Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/q1NN5PHYVPHYlKH2Ci21EswAcWs.roa
File:                     q1NN5PHYVPHYlKH2Ci21EswAcWs.roa (raw, json)
Hash identifier:          Q3UXY0T0DnzxwMiARlytF8ME4l0hSSfKxfzHkYf2uhg=
Subject key identifier:   AB:53:4D:E4:F1:D8:54:F1:D8:94:A1:F6:0A:2D:B5:12:CC:00:71:6B
Certificate issuer:       /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial:       07DC
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/q1NN5PHYVPHYlKH2Ci21EswAcWs.roa
Signing time:             Thu 15 Sep 2022 02:34:48 +0000
ROA not before:           Thu 15 Sep 2022 02:34:48 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     141173
IP address blocks:        2405:a640:1173::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2012 (0x7dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
        Validity
            Not Before: Sep 15 02:34:48 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=AB534DE4F1D854F1D894A1F60A2DB512CC00716B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:4a:86:e2:d2:c8:a7:ad:b9:f9:35:6a:a2:b3:
                    9a:69:6d:a2:27:c8:72:6e:da:b5:a9:9e:97:77:16:
                    ee:9c:ff:98:7b:b6:87:8f:d2:12:6b:f3:37:c6:a2:
                    be:7a:99:00:10:e0:72:60:97:04:af:f6:f7:bf:b5:
                    b7:13:07:3b:4b:53:2b:97:0e:75:c3:b6:f4:a9:1f:
                    3f:40:96:5c:dc:bc:d8:85:14:32:56:6e:61:91:ac:
                    fe:d8:3a:ab:b7:cb:d9:ec:ad:66:6a:4a:2b:85:d5:
                    f7:ad:c9:da:aa:9d:d1:66:3a:cf:a9:f6:af:90:12:
                    b1:c0:87:fe:f3:bb:80:3d:96:a9:32:2a:0c:15:e9:
                    b1:e5:40:64:eb:6b:34:6a:5d:ae:3e:ff:20:be:e6:
                    c4:04:1d:c1:61:85:21:61:ea:7b:2e:4a:8b:a4:07:
                    0a:38:bf:32:a3:55:42:29:75:f0:2a:11:d7:f4:03:
                    dd:b0:2d:0a:3a:4f:8d:c3:6b:f4:9f:cc:8a:25:7c:
                    d1:8d:f0:9b:5f:8a:94:ec:57:67:70:c5:35:93:27:
                    f2:2c:e3:f5:ac:76:9f:88:c6:e5:e9:0e:d5:a7:03:
                    58:7b:10:a7:e7:97:a8:35:e1:fc:f1:12:58:aa:cf:
                    55:c8:c7:b0:fb:3e:7d:0e:72:77:d4:6a:d7:f3:e7:
                    67:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:53:4D:E4:F1:D8:54:F1:D8:94:A1:F6:0A:2D:B5:12:CC:00:71:6B
            X509v3 Authority Key Identifier:
                keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/q1NN5PHYVPHYlKH2Ci21EswAcWs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:a640:1173::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:5a:e1:36:04:8e:08:7f:bc:a3:94:87:19:66:e8:de:71:4e:
         ae:2e:61:48:21:18:0c:ff:03:ab:dc:86:a8:1f:86:12:9b:2b:
         5e:cc:57:34:8f:6d:ea:d2:ce:04:ae:a2:36:47:a7:65:c8:88:
         88:ce:62:1e:2b:f1:ae:32:a9:90:b4:12:68:40:34:ae:51:fa:
         11:e8:60:3d:27:b6:b5:99:6a:e6:56:b1:ee:8c:d1:d9:8b:54:
         ba:8a:37:fd:0b:8b:58:1b:a5:cb:50:97:3f:2d:b8:f8:12:e2:
         bb:55:32:33:1d:35:17:ae:37:42:1c:31:f9:bf:f9:12:34:d2:
         da:2a:b3:d0:31:5e:df:6a:fb:12:ee:28:8c:15:e9:ab:d2:bd:
         8b:1e:39:c5:85:49:c9:37:37:74:6f:41:21:82:cb:7a:ff:7d:
         d7:b7:da:92:e6:03:9c:16:cf:38:5c:e1:da:47:fd:72:5a:b0:
         10:3a:08:1d:cb:8d:af:3a:e4:92:8a:82:87:dd:c3:bc:af:72:
         09:95:dd:e1:e6:cf:ee:88:6d:73:93:60:6a:01:53:e4:00:ca:
         a6:c4:23:52:eb:79:94:2c:44:fb:af:7f:ce:2a:ac:18:74:5e:
         b3:03:e8:e6:c5:a4:43:ee:02:c7:92:9c:57:f6:2f:39:ed:a6:
         af:86:fe:3f
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICB9wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMjA5MTUw
MjM0NDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFCNTM0REU0RjFEODU0
RjFEODk0QTFGNjBBMkRCNTEyQ0MwMDcxNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLSobi0sinrbn5NWqis5ppbaInyHJu2rWpnpd3Fu6c/5h7toeP
0hJr8zfGor56mQAQ4HJglwSv9ve/tbcTBztLUyuXDnXDtvSpHz9AllzcvNiFFDJW
bmGRrP7YOqu3y9nsrWZqSiuF1fetydqqndFmOs+p9q+QErHAh/7zu4A9lqkyKgwV
6bHlQGTrazRqXa4+/yC+5sQEHcFhhSFh6nsuSoukBwo4vzKjVUIpdfAqEdf0A92w
LQo6T43Da/SfzIolfNGN8JtfipTsV2dwxTWTJ/Is4/Wsdp+IxuXpDtWnA1h7EKfn
l6g14fzxEliqz1XIx7D7Pn0OcnfUatfz52cfAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUq1NN5PHYVPHYlKH2Ci21EswAcWswHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvcTFOTjVQSFlWUEhZbEtIMkNpMjFF
c3dBY1dzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQFpkAR
czANBgkqhkiG9w0BAQsFAAOCAQEAYVrhNgSOCH+8o5SHGWbo3nFOri5hSCEYDP8D
q9yGqB+GEpsrXsxXNI9t6tLOBK6iNkenZciIiM5iHivxrjKpkLQSaEA0rlH6Eehg
PSe2tZlq5lax7ozR2YtUuoo3/QuLWBuly1CXPy24+BLiu1UyMx01F643Qhwx+b/5
EjTS2iqz0DFe32r7Eu4ojBXpq9K9ix45xYVJyTc3dG9BIYLLev9917fakuYDnBbP
OFzh2kf9clqwEDoIHcuNrzrkkoqCh93DvK9yCZXd4ebP7ohtc5NgagFT5ADKpsQj
Uut5lCxE+69/ziqsGHReswPo5sWkQ+4Cx5KcV/YvOe2mr4b+Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:43 2024 by rpki-client on console-ams.rpki-client.org