Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3adt_CMSunVYIUJFZC9q736cI3g.roa
File:                     3adt_CMSunVYIUJFZC9q736cI3g.roa (raw, json)
Hash identifier:          vP19Meu00dafd51fhF99NelG4B0Fl0oreG06Pg8UOXQ=
Subject key identifier:   DD:A7:6D:FC:23:12:BA:75:58:21:42:45:64:2F:6A:EF:7E:9C:23:78
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       2158
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3adt_CMSunVYIUJFZC9q736cI3g.roa
Signing time:             Fri 25 Nov 2022 04:39:49 +0000
ROA not before:           Fri 25 Nov 2022 04:39:49 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38841
IP address blocks:        118.233.64.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8536 (0x2158)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Nov 25 04:39:49 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=DDA76DFC2312BA7558214245642F6AEF7E9C2378
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:1c:0a:65:50:3e:49:88:72:6a:23:74:7c:bd:
                    fd:01:c9:6c:a4:57:79:35:7a:ae:a4:03:bd:68:af:
                    af:6c:22:83:8a:f5:91:bf:ac:12:57:09:1f:b6:c3:
                    1f:36:d7:67:c3:08:71:2a:0a:6c:0c:c3:43:cb:ee:
                    d8:8d:a8:f4:c7:4d:11:1e:04:ec:6e:7e:b6:22:d0:
                    76:eb:f4:2b:26:d3:dc:9f:53:08:08:a0:ca:6b:86:
                    7c:37:7d:5f:05:4d:0c:29:ac:07:98:86:8e:70:cf:
                    2c:51:46:68:e5:69:4a:ca:da:67:db:17:03:b9:89:
                    59:a8:f9:2f:df:f5:56:50:68:34:29:40:56:3e:7c:
                    67:6b:11:5e:5d:5d:32:2a:db:2b:df:14:99:3e:0e:
                    d4:34:3b:a0:02:ec:13:51:3a:21:e0:a1:57:b0:66:
                    5e:6c:6d:8e:6e:f6:17:ac:70:89:44:9e:72:54:f7:
                    0b:b5:49:e4:60:62:18:2a:72:d1:df:ca:66:76:32:
                    bd:ce:62:70:98:b0:7b:b7:c3:7d:af:de:ff:6a:d5:
                    90:b3:44:8e:5c:c1:b9:f7:11:b5:f1:96:5a:87:90:
                    b1:b5:ba:b0:18:4d:0b:50:35:7d:0d:94:69:b2:d2:
                    ac:19:54:f3:72:51:b7:a5:ce:90:4c:5b:16:81:f7:
                    1d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:A7:6D:FC:23:12:BA:75:58:21:42:45:64:2F:6A:EF:7E:9C:23:78
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3adt_CMSunVYIUJFZC9q736cI3g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.233.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         54:ea:65:b8:27:ed:d4:3d:1b:4b:2b:81:02:ae:db:a2:3c:73:
         bc:6e:01:78:4e:7d:8d:45:70:f0:c1:47:e0:49:04:9a:1f:f5:
         8e:a2:04:a5:e4:d6:bb:06:a3:9c:b9:5c:71:a9:51:a0:75:17:
         e8:b1:18:18:fd:2d:ba:2c:3a:b1:9e:93:1a:d8:c8:92:46:86:
         75:34:6e:53:8e:de:55:8d:e9:a3:4b:ca:3a:51:43:48:c7:5e:
         66:4f:a0:e5:57:09:4a:1e:62:e6:57:2c:ba:7f:9e:9e:66:7a:
         3c:23:56:2c:80:60:b0:f7:71:4c:dd:63:be:35:e8:60:b9:1b:
         ee:ab:90:6c:09:30:99:e8:e1:f4:76:63:1d:cd:b5:ee:48:a2:
         de:1f:3c:ff:a6:b0:35:64:dd:b8:e6:ce:c6:26:c3:a1:5b:35:
         46:ec:4f:bf:41:21:28:03:a3:74:da:88:da:fb:06:66:16:1d:
         df:38:3c:39:b1:ff:92:cb:a1:d3:b5:15:db:c1:f6:7e:1a:9b:
         d8:01:ea:75:fd:bf:f0:13:ae:d5:14:67:53:4a:73:c7:4d:c4:
         c3:d3:7a:29:36:98:d5:97:f6:a2:a3:e2:e6:aa:59:32:7a:55:
         ad:ea:05:b8:27:28:fb:e7:fd:ed:3a:29:26:57:0f:ea:75:be:
         51:b6:ef:48
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIVgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDM5NDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEREQTc2REZDMjMxMkJB
NzU1ODIxNDI0NTY0MkY2QUVGN0U5QzIzNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkHAplUD5JiHJqI3R8vf0ByWykV3k1eq6kA71or69sIoOK9ZG/
rBJXCR+2wx8212fDCHEqCmwMw0PL7tiNqPTHTREeBOxufrYi0Hbr9Csm09yfUwgI
oMprhnw3fV8FTQwprAeYho5wzyxRRmjlaUrK2mfbFwO5iVmo+S/f9VZQaDQpQFY+
fGdrEV5dXTIq2yvfFJk+DtQ0O6AC7BNROiHgoVewZl5sbY5u9hescIlEnnJU9wu1
SeRgYhgqctHfymZ2Mr3OYnCYsHu3w32v3v9q1ZCzRI5cwbn3EbXxllqHkLG1urAY
TQtQNX0NlGmy0qwZVPNyUbelzpBMWxaB9x1DAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3adt/CMSunVYIUJFZC9q736cI3gwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzNhZHRfQ01TdW5WWUlVSkZa
QzlxNzM2Y0kzZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6UAwDQYJKoZIhvcNAQELBQADggEBAFTqZbgn7dQ9G0srgQKu26I8c7xuAXhOfY1F
cPDBR+BJBJof9Y6iBKXk1rsGo5y5XHGpUaB1F+ixGBj9LbosOrGekxrYyJJGhnU0
blOO3lWN6aNLyjpRQ0jHXmZPoOVXCUoeYuZXLLp/np5mejwjViyAYLD3cUzdY741
6GC5G+6rkGwJMJno4fR2Yx3Nte5Iot4fPP+msDVk3bjmzsYmw6FbNUbsT79BISgD
o3TaiNr7BmYWHd84PDmx/5LLodO1FdvB9n4am9gB6nX9v/ATrtUUZ1NKc8dNxMPT
eik2mNWX9qKj4uaqWTJ6Va3qBbgnKPvn/e06KSZXD+p1vlG270g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-fra.rpki-client.org