Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/NZOOK4cyPWuN_5QW4lXDO2HYpns.roa
File:                     NZOOK4cyPWuN_5QW4lXDO2HYpns.roa (raw, json)
Hash identifier:          kpQm8kieoob0SySgA7og1TBETeTtjXMv4mGwQbHXsdk=
Subject key identifier:   35:93:8E:2B:87:32:3D:6B:8D:FF:94:16:E2:55:C3:3B:61:D8:A6:7B
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       1D8B
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/NZOOK4cyPWuN_5QW4lXDO2HYpns.roa
Signing time:             Mon 04 Oct 2021 01:46:57 +0000
ROA not before:           Mon 04 Oct 2021 01:46:57 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38841
IP address blocks:        2407:4d00:ff0b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7563 (0x1d8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Oct  4 01:46:57 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=35938E2B87323D6B8DFF9416E255C33B61D8A67B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:18:f2:d9:6a:e7:3b:16:bd:51:0f:00:52:55:
                    d5:ea:d6:fb:9f:35:6d:c9:65:78:2a:2d:39:24:99:
                    3e:d1:9b:cc:41:7e:1d:99:a2:97:46:b6:e8:4d:93:
                    6e:59:31:aa:c7:99:cd:99:6a:2d:ee:7a:9f:93:f6:
                    00:c9:c5:62:6a:b3:ce:ce:5a:82:f3:06:1c:60:7f:
                    5b:f8:4b:e3:b3:16:cb:9e:92:c5:77:ce:37:40:5f:
                    a2:01:40:5f:7a:47:74:98:94:97:eb:cd:aa:e0:d4:
                    0d:78:3b:1f:0c:22:11:9b:9a:10:ad:55:3a:29:11:
                    d5:31:38:39:0d:39:de:21:12:ed:d4:da:4a:00:6c:
                    da:be:86:36:e2:55:69:65:80:7f:4f:f8:91:df:3f:
                    e8:03:9b:b0:15:ed:74:18:6d:a5:b1:d1:ac:5f:89:
                    05:51:2d:90:0e:19:50:86:2d:ce:ed:1d:d7:00:49:
                    d1:2f:2c:2d:db:a4:c3:87:ef:69:dc:5a:4c:61:3b:
                    2b:d1:df:01:92:86:06:5b:27:3b:b6:5d:ab:d1:57:
                    ec:25:3a:56:ad:c3:7e:b6:40:03:6e:d3:99:36:98:
                    6a:55:72:5e:4a:6b:fd:0c:a4:2a:ea:43:ab:cb:fd:
                    86:70:eb:1c:a6:9a:72:37:7b:82:31:f4:0b:de:fa:
                    ae:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:93:8E:2B:87:32:3D:6B:8D:FF:94:16:E2:55:C3:3B:61:D8:A6:7B
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/NZOOK4cyPWuN_5QW4lXDO2HYpns.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:4d00:ff0b::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:8d:fb:6c:12:43:5f:74:8c:02:ea:fd:2f:c7:b9:cd:49:32:
         24:1d:43:5b:5d:7c:00:42:ce:46:82:30:af:d3:ce:60:19:0b:
         db:0d:02:2c:19:4f:e8:0d:96:0a:41:e4:9c:1c:8e:c7:94:46:
         fe:ed:40:80:c1:31:1b:60:71:79:67:7e:e0:2e:52:23:41:2f:
         92:1c:66:e3:ae:e5:f7:1e:e0:f7:6f:80:c3:8b:32:43:d7:1e:
         9e:26:db:f0:04:67:38:fa:09:85:44:71:ee:28:50:0b:98:c0:
         8a:6c:ba:14:00:ad:88:f9:d9:f7:ee:aa:34:ec:a2:5c:bd:41:
         9d:88:c1:5f:92:e4:d8:3c:26:57:7e:13:81:53:b7:46:b4:f3:
         de:1f:bf:38:f1:ff:a3:88:d7:ee:78:df:77:71:ee:18:50:17:
         db:46:cc:05:bb:c6:c1:45:91:32:6f:8a:5d:3d:29:b0:d6:b4:
         98:af:f4:30:4b:90:65:fd:bd:fb:8d:97:71:b0:ec:5b:27:f0:
         16:7f:cc:bc:e6:57:95:50:95:05:8d:bc:89:01:32:d4:d1:93:
         9e:6d:d3:4a:f0:21:95:8d:99:3e:af:1f:c1:49:31:ec:35:4e:
         b9:64:18:c9:1e:72:73:1e:9c:5c:91:32:a3:a1:57:23:48:93:
         0a:ba:24:ca
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHYswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMTEwMDQw
MTQ2NTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM1OTM4RTJCODczMjNE
NkI4REZGOTQxNkUyNTVDMzNCNjFEOEE2N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2GPLZauc7Fr1RDwBSVdXq1vufNW3JZXgqLTkkmT7Rm8xBfh2Z
opdGtuhNk25ZMarHmc2Zai3uep+T9gDJxWJqs87OWoLzBhxgf1v4S+OzFsueksV3
zjdAX6IBQF96R3SYlJfrzarg1A14Ox8MIhGbmhCtVTopEdUxODkNOd4hEu3U2koA
bNq+hjbiVWllgH9P+JHfP+gDm7AV7XQYbaWx0axfiQVRLZAOGVCGLc7tHdcASdEv
LC3bpMOH72ncWkxhOyvR3wGShgZbJzu2XavRV+wlOlatw362QANu05k2mGpVcl5K
a/0MpCrqQ6vL/YZw6xymmnI3e4Ix9Ave+q5tAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNZOOK4cyPWuN/5QW4lXDO2HYpnswHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL05aT09LNGN5UFd1Tl81UVc0
bFhETzJIWXBucy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
B00A/wswDQYJKoZIhvcNAQELBQADggEBAKqN+2wSQ190jALq/S/Huc1JMiQdQ1td
fABCzkaCMK/TzmAZC9sNAiwZT+gNlgpB5JwcjseURv7tQIDBMRtgcXlnfuAuUiNB
L5IcZuOu5fce4PdvgMOLMkPXHp4m2/AEZzj6CYVEce4oUAuYwIpsuhQArYj52ffu
qjTsoly9QZ2IwV+S5Ng8Jld+E4FTt0a0894fvzjx/6OI1+5433dx7hhQF9tGzAW7
xsFFkTJvil09KbDWtJiv9DBLkGX9vfuNl3Gw7Fsn8BZ/zLzmV5VQlQWNvIkBMtTR
k55t00rwIZWNmT6vH8FJMew1TrlkGMkecnMenFyRMqOhVyNIkwq6JMo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:29 2024 by rpki-client on console-ams.rpki-client.org