Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/1s1bWKv-hCK3foHL2ou3-KhDldI.roa
File:                     1s1bWKv-hCK3foHL2ou3-KhDldI.roa (raw, json)
Hash identifier:          9X+SKS9myVN53H4ldfxqhYv6sLuu2oyZcsOi0Xwigd8=
Subject key identifier:   D6:CD:5B:58:AB:FE:84:22:B7:7E:81:CB:DA:8B:B7:F8:A8:43:95:D2
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       0C76
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/1s1bWKv-hCK3foHL2ou3-KhDldI.roa
Signing time:             Mon 16 Nov 2020 06:12:23 +0000
ROA not before:           Mon 16 Nov 2020 06:12:23 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18180
IP address blocks:        2404:178:14::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3190 (0xc76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Nov 16 06:12:23 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=D6CD5B58ABFE8422B77E81CBDA8BB7F8A84395D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ab:3a:30:f2:86:dc:36:09:ef:7d:d1:69:04:
                    84:27:e0:b5:9e:cd:e6:72:30:8a:fc:e9:4e:97:10:
                    4f:a0:37:27:0f:f2:ad:f1:86:36:9b:c8:91:50:a4:
                    2a:aa:26:19:8b:2f:aa:58:bd:19:5d:95:d9:08:5d:
                    20:d2:2a:fa:9c:6f:0d:de:c6:74:a4:39:c5:fe:06:
                    5a:22:84:b0:c6:f4:72:6f:d2:d3:e7:62:b2:29:b9:
                    fb:3d:45:31:a9:c6:53:51:6d:1e:92:b9:df:4e:63:
                    5a:f1:49:f4:51:4d:c5:f3:b4:bf:5a:76:da:16:1e:
                    56:9b:9e:fd:b9:c0:ef:94:76:84:9d:a4:59:b6:d2:
                    e3:df:9f:6b:73:39:81:99:7d:be:99:80:da:9c:6f:
                    34:94:b4:4c:f3:53:d3:5c:bd:a0:21:28:89:de:ce:
                    b5:24:18:96:cb:da:ff:60:58:fd:e0:4e:ab:1b:cf:
                    bc:50:0a:b9:af:66:29:73:93:43:cf:3a:53:7a:4f:
                    2c:76:12:2f:bb:01:6f:87:c8:1e:89:8b:54:72:d1:
                    a6:50:1d:0a:16:bb:b1:20:56:2a:e5:a2:70:a8:33:
                    06:f7:22:57:b2:93:2f:12:b5:ba:cf:61:b0:f3:bc:
                    32:69:2b:53:cf:39:dd:3b:e4:71:7c:d2:5e:17:b6:
                    07:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:CD:5B:58:AB:FE:84:22:B7:7E:81:CB:DA:8B:B7:F8:A8:43:95:D2
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/1s1bWKv-hCK3foHL2ou3-KhDldI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:178:14::/48

    Signature Algorithm: sha256WithRSAEncryption
         6b:dc:1b:a2:64:d0:6a:2e:35:d6:46:ef:41:14:08:91:05:d8:
         63:24:b9:bd:81:a2:f1:a7:ba:4a:f5:1d:0d:51:a6:b4:3d:3f:
         19:f5:2a:dd:62:cb:46:cc:3d:e6:82:7b:ce:4d:c2:54:d6:26:
         58:6b:23:4c:c4:f5:21:fd:59:cc:8d:9f:5c:07:9c:49:dc:e2:
         cf:9b:e0:1f:49:3c:07:96:dd:89:ac:37:06:77:e6:e2:34:1e:
         89:8a:4d:86:0b:b4:9b:c5:f8:c2:d8:39:e7:4e:c1:58:8d:5c:
         b7:cb:28:44:64:f5:d2:d1:8b:a5:3c:df:c4:da:c8:56:25:39:
         fe:f0:cf:fa:40:c6:51:fe:e7:3b:6c:80:5e:97:3c:2d:69:26:
         ac:2b:fd:b4:d4:b5:45:96:9f:98:63:2a:01:28:8f:cf:f8:8c:
         ea:25:13:e1:a9:95:68:ef:7c:16:24:e6:20:d8:c2:8a:a5:29:
         2f:05:3a:e1:48:85:68:12:2c:5b:f8:cf:78:38:9d:f2:4b:39:
         9b:a2:66:4d:e9:ae:1c:7d:de:35:ad:59:8d:22:b1:a0:7e:ab:
         0c:4e:54:83:36:ab:5f:25:9a:fa:80:0b:10:4e:0d:e2:1f:fe:
         94:ed:b9:7c:6a:bf:de:e3:1b:18:eb:10:a3:6d:de:1d:3e:c2:
         d6:06:7d:cc
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDHYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDExMTYw
NjEyMjNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ2Q0Q1QjU4QUJGRTg0
MjJCNzdFODFDQkRBOEJCN0Y4QTg0Mzk1RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVqzow8obcNgnvfdFpBIQn4LWezeZyMIr86U6XEE+gNycP8q3x
hjabyJFQpCqqJhmLL6pYvRldldkIXSDSKvqcbw3exnSkOcX+BloihLDG9HJv0tPn
YrIpufs9RTGpxlNRbR6Sud9OY1rxSfRRTcXztL9adtoWHlabnv25wO+UdoSdpFm2
0uPfn2tzOYGZfb6ZgNqcbzSUtEzzU9NcvaAhKInezrUkGJbL2v9gWP3gTqsbz7xQ
CrmvZilzk0PPOlN6Tyx2Ei+7AW+HyB6Ji1Ry0aZQHQoWu7EgVirlonCoMwb3Iley
ky8StbrPYbDzvDJpK1PPOd075HF80l4XtgfRAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQU1s1bWKv+hCK3foHL2ou3+KhDldIwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy8xczFiV0t2LWhDSzNmb0hMMm91
My1LaERsZEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQB
eAAUMA0GCSqGSIb3DQEBCwUAA4IBAQBr3BuiZNBqLjXWRu9BFAiRBdhjJLm9gaLx
p7pK9R0NUaa0PT8Z9SrdYstGzD3mgnvOTcJU1iZYayNMxPUh/VnMjZ9cB5xJ3OLP
m+AfSTwHlt2JrDcGd+biNB6Jik2GC7SbxfjC2DnnTsFYjVy3yyhEZPXS0YulPN/E
2shWJTn+8M/6QMZR/uc7bIBelzwtaSasK/201LVFlp+YYyoBKI/P+IzqJRPhqZVo
73wWJOYg2MKKpSkvBTrhSIVoEixb+M94OJ3ySzmbomZN6a4cfd41rVmNIrGgfqsM
TlSDNqtfJZr6gAsQTg3iH/6U7bl8ar/e4xsY6xCjbd4dPsLWBn3M
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org