Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/0I0HkG9vQQoFQb66yyeMwzVb4fQ.roa
File:                     0I0HkG9vQQoFQb66yyeMwzVb4fQ.roa (raw, json)
Hash identifier:          c8+L73/HvOe30dFr2BqE59xgmdfX1urrTyjRmMvq3FA=
Subject key identifier:   D0:8D:07:90:6F:6F:41:0A:05:41:BE:BA:CB:27:8C:C3:35:5B:E1:F4
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       0DBB
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/0I0HkG9vQQoFQb66yyeMwzVb4fQ.roa
Signing time:             Mon 23 Nov 2020 07:22:10 +0000
ROA not before:           Mon 23 Nov 2020 07:22:10 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18180
IP address blocks:        2404:178:3::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3515 (0xdbb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Nov 23 07:22:10 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=D08D07906F6F410A0541BEBACB278CC3355BE1F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:44:27:e9:6e:13:06:34:f5:dd:85:75:ca:5d:
                    f3:e0:87:aa:23:d0:a8:2c:6b:56:fb:4d:78:f4:d3:
                    29:1f:8f:a9:c2:b5:f3:cc:ab:a4:73:0e:7d:4a:fd:
                    37:0c:95:53:8a:cd:f6:94:0d:da:f0:0a:59:91:b9:
                    71:5f:ae:b6:26:41:55:52:f9:ac:f3:13:0f:0e:2e:
                    49:cf:1d:39:2e:9a:e1:11:9e:3b:a7:ca:7c:43:d1:
                    44:23:a1:9e:80:f7:e4:00:05:0f:f1:49:1f:bd:91:
                    80:90:ab:8c:f2:a2:60:9d:70:86:21:f4:a6:48:6d:
                    f4:33:fd:04:88:50:51:29:e0:09:79:fc:7a:ab:05:
                    79:e9:1e:8c:7f:3b:e5:4b:f8:da:f9:15:e1:0d:60:
                    2d:7f:54:a9:bb:46:05:0f:80:5d:da:3d:05:24:c4:
                    61:45:77:52:3a:de:eb:8b:6f:20:90:2c:a8:03:5a:
                    ea:db:c7:7d:f5:77:1f:a0:41:54:28:4c:e2:89:27:
                    5e:20:4a:c7:0f:f7:2c:2e:43:7c:9e:e4:16:68:2a:
                    ff:c5:36:eb:a1:5e:ec:c1:7c:f3:14:d8:89:bf:5f:
                    a3:07:64:6e:ed:96:f6:7b:f9:81:7b:82:a3:fc:9d:
                    85:23:8a:e3:e9:c0:58:04:e1:9a:af:78:e9:18:29:
                    10:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:8D:07:90:6F:6F:41:0A:05:41:BE:BA:CB:27:8C:C3:35:5B:E1:F4
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/0I0HkG9vQQoFQb66yyeMwzVb4fQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:178:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:60:db:e7:bf:8c:21:53:3d:64:8e:08:64:74:4e:24:6c:92:
         20:da:99:99:25:d1:c4:1a:54:bc:63:5a:8a:2e:1d:4d:7f:60:
         44:07:2f:b1:11:d5:d1:05:70:41:ea:1f:bf:c5:ae:4d:f5:06:
         f6:81:8e:f7:47:65:03:bc:b8:f6:de:31:ad:c5:72:61:a9:f4:
         e0:ed:b3:a8:90:7c:d9:ff:3f:20:ad:19:a2:a6:78:2b:f5:40:
         0a:97:3d:b4:01:dc:6f:c0:58:ae:33:85:da:36:8e:d3:9c:d6:
         c2:93:fd:da:38:2c:97:ba:f9:94:ce:10:b2:4f:00:29:31:de:
         ff:d3:d6:0b:ca:8d:f7:99:0a:58:02:b0:b2:14:b5:40:c7:c3:
         5b:ef:20:42:b7:13:52:2f:26:b1:aa:45:10:3e:48:d3:46:25:
         7f:d1:c7:78:59:76:77:b7:58:57:67:5f:d2:37:75:da:e0:7e:
         b3:39:c4:1b:ad:a5:cb:9b:5e:32:b3:2d:0f:6a:92:24:1a:93:
         ec:d8:3b:df:9b:5e:9c:29:d7:ac:de:91:3b:32:39:24:fb:1d:
         8a:0b:82:64:e5:f9:29:f3:d8:5a:8c:60:f6:f3:59:99:1a:c9:
         22:08:ab:e5:a4:e1:be:ee:44:d1:f9:61:ae:e2:e0:f2:79:8a:
         80:09:50:18
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDbswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDExMjMw
NzIyMTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQwOEQwNzkwNkY2RjQx
MEEwNTQxQkVCQUNCMjc4Q0MzMzU1QkUxRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpRCfpbhMGNPXdhXXKXfPgh6oj0Kgsa1b7TXj00ykfj6nCtfPM
q6RzDn1K/TcMlVOKzfaUDdrwClmRuXFfrrYmQVVS+azzEw8OLknPHTkumuERnjun
ynxD0UQjoZ6A9+QABQ/xSR+9kYCQq4zyomCdcIYh9KZIbfQz/QSIUFEp4Al5/Hqr
BXnpHox/O+VL+Nr5FeENYC1/VKm7RgUPgF3aPQUkxGFFd1I63uuLbyCQLKgDWurb
x331dx+gQVQoTOKJJ14gSscP9ywuQ3ye5BZoKv/FNuuhXuzBfPMU2Im/X6MHZG7t
lvZ7+YF7gqP8nYUjiuPpwFgE4ZqveOkYKRAfAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQU0I0HkG9vQQoFQb66yyeMwzVb4fQwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy8wSTBIa0c5dlFRb0ZRYjY2eXll
TXd6VmI0ZlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQB
eAADMA0GCSqGSIb3DQEBCwUAA4IBAQAkYNvnv4whUz1kjghkdE4kbJIg2pmZJdHE
GlS8Y1qKLh1Nf2BEBy+xEdXRBXBB6h+/xa5N9Qb2gY73R2UDvLj23jGtxXJhqfTg
7bOokHzZ/z8grRmipngr9UAKlz20AdxvwFiuM4XaNo7TnNbCk/3aOCyXuvmUzhCy
TwApMd7/09YLyo33mQpYArCyFLVAx8Nb7yBCtxNSLyaxqkUQPkjTRiV/0cd4WXZ3
t1hXZ1/SN3Xa4H6zOcQbraXLm14ysy0PapIkGpPs2Dvfm16cKdes3pE7Mjkk+x2K
C4Jk5fkp89hajGD281mZGskiCKvlpOG+7kTR+WGu4uDyeYqACVAY
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org