Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/DE0X3vfjIwlx-v0I6bCDtsf1iFU.roa
File:                     DE0X3vfjIwlx-v0I6bCDtsf1iFU.roa (raw, json)
Hash identifier:          9QL71A0fp4XziAgaw1SBi828W3hPsIGKAVF95L5/UqM=
Subject key identifier:   0C:4D:17:DE:F7:E3:23:09:71:FA:FD:08:E9:B0:83:B6:C7:F5:88:55
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       0C3F
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/DE0X3vfjIwlx-v0I6bCDtsf1iFU.roa
Signing time:             Tue 10 Nov 2020 03:00:21 +0000
ROA not before:           Tue 10 Nov 2020 03:00:21 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18180
IP address blocks:        2404:178:2::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3135 (0xc3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Nov 10 03:00:21 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=0C4D17DEF7E3230971FAFD08E9B083B6C7F58855
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:32:7c:51:c5:7a:3f:54:97:7d:28:37:b2:49:
                    bc:23:21:14:ff:4b:e4:0f:45:2c:62:f8:30:21:ea:
                    c3:35:b7:1b:d4:30:11:3e:72:9e:55:92:58:5e:d3:
                    22:49:8a:66:83:16:a1:8e:14:96:fa:de:4f:42:13:
                    44:77:6d:b2:f3:d5:57:2a:5a:b3:76:1b:c0:41:8d:
                    09:26:cc:98:88:b8:13:9e:35:03:cd:7f:ff:0d:c8:
                    78:38:fd:d2:e3:c6:78:72:2f:9d:85:d6:19:78:7b:
                    dc:ec:cb:79:6b:e1:1c:00:fe:ea:73:f0:da:27:bd:
                    7e:52:3e:00:74:97:eb:fc:3e:f1:e3:92:d9:4a:27:
                    79:da:f7:74:d7:f7:d0:85:9a:df:c0:4e:de:6b:23:
                    89:1a:89:8b:0b:34:df:5a:6b:4d:da:1e:db:5a:f0:
                    f6:8e:33:ba:50:75:08:55:32:1c:eb:3c:3e:55:a2:
                    d9:b4:51:c5:1d:b3:a5:82:27:46:04:9a:fc:6f:75:
                    ca:84:9a:7d:48:81:56:07:a8:a3:fb:4b:da:36:1a:
                    f7:38:d5:3f:fe:4c:53:8a:74:15:f3:f9:61:8a:3f:
                    03:49:01:67:88:36:17:96:ea:f7:8f:1b:ae:3e:72:
                    a9:32:91:af:8e:9f:79:db:de:d5:67:84:9f:11:93:
                    23:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:4D:17:DE:F7:E3:23:09:71:FA:FD:08:E9:B0:83:B6:C7:F5:88:55
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/DE0X3vfjIwlx-v0I6bCDtsf1iFU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:178:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:7c:3a:7e:4d:5c:fb:61:30:cd:ec:7f:61:00:17:1f:de:60:
         8c:b5:38:b8:45:0b:ab:ae:48:2e:38:37:92:55:36:e7:06:58:
         e1:02:34:92:72:7b:ce:a2:f1:6f:38:d3:64:d0:13:b0:41:8a:
         27:74:6d:30:a3:59:00:5f:b7:18:f7:49:ec:da:cf:7d:35:22:
         79:b2:36:56:b1:5a:31:cf:fc:de:e2:5d:a2:bd:ee:b6:0a:b3:
         e5:f0:13:42:86:7a:10:26:db:57:d7:9f:ad:af:10:de:13:85:
         98:5c:8d:b2:84:a9:ae:96:26:e7:30:84:11:60:b3:a9:a9:b2:
         e6:e9:a4:bb:04:c2:81:9c:82:bd:a9:61:23:eb:cf:58:46:30:
         59:52:15:3b:db:bc:d9:00:33:91:5e:a5:1a:77:9e:10:cd:99:
         a2:8c:86:ef:d3:9e:01:12:8c:d5:fa:47:cf:2b:e5:d3:a5:61:
         5c:05:e6:ef:ff:b2:28:88:03:40:0e:11:ed:64:b7:4d:fc:33:
         43:ff:54:a1:21:16:23:ad:4e:cf:6f:3c:20:cb:bd:88:0c:06:
         a8:1f:d2:81:07:06:61:80:44:6c:92:70:d9:b7:82:9b:32:3a:
         1d:1f:eb:c1:f9:1f:f6:9f:db:2c:f1:a9:41:a6:b9:4d:9d:00:
         fe:34:53:66
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDD8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDExMTAw
MzAwMjFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBDNEQxN0RFRjdFMzIz
MDk3MUZBRkQwOEU5QjA4M0I2QzdGNTg4NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/MnxRxXo/VJd9KDeySbwjIRT/S+QPRSxi+DAh6sM1txvUMBE+
cp5Vklhe0yJJimaDFqGOFJb63k9CE0R3bbLz1VcqWrN2G8BBjQkmzJiIuBOeNQPN
f/8NyHg4/dLjxnhyL52F1hl4e9zsy3lr4RwA/upz8NonvX5SPgB0l+v8PvHjktlK
J3na93TX99CFmt/ATt5rI4kaiYsLNN9aa03aHtta8PaOM7pQdQhVMhzrPD5Votm0
UcUds6WCJ0YEmvxvdcqEmn1IgVYHqKP7S9o2Gvc41T/+TFOKdBXz+WGKPwNJAWeI
NheW6vePG64+cqkyka+On3nb3tVnhJ8RkyPtAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUDE0X3vfjIwlx+v0I6bCDtsf1iFUwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9ERTBYM3Zmakl3bHgtdjBJNmJD
RHRzZjFpRlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQB
eAACMA0GCSqGSIb3DQEBCwUAA4IBAQCRfDp+TVz7YTDN7H9hABcf3mCMtTi4RQur
rkguODeSVTbnBljhAjSScnvOovFvONNk0BOwQYondG0wo1kAX7cY90ns2s99NSJ5
sjZWsVoxz/ze4l2ive62CrPl8BNChnoQJttX15+trxDeE4WYXI2yhKmulibnMIQR
YLOpqbLm6aS7BMKBnIK9qWEj689YRjBZUhU727zZADORXqUad54QzZmijIbv054B
EozV+kfPK+XTpWFcBebv/7IoiANADhHtZLdN/DND/1ShIRYjrU7Pbzwgy72IDAao
H9KBBwZhgERsknDZt4KbMjodH+vB+R/2n9ss8alBprlNnQD+NFNm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org