Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/HQ3o9fRJZDEc6tK1XyXh9kU0Bgc.roa
File:                     HQ3o9fRJZDEc6tK1XyXh9kU0Bgc.roa (raw, json)
Hash identifier:          +H7fywvDr0Qy4zbg4WEv+UevuZEMMuxBCbNv33GXttI=
Subject key identifier:   1D:0D:E8:F5:F4:49:64:31:1C:EA:D2:B5:5F:25:E1:F6:45:34:06:07
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       06EE
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/HQ3o9fRJZDEc6tK1XyXh9kU0Bgc.roa
Signing time:             Wed 29 Sep 2021 02:53:46 +0000
ROA not before:           Wed 29 Sep 2021 02:53:46 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     209557
IP address blocks:        2405:a640:1173::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1774 (0x6ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Sep 29 02:53:46 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=1D0DE8F5F44964311CEAD2B55F25E1F645340607
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:cf:4f:82:bb:2e:b8:03:5f:2e:65:d2:33:d4:
                    8d:0b:82:34:d1:a5:a6:7c:9b:37:e8:36:f5:5f:c2:
                    25:44:cb:b1:02:28:0e:dc:61:42:3a:c9:e2:12:ee:
                    50:f4:a5:91:3d:22:70:79:35:e0:33:22:dc:81:04:
                    b3:c2:3a:02:8d:ca:97:40:19:8a:48:c6:0c:a6:46:
                    01:c1:7d:ae:33:d8:a2:1c:bd:54:70:52:82:63:fe:
                    e8:3e:fd:29:2a:20:81:6e:af:77:1b:72:21:c6:90:
                    97:eb:6e:80:bc:45:fb:7e:77:44:64:07:fd:71:0a:
                    38:c3:b5:a2:7f:39:66:c4:33:99:a3:3b:4c:62:af:
                    1a:98:6f:d2:4b:23:f9:ad:7b:46:25:67:11:48:09:
                    9e:b7:d2:a2:c1:60:53:46:ed:d6:80:ea:e4:b7:24:
                    42:4f:84:92:5b:b9:fc:70:54:21:5a:47:db:11:89:
                    3c:cd:0b:14:ea:a8:03:2d:7a:c7:6f:5a:ae:b3:47:
                    46:5b:d0:e6:85:de:f5:e1:5b:1b:74:8e:09:c5:80:
                    f5:45:d6:f7:a2:73:1e:ca:8d:55:9b:85:46:85:f4:
                    88:32:a4:6d:84:15:14:2f:98:54:38:0f:c0:12:98:
                    77:6e:5a:b8:19:ed:00:34:1b:cd:44:8e:21:66:df:
                    d3:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:0D:E8:F5:F4:49:64:31:1C:EA:D2:B5:5F:25:E1:F6:45:34:06:07
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/HQ3o9fRJZDEc6tK1XyXh9kU0Bgc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:a640:1173::/48

    Signature Algorithm: sha256WithRSAEncryption
         46:09:e8:b9:ad:e4:ad:62:86:43:02:84:5c:10:90:1b:39:6a:
         20:0d:a8:76:c9:c8:8c:ec:58:99:c4:a6:5a:a8:a9:4e:94:36:
         ec:ad:f5:9f:61:18:18:33:da:33:9a:9e:c4:c3:dc:7c:44:c5:
         6d:4a:0c:86:88:bd:83:89:fa:76:7c:7f:35:f0:9e:9c:e3:74:
         0e:d1:4e:1e:41:98:e6:01:41:94:cd:ab:61:e5:53:b7:49:cc:
         b1:c1:82:3b:ba:88:c0:06:29:48:ac:31:a3:27:a2:3d:7a:5b:
         ce:08:64:d6:b6:f6:e9:0c:a7:5a:e4:8f:38:ac:a5:43:36:71:
         ae:68:ba:b7:7b:18:3e:90:82:14:9a:09:fd:5e:c0:92:de:c8:
         0f:67:a5:31:23:f2:c3:86:51:e7:32:10:52:ec:d1:ae:57:73:
         58:15:85:7a:6b:9b:78:71:67:f4:cd:6c:66:4f:41:0d:18:63:
         d1:77:8e:0b:96:b5:cf:b4:0b:53:03:67:71:ac:fc:06:32:00:
         08:fb:fa:43:aa:c2:80:56:b9:10:84:f0:7c:32:57:d1:bb:2e:
         14:fc:a9:1a:b3:3d:2a:b9:7e:83:09:07:1f:98:c8:d5:ea:60:
         36:cc:75:34:b4:0f:e7:ad:25:21:22:99:20:f8:58:69:61:90:
         0a:87:08:72
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBu4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMTA5Mjkw
MjUzNDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFEMERFOEY1RjQ0OTY0
MzExQ0VBRDJCNTVGMjVFMUY2NDUzNDA2MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtz0+Cuy64A18uZdIz1I0LgjTRpaZ8mzfoNvVfwiVEy7ECKA7c
YUI6yeIS7lD0pZE9InB5NeAzItyBBLPCOgKNypdAGYpIxgymRgHBfa4z2KIcvVRw
UoJj/ug+/SkqIIFur3cbciHGkJfrboC8Rft+d0RkB/1xCjjDtaJ/OWbEM5mjO0xi
rxqYb9JLI/mte0YlZxFICZ630qLBYFNG7daA6uS3JEJPhJJbufxwVCFaR9sRiTzN
CxTqqAMtesdvWq6zR0Zb0OaF3vXhWxt0jgnFgPVF1veicx7KjVWbhUaF9IgypG2E
FRQvmFQ4D8ASmHduWrgZ7QA0G81EjiFm39P5AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUHQ3o9fRJZDEc6tK1XyXh9kU0BgcwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvSFEzbzlmUkpaREVjNnRLMVh5WGg5
a1UwQmdjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEARgnoua3krWKGQwKEXBCQGzlqIA2odsnIjOxY
mcSmWqipTpQ27K31n2EYGDPaM5qexMPcfETFbUoMhoi9g4n6dnx/NfCenON0DtFO
HkGY5gFBlM2rYeVTt0nMscGCO7qIwAYpSKwxoyeiPXpbzghk1rb26QynWuSPOKyl
QzZxrmi6t3sYPpCCFJoJ/V7Akt7ID2elMSPyw4ZR5zIQUuzRrldzWBWFemubeHFn
9M1sZk9BDRhj0XeOC5a1z7QLUwNncaz8BjIACPv6Q6rCgFa5EITwfDJX0bsuFPyp
GrM9Krl+gwkHH5jI1epgNsx1NLQP560lISKZIPhYaWGQCocIcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org