Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/fmZXY1q2WvDmzpUsOVNV3oHcesc.roa
File:                     fmZXY1q2WvDmzpUsOVNV3oHcesc.roa (raw, json)
Hash identifier:          yQ5vqIdXV28dH8Tv6TxLWi5LyZ/7vehLAo4/EAyrKQE=
Subject key identifier:   7E:66:57:63:5A:B6:5A:F0:E6:CE:95:2C:39:53:55:DE:81:DC:7A:C7
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       0175
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/fmZXY1q2WvDmzpUsOVNV3oHcesc.roa
Signing time:             Tue 14 Apr 2020 08:18:42 +0000
ROA not before:           Tue 14 Apr 2020 08:18:42 +0000
ROA not after:            Tue 02 Feb 2021 02:23:59 +0000
asID:                     131668
IP address blocks:        2405:a640::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 373 (0x175)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Apr 14 08:18:42 2020 GMT
            Not After : Feb  2 02:23:59 2021 GMT
        Subject: CN=7E6657635AB65AF0E6CE952C395355DE81DC7AC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d9:8d:d9:c5:b2:38:0c:05:d1:e4:55:a7:10:
                    54:66:98:e1:85:ce:b4:03:a6:77:2a:15:be:26:a3:
                    a7:3f:0e:39:13:8d:88:e5:36:59:f2:bd:5d:98:8f:
                    0c:cc:80:1b:72:ee:a4:0f:ef:e7:f9:c5:77:7e:01:
                    f8:5e:fa:58:f1:dc:a8:19:eb:3e:ab:38:3f:31:50:
                    db:53:fc:25:d8:2e:cd:3e:df:8b:7a:9f:73:8a:23:
                    d0:73:24:3e:41:4a:33:06:90:75:cf:ad:f6:65:f4:
                    63:40:05:0b:4d:53:66:d3:ac:85:0d:52:28:b2:25:
                    78:b0:12:ee:2d:c2:21:11:10:9e:87:90:83:fe:17:
                    b3:f5:97:72:45:b7:00:88:e2:5c:e4:63:0c:f4:46:
                    21:73:70:50:2b:5e:32:98:ea:bf:93:da:70:48:28:
                    56:a8:43:5e:da:25:12:ea:07:6d:e3:eb:fa:9a:de:
                    1e:47:fe:4e:67:af:34:47:85:bc:56:45:a0:4d:14:
                    27:84:26:eb:f7:9e:ca:e0:64:7a:26:92:42:8d:4b:
                    54:69:6d:41:ff:c9:4f:ef:ba:93:1d:2f:d2:eb:e2:
                    05:bd:9d:d2:7c:bf:db:51:80:9e:d8:66:a2:47:30:
                    8e:50:00:ef:e4:fa:5d:fc:33:99:5a:e0:8f:64:f4:
                    a0:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:66:57:63:5A:B6:5A:F0:E6:CE:95:2C:39:53:55:DE:81:DC:7A:C7
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/fmZXY1q2WvDmzpUsOVNV3oHcesc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:a640::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:04:8f:79:aa:b3:97:f3:c6:31:29:ba:94:2f:88:90:a1:55:
         82:f7:ae:f4:39:4d:ee:75:48:40:7d:1f:b6:89:36:49:cc:93:
         d0:27:9d:18:be:13:1b:24:da:3a:26:83:83:b6:ab:fa:f6:9b:
         c9:ac:27:aa:74:e7:99:53:13:9a:cc:b3:af:a2:39:de:13:d9:
         fe:ea:15:49:2d:83:8f:73:7a:4a:e4:3a:e2:78:1e:d7:fd:f1:
         11:fe:40:8c:a4:25:27:4e:1b:1a:f9:75:c9:c4:0a:06:7e:73:
         00:37:ef:cb:61:4f:b9:3f:a8:d5:dc:5f:84:00:2d:12:3b:74:
         6a:32:12:9b:86:aa:46:9a:7a:d2:af:12:91:d9:d6:ef:b3:c5:
         6d:91:ff:88:a4:12:df:76:90:37:55:64:c2:26:dd:20:b1:3c:
         a7:e3:a2:20:31:f9:27:04:82:92:6a:c9:50:50:ef:49:8f:56:
         92:fb:f0:5c:bf:15:c1:39:e4:c1:c1:10:c8:60:92:d3:f0:31:
         a7:09:89:53:e9:df:37:c6:b0:50:77:74:c9:87:f4:98:f3:a1:
         b1:b0:dc:66:ab:c8:5d:56:46:c2:83:e9:fd:7a:af:6a:55:ca:
         d7:3b:07:44:71:2a:67:3f:d7:f4:e0:58:68:9e:7a:bc:a2:10:
         ab:eb:a1:a8
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMDA0MTQw
ODE4NDJaFw0yMTAyMDIwMjIzNTlaMDMxMTAvBgNVBAMTKDdFNjY1NzYzNUFCNjVB
RjBFNkNFOTUyQzM5NTM1NURFODFEQzdBQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/2Y3ZxbI4DAXR5FWnEFRmmOGFzrQDpncqFb4mo6c/DjkTjYjl
NlnyvV2YjwzMgBty7qQP7+f5xXd+Afhe+ljx3KgZ6z6rOD8xUNtT/CXYLs0+34t6
n3OKI9BzJD5BSjMGkHXPrfZl9GNABQtNU2bTrIUNUiiyJXiwEu4twiEREJ6HkIP+
F7P1l3JFtwCI4lzkYwz0RiFzcFArXjKY6r+T2nBIKFaoQ17aJRLqB23j6/qa3h5H
/k5nrzRHhbxWRaBNFCeEJuv3nsrgZHomkkKNS1RpbUH/yU/vupMdL9Lr4gW9ndJ8
v9tRgJ7YZqJHMI5QAO/k+l38M5la4I9k9KCPAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUfmZXY1q2WvDmzpUsOVNV3oHcescwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvZm1aWFkxcTJXdkRtenBVc09WTlYz
b0hjZXNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQFpkAw
DQYJKoZIhvcNAQELBQADggEBADsEj3mqs5fzxjEpupQviJChVYL3rvQ5Te51SEB9
H7aJNknMk9AnnRi+Exsk2jomg4O2q/r2m8msJ6p055lTE5rMs6+iOd4T2f7qFUkt
g49zekrkOuJ4Htf98RH+QIykJSdOGxr5dcnECgZ+cwA378thT7k/qNXcX4QALRI7
dGoyEpuGqkaaetKvEpHZ1u+zxW2R/4ikEt92kDdVZMIm3SCxPKfjoiAx+ScEgpJq
yVBQ70mPVpL78Fy/FcE55MHBEMhgktPwMacJiVPp3zfGsFB3dMmH9JjzobGw3Gar
yF1WRsKD6f16r2pVytc7B0RxKmc/1/TgWGieeryiEKvroag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org