Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/gdscotL6s86eYl4bBvYkiXv5tic.roa
File:                     gdscotL6s86eYl4bBvYkiXv5tic.roa (raw, json)
Hash identifier:          lMmVla/UW3fUiDmdY2XQdeNpGDtaAkOeEsKQZT3rMeM=
Subject key identifier:   81:DB:1C:A2:D2:FA:B3:CE:9E:62:5E:1B:06:F6:24:89:7B:F9:B6:27
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       0633
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/gdscotL6s86eYl4bBvYkiXv5tic.roa
Signing time:             Tue 19 Jan 2021 02:30:31 +0000
ROA not before:           Tue 19 Jan 2021 02:30:31 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     141173
IP address blocks:        2405:a640:1173::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1587 (0x633)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Jan 19 02:30:31 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=81DB1CA2D2FAB3CE9E625E1B06F624897BF9B627
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:79:3e:ac:30:ea:4e:9f:76:0a:05:4e:ca:b9:
                    34:f5:57:81:52:d8:da:cb:1f:13:57:6b:a1:52:f1:
                    6f:ea:f1:27:f5:bf:42:fa:ee:75:70:90:c2:42:93:
                    c8:41:c4:39:e3:6d:30:40:e9:61:1e:00:c8:4b:a4:
                    8a:52:18:dd:4e:2f:3e:09:e2:40:f9:3e:06:9c:42:
                    db:4c:41:40:e8:d3:e7:22:25:9e:ce:69:61:36:80:
                    29:0f:c3:52:d1:8f:21:08:22:79:6d:0e:e3:c2:0d:
                    34:ae:ab:4a:cc:30:b9:99:5c:30:d3:94:7f:3b:3a:
                    ba:93:fc:b7:fe:1e:44:4c:95:29:82:d7:06:c0:65:
                    78:e5:36:58:08:a0:e1:dc:2f:2b:df:e4:93:4c:6b:
                    2f:e1:b4:7c:f4:08:eb:c5:f3:bb:f2:f0:ce:9b:d4:
                    89:ae:44:22:19:6b:76:88:69:59:b0:69:48:cb:bb:
                    e9:17:86:cc:51:26:75:5f:97:fc:3a:8a:b7:fc:53:
                    3b:c2:d4:78:bc:72:72:f0:b2:df:91:75:01:d9:33:
                    17:ae:59:6d:94:cf:5e:1e:5e:f7:4f:b6:b0:49:29:
                    29:48:f7:0d:c3:80:e3:85:71:e3:8e:b5:2b:b6:b8:
                    d4:87:55:13:e5:f0:51:58:4c:c3:2a:1e:01:b7:52:
                    e8:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:DB:1C:A2:D2:FA:B3:CE:9E:62:5E:1B:06:F6:24:89:7B:F9:B6:27
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/gdscotL6s86eYl4bBvYkiXv5tic.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:a640:1173::/48

    Signature Algorithm: sha256WithRSAEncryption
         07:af:38:79:b0:e2:77:4a:d8:4f:d3:24:d0:2e:a5:f0:63:9d:
         cd:14:17:6f:f2:ac:8d:d4:41:da:c6:98:14:89:3b:f9:4c:b6:
         71:8c:9d:55:ea:eb:17:31:7b:3b:9f:2c:8d:10:5e:29:cf:47:
         d9:27:7b:03:11:d5:45:98:34:23:af:a4:6b:be:e2:51:ae:9e:
         d2:0a:e1:3e:d9:82:2a:b0:a7:4e:a8:88:ba:8b:ad:0c:61:2d:
         d6:6f:57:09:36:f7:59:4d:47:1e:2a:16:37:a4:30:ab:8b:97:
         d9:17:b2:82:7f:a3:33:e8:c1:58:5e:6c:d2:5d:30:ea:c5:9a:
         c7:92:c0:89:c5:78:fb:4e:77:39:15:de:66:ab:89:e1:5f:31:
         2e:d5:97:ea:d5:57:a1:36:2b:09:c5:a0:2b:60:59:d2:83:54:
         a0:18:89:42:ef:22:9b:4b:bb:22:16:3a:0a:f9:f2:68:cd:66:
         e1:a0:20:2c:c6:b1:c1:bf:be:e1:e4:c8:dc:c8:5e:cb:01:34:
         d7:8b:97:46:c3:1f:34:b3:60:8e:f3:7c:d0:cc:6b:4b:d7:4b:
         de:65:40:34:10:4a:43:97:b6:d9:e2:fa:a7:6f:00:ae:7b:5e:
         d4:0a:08:c7:10:ed:14:2d:32:ef:cc:88:2e:81:1d:21:ec:32:
         6a:d7:ef:33
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBjMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMTAxMTkw
MjMwMzFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDgxREIxQ0EyRDJGQUIz
Q0U5RTYyNUUxQjA2RjYyNDg5N0JGOUI2MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6eT6sMOpOn3YKBU7KuTT1V4FS2NrLHxNXa6FS8W/q8Sf1v0L6
7nVwkMJCk8hBxDnjbTBA6WEeAMhLpIpSGN1OLz4J4kD5PgacQttMQUDo0+ciJZ7O
aWE2gCkPw1LRjyEIInltDuPCDTSuq0rMMLmZXDDTlH87OrqT/Lf+HkRMlSmC1wbA
ZXjlNlgIoOHcLyvf5JNMay/htHz0COvF87vy8M6b1ImuRCIZa3aIaVmwaUjLu+kX
hsxRJnVfl/w6irf8UzvC1Hi8cnLwst+RdQHZMxeuWW2Uz14eXvdPtrBJKSlI9w3D
gOOFceOOtSu2uNSHVRPl8FFYTMMqHgG3UuiXAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUgdscotL6s86eYl4bBvYkiXv5ticwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvZ2RzY290TDZzODZlWWw0YkJ2WWtp
WHY1dGljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEAB684ebDid0rYT9Mk0C6l8GOdzRQXb/KsjdRB
2saYFIk7+Uy2cYydVerrFzF7O58sjRBeKc9H2Sd7AxHVRZg0I6+ka77iUa6e0grh
PtmCKrCnTqiIuoutDGEt1m9XCTb3WU1HHioWN6Qwq4uX2Reygn+jM+jBWF5s0l0w
6sWax5LAicV4+053ORXeZquJ4V8xLtWX6tVXoTYrCcWgK2BZ0oNUoBiJQu8im0u7
IhY6CvnyaM1m4aAgLMaxwb++4eTI3MheywE014uXRsMfNLNgjvN80MxrS9dL3mVA
NBBKQ5e22eL6p28Arnte1AoIxxDtFC0y78yILoEdIewyatfvMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org