3b:8d:cb:41:33:1f:87:01:ff:
         c8:9e:01:50:c8:c0:27:02:f0:6e:9c:41:d4:6b:f9:ea:b0:85:
         64:8f:c6:1b:47:ad:d9:87:45:52:12:66:bd:82:27:e5:46:ab:
         40:5f:79:27:b2:b6:c9:7b:2d:2f:3f:16:36:34:d7:08:a5:fe:
         05:02:90:3c:2d:24:46:89:f7:03:5e:a1:9a:64:2f:59:de:c7:
         ab:00:40:a7:8d:e3:03:86:19:42:70:54:d6:01:82:f6:6a:c7:
         d9:dd:a7:35
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5QkZD
RkFBMjEwNjc0MkIyQzA5OUUzRjRDMkE1MDQyOEU1Q0Q2MkQzMB4XDTIyMTIwOTAy
MzcyNVoXDTIzMTIwNTE1MzAxOVowMzExMC8GA1UEAxMoQ0RGRjk1QjFERUVCODk3
QTE3QTE2QTUxMTE5NEIwQjA2Nzg2NkMwMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMY1x/cPeY42zcd4NNQabe+RA9gian6U5q+qFL+KwL8CqqVX0Npo
CKnY2gf9oyvPj1+97ZcxPE5t16eYCmykxyd8Iw8sl5d6CHZmGio1fqcDnttznIve
c9ttfHTBu2Pq3vY9O0uHRqmYScSNZlT/66yQ1Luunv3+XetGMUhsZgmWJhEvfwse
FmrRGWCcnlgfumsYX8YCEtWY8EsxThw3pwK8D9rTT9516HhjJKNr2GQ4LU01oeCY
DhR9AXCK4utnnIv8hC8HbRae8HyHG+/l+G2cWV5XH4k7R5TL4mGVbBB2jGpLYP8n
UAJFSq82+zDPp/PXxPFhhde1Txq92QgR86kCAwEAAaOCAfcwggHzMB0GA1UdDgQW
BBTN/5Wx3uuJehehalERlLCwZ4ZsAjAfBgNVHSMEGDAWgBSb/PqiEGdCssCZ4/TC
pQQo5c1i0zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGAGA1UdHwRZMFcwVaBT
oFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9URUNIRFJJ
VkVOL21fejZvaEJuUXJMQW1lUDB3cVVFS09YTll0TS5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvbV96Nm9oQm5RckxBbWVQMHdxVUVLT1hOWXRNLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgaAGCCsGAQUFBwELBIGTMIGQMFsGCCsGAQUFBzALhk9yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEVDSERSSVZFTi96Zi1Wc2Q3cmlY
b1hvV3BSRVpTd3NHZUdiQUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAu
dHduaWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIA
AjAHAwUAJADJoDANBgkqhkiG9w0BAQsFAAOCAQEAhlomP2r1Zv8Yu5uK/XUS9gNS
0S+9BagWAIXLa486voJ0qNyaMdMzEkIMmAWmLYLTA9mfGGTI98qwALtdTLyUjkcG
CDe35AE2qImK17v8En1bV5wRDHkXASlUTIFTi2VP3NyXHmUfJH0p6+zyLnYm/5/d
5hpSUS1PeHE1/Mb1Iju7UHf6k8GLg6TiYUMf+E57o9v1m8O7Mr56O43LQTMfhwH/
yJ4BUMjAJwLwbpxB1Gv56rCFZI/GG0et2YdFUhJmvYIn5UarQF95J7K2yXstLz8W
NjTXCKX+BQKQPC0kRon3A16hmmQvWd7HqwBAp43jA4YZQnBU1gGC9mrH2d2nNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:22 2024 by rpki-client on console-ams.rpki-client.org