Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/nh6DC0NeisjHV36VBlK-3uQmh5M.roa
File:                     nh6DC0NeisjHV36VBlK-3uQmh5M.roa (raw, json)
Hash identifier:          hFfq0WZXNTrphNPDtLq0Y3lITp8RkwliFPPTHjFBw+s=
Subject key identifier:   9E:1E:83:0B:43:5E:8A:C8:C7:57:7E:95:06:52:BE:DE:E4:26:87:93
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       06EF
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/nh6DC0NeisjHV36VBlK-3uQmh5M.roa
Signing time:             Wed 29 Sep 2021 02:53:46 +0000
ROA not before:           Wed 29 Sep 2021 02:53:46 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     141173
IP address blocks:        2405:a640:1173::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1775 (0x6ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Sep 29 02:53:46 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=9E1E830B435E8AC8C7577E950652BEDEE4268793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:43:38:7a:0e:2f:41:e2:0b:b0:e3:1e:eb:fe:
                    23:b3:fb:cf:a0:d8:08:12:11:f8:e2:7f:20:0b:5b:
                    9c:15:9e:2e:8d:35:35:b3:ae:83:77:a5:65:a5:c6:
                    2e:48:34:32:91:10:5e:ae:e9:06:e2:91:ef:eb:eb:
                    0c:5e:65:0b:7e:87:d1:66:11:27:f1:ba:fb:07:a8:
                    84:fc:2d:ac:4e:65:90:81:f9:90:23:86:32:32:eb:
                    a4:78:56:9b:4f:00:3d:b4:60:a9:d1:8f:9c:9c:4d:
                    d3:49:7d:5e:f0:fb:29:af:b6:c4:a1:9b:10:8b:21:
                    f7:6d:70:1e:77:07:ac:ac:7a:69:ed:28:00:dd:1e:
                    27:71:0f:dc:0a:5f:10:a7:07:12:f9:f7:af:b3:c4:
                    09:ee:f4:fe:e6:43:df:9e:f8:3f:3e:3a:82:a1:b7:
                    42:12:33:f8:7f:91:2a:86:3f:67:f1:59:b1:9d:4c:
                    eb:b4:a1:43:c3:75:9f:e2:30:24:67:59:06:36:7c:
                    ae:8b:75:75:34:3e:2d:29:b3:d9:c6:16:bd:1f:57:
                    ff:15:fe:b5:7f:a0:3f:33:dd:82:4b:2c:72:ef:22:
                    f9:04:5c:fe:e7:cf:59:15:f2:68:63:9f:fe:fa:94:
                    bc:87:f4:0a:af:d4:54:e3:77:a8:da:f0:59:ff:89:
                    58:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:1E:83:0B:43:5E:8A:C8:C7:57:7E:95:06:52:BE:DE:E4:26:87:93
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/nh6DC0NeisjHV36VBlK-3uQmh5M.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:a640:1173::/48

    Signature Algorithm: sha256WithRSAEncryption
         b2:2c:7a:ee:1e:ef:a2:f4:bc:86:68:96:8b:41:24:d5:ed:4e:
         ae:bf:f5:d4:30:2c:31:93:53:ed:66:37:0a:90:b1:1c:84:4c:
         ed:b7:37:07:7f:fa:67:5e:83:69:0c:ee:c9:45:f3:81:7f:52:
         25:c4:a8:3b:9a:b9:69:34:23:cd:5d:85:3a:3a:15:3a:99:a1:
         28:f7:1f:3d:df:1e:04:87:11:47:ef:1d:04:4d:9f:2e:15:b4:
         ff:1a:ad:c6:a2:3e:a3:a1:62:52:50:d7:29:b2:70:09:e1:e6:
         d0:3f:7b:4f:7e:93:ca:8c:6c:81:70:ca:ca:8c:e0:e1:13:c7:
         4c:b3:38:84:b4:3e:66:5d:a8:bf:e2:0d:0a:19:f1:63:8c:26:
         8b:74:01:21:53:f8:ee:ae:19:2a:87:39:12:32:9a:e6:59:48:
         01:33:fe:44:1a:fd:6b:bc:27:c2:84:c9:19:4d:e1:6f:c5:9d:
         8f:eb:d6:22:7e:89:dc:5c:ce:a3:bf:e0:fd:8e:2e:f3:44:5f:
         1a:42:e3:48:83:68:8a:26:86:6e:d7:c6:19:bf:ce:26:e5:ff:
         47:41:7b:26:32:c9:60:fa:10:0b:7e:67:01:71:6c:9a:ee:27:
         4f:fd:9d:d3:92:db:10:47:7c:a4:6e:38:35:cf:fb:f4:2b:9f:
         d2:d3:f0:b0
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMTA5Mjkw
MjUzNDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlFMUU4MzBCNDM1RThB
QzhDNzU3N0U5NTA2NTJCRURFRTQyNjg3OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfQzh6Di9B4guw4x7r/iOz+8+g2AgSEfjifyALW5wVni6NNTWz
roN3pWWlxi5INDKREF6u6Qbike/r6wxeZQt+h9FmESfxuvsHqIT8LaxOZZCB+ZAj
hjIy66R4VptPAD20YKnRj5ycTdNJfV7w+ymvtsShmxCLIfdtcB53B6ysemntKADd
HidxD9wKXxCnBxL596+zxAnu9P7mQ9+e+D8+OoKht0ISM/h/kSqGP2fxWbGdTOu0
oUPDdZ/iMCRnWQY2fK6LdXU0Pi0ps9nGFr0fV/8V/rV/oD8z3YJLLHLvIvkEXP7n
z1kV8mhjn/76lLyH9Aqv1FTjd6ja8Fn/iVj7AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUnh6DC0NeisjHV36VBlK+3uQmh5MwHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvbmg2REMwTmVpc2pIVjM2VkJsSy0z
dVFtaDVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEAsix67h7vovS8hmiWi0Ek1e1Orr/11DAsMZNT
7WY3CpCxHIRM7bc3B3/6Z16DaQzuyUXzgX9SJcSoO5q5aTQjzV2FOjoVOpmhKPcf
Pd8eBIcRR+8dBE2fLhW0/xqtxqI+o6FiUlDXKbJwCeHm0D97T36TyoxsgXDKyozg
4RPHTLM4hLQ+Zl2ov+INChnxY4wmi3QBIVP47q4ZKoc5EjKa5llIATP+RBr9a7wn
woTJGU3hb8Wdj+vWIn6J3FzOo7/g/Y4u80RfGkLjSINoiiaGbtfGGb/OJuX/R0F7
JjLJYPoQC35nAXFsmu4nT/2d05LbEEd8pG44Nc/79Cuf0tPwsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org