Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/-Gf7B_vMHbHp243j4m387TCxIIM.roa
File:                     -Gf7B_vMHbHp243j4m387TCxIIM.roa (raw, json)
Hash identifier:          hGopBy7DI0zSo5qU5pwvqZE4ASIGbpLMlITrL087nT8=
Subject key identifier:   F8:67:FB:07:FB:CC:1D:B1:E9:DB:8D:E3:E2:6D:FC:ED:30:B1:20:83
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       0C70
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/-Gf7B_vMHbHp243j4m387TCxIIM.roa
Signing time:             Mon 16 Nov 2020 06:11:50 +0000
ROA not before:           Mon 16 Nov 2020 06:11:50 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18180
IP address blocks:        2404:178:11::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3184 (0xc70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Nov 16 06:11:50 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=F867FB07FBCC1DB1E9DB8DE3E26DFCED30B12083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:46:3c:46:8e:c6:23:e4:fe:53:76:96:fd:a0:
                    6e:0a:23:09:26:86:15:fd:43:6e:81:9a:1c:88:c4:
                    b6:84:86:aa:9f:73:8b:e8:55:86:80:35:e6:35:ff:
                    b7:2b:a7:8d:da:9d:86:d5:9e:9e:c9:a1:2b:ae:6c:
                    71:1b:83:6f:d5:d1:b7:fe:88:34:ca:43:84:b4:f5:
                    76:52:64:80:c0:b7:15:20:80:89:37:c3:84:e2:05:
                    9e:60:60:de:f9:ec:5a:79:24:64:77:6f:03:5c:7f:
                    70:31:68:32:5c:78:21:03:e4:37:b1:a7:79:e8:32:
                    de:13:1c:19:97:ac:09:e3:ff:11:14:a7:3a:e4:23:
                    3e:80:55:66:b5:46:d2:cc:bc:9f:f2:45:d2:b0:01:
                    71:43:81:1d:8b:50:4b:e0:9c:d2:94:e6:cf:0b:b9:
                    5d:cd:18:57:d0:25:d4:df:d4:fc:c9:fb:bc:6e:da:
                    21:7a:2e:5e:15:ca:3b:21:df:ac:45:f4:03:82:b2:
                    85:9c:89:20:9a:61:d5:20:2e:b6:66:74:33:e5:87:
                    7a:2e:92:a7:c8:f5:ec:42:ee:3c:72:f2:35:73:79:
                    4d:fe:1f:9d:82:67:f1:d1:ea:fa:a6:c6:3b:37:3e:
                    e0:7a:65:c5:5f:0e:95:90:cf:aa:5e:5a:53:66:48:
                    f2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:67:FB:07:FB:CC:1D:B1:E9:DB:8D:E3:E2:6D:FC:ED:30:B1:20:83
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/-Gf7B_vMHbHp243j4m387TCxIIM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:178:11::/48

    Signature Algorithm: sha256WithRSAEncryption
         ac:84:48:ea:e8:71:5d:4e:b2:87:67:95:26:57:fc:71:6b:d0:
         5a:01:1c:c0:e2:11:ab:fa:2d:c2:ba:2c:d1:22:aa:f5:ed:11:
         69:8a:59:6e:79:79:65:cf:ff:20:b2:64:36:e2:3a:f1:0c:dc:
         e4:a1:62:8d:a6:4e:53:0a:cd:e0:1f:ec:60:c4:81:49:7b:02:
         a0:94:db:66:51:e9:be:17:9b:90:9e:7f:44:ea:6c:4c:ae:06:
         d8:4a:2a:f7:e9:d8:4b:d4:f7:49:0f:a4:63:db:88:79:86:22:
         c1:0c:97:1e:55:22:bc:1a:fb:76:02:eb:3d:7b:3d:8f:ff:93:
         25:6c:ee:28:6f:6f:05:d2:ea:da:be:de:f4:58:eb:1e:d0:ae:
         d5:25:ad:5c:f7:df:48:e1:76:b1:52:e3:bd:ba:fb:bd:41:d5:
         21:82:fa:89:8a:84:5b:a1:21:03:3b:74:04:13:ef:33:2e:1b:
         a7:e0:fd:23:ed:7c:5e:41:b2:5d:7e:02:c7:03:e6:36:d5:d1:
         db:4c:99:98:08:dd:0d:37:1d:2c:6b:71:91:6c:3a:da:fd:9c:
         12:c4:3d:28:0a:0d:3d:d2:4e:ed:6b:ab:c7:a1:35:54:96:cf:
         75:2b:68:2b:35:25:85:e2:51:fb:9d:c8:a3:25:81:f9:ee:69:
         de:50:f1:72
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDExMTYw
NjExNTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY4NjdGQjA3RkJDQzFE
QjFFOURCOERFM0UyNkRGQ0VEMzBCMTIwODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqRjxGjsYj5P5Tdpb9oG4KIwkmhhX9Q26BmhyIxLaEhqqfc4vo
VYaANeY1/7crp43anYbVnp7JoSuubHEbg2/V0bf+iDTKQ4S09XZSZIDAtxUggIk3
w4TiBZ5gYN757Fp5JGR3bwNcf3AxaDJceCED5Dexp3noMt4THBmXrAnj/xEUpzrk
Iz6AVWa1RtLMvJ/yRdKwAXFDgR2LUEvgnNKU5s8LuV3NGFfQJdTf1PzJ+7xu2iF6
Ll4Vyjsh36xF9AOCsoWciSCaYdUgLrZmdDPlh3oukqfI9exC7jxy8jVzeU3+H52C
Z/HR6vqmxjs3PuB6ZcVfDpWQz6peWlNmSPJpAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQU+Gf7B/vMHbHp243j4m387TCxIIMwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy8tR2Y3Ql92TUhiSHAyNDNqNG0z
ODdUQ3hJSU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQB
eAARMA0GCSqGSIb3DQEBCwUAA4IBAQCshEjq6HFdTrKHZ5UmV/xxa9BaARzA4hGr
+i3CuizRIqr17RFpillueXllz/8gsmQ24jrxDNzkoWKNpk5TCs3gH+xgxIFJewKg
lNtmUem+F5uQnn9E6mxMrgbYSir36dhL1PdJD6Rj24h5hiLBDJceVSK8Gvt2Aus9
ez2P/5MlbO4ob28F0uravt70WOse0K7VJa1c999I4XaxUuO9uvu9QdUhgvqJioRb
oSEDO3QEE+8zLhun4P0j7XxeQbJdfgLHA+Y21dHbTJmYCN0NNx0sa3GRbDra/ZwS
xD0oCg090k7ta6vHoTVUls91K2grNSWF4lH7ncijJYH57mneUPFy
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org