Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/XU3C1n23Tq6lngJY2CKM4J4BA40.roa
File:                     XU3C1n23Tq6lngJY2CKM4J4BA40.roa (raw, json)
Hash identifier:          096fhtIEr/I6ArnVZ/Jh7FfAsNThWcRAluptpELF+Fw=
Subject key identifier:   5D:4D:C2:D6:7D:B7:4E:AE:A5:9E:02:58:D8:22:8C:E0:9E:01:03:8D
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       0DBD
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/XU3C1n23Tq6lngJY2CKM4J4BA40.roa
Signing time:             Mon 23 Nov 2020 07:22:19 +0000
ROA not before:           Mon 23 Nov 2020 07:22:19 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18180
IP address blocks:        2404:178:4::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3517 (0xdbd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Nov 23 07:22:19 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=5D4DC2D67DB74EAEA59E0258D8228CE09E01038D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:95:e8:44:a7:21:12:d5:53:5a:80:9b:95:8c:
                    7e:9f:ed:16:24:98:34:4c:85:5e:3b:8e:05:e7:53:
                    ab:67:c1:8f:09:7c:d6:13:c7:65:60:fb:d3:e1:e2:
                    4c:fb:6d:64:55:d2:97:1b:12:fb:b1:a2:97:93:fc:
                    fe:fd:3f:2b:64:a8:20:aa:5a:45:c9:76:72:47:57:
                    75:8c:f6:54:01:b8:5c:8f:41:86:18:62:2e:54:7f:
                    4b:86:85:fa:02:ca:94:c0:8a:d3:fc:27:91:63:3c:
                    d1:9e:f0:b1:00:0b:3a:10:c0:1f:ef:3d:86:7f:28:
                    0d:19:1c:8a:3c:15:0d:a6:73:d4:3a:43:da:92:51:
                    32:e2:d7:3d:9b:f8:af:a1:1c:41:a5:f0:08:48:72:
                    2b:62:d4:b0:fa:39:ca:f5:d0:5a:98:5b:34:8a:b8:
                    f7:93:9c:b0:59:02:bd:51:9a:91:7f:6d:2a:24:6b:
                    4d:01:6d:59:e9:d5:a5:46:e9:73:38:05:9c:74:95:
                    2e:d6:7e:5e:60:1b:b7:2a:ad:d5:77:78:9c:85:ca:
                    f3:34:98:a1:29:7a:36:99:8b:2a:c5:d0:73:85:03:
                    8a:11:39:14:73:f7:18:02:2e:63:fa:bd:c6:57:58:
                    bf:50:4c:91:e0:cc:17:af:f2:83:89:ce:aa:58:da:
                    12:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:4D:C2:D6:7D:B7:4E:AE:A5:9E:02:58:D8:22:8C:E0:9E:01:03:8D
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/XU3C1n23Tq6lngJY2CKM4J4BA40.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:178:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:42:1c:73:cd:09:39:b7:1f:ee:26:24:1c:65:9d:df:be:41:
         46:75:0e:bc:60:3a:69:b7:ce:b0:63:bd:b4:9c:2a:5b:82:05:
         d5:ae:e8:24:a0:26:04:69:8f:49:23:4f:74:4a:0b:3d:88:67:
         e7:ba:1c:ac:6f:1d:d4:63:be:8d:fa:e8:fc:e1:48:4b:48:e1:
         7e:94:94:40:04:bf:8b:e7:8a:45:2a:f8:38:b9:86:36:47:56:
         72:ce:39:ce:53:69:7e:6a:29:44:69:49:e2:48:05:9c:10:7d:
         68:67:1b:d7:0e:0b:5b:e9:50:e4:2e:3d:84:cb:f5:f2:95:f8:
         3b:db:2b:11:f9:b1:bc:29:07:de:bb:ce:e8:1f:80:53:99:24:
         e4:12:54:43:4b:a5:0e:dc:4b:a5:57:8e:61:83:82:c9:93:3b:
         f5:2a:dd:61:2a:74:a2:c4:bb:08:60:af:11:c9:84:14:60:45:
         8a:7f:a6:0f:b6:7f:77:ba:6c:4a:9f:9c:e2:66:61:e5:db:81:
         94:90:8e:51:97:8b:a1:7f:16:ed:6b:7d:df:75:2d:45:39:7a:
         2d:4c:0d:0c:ec:b5:ca:8e:3d:18:06:c4:f9:36:93:f3:f7:49:
         c1:6f:53:22:c0:c4:be:da:73:18:1f:bf:68:c8:09:d5:6c:51:
         c9:71:82:b4
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDExMjMw
NzIyMTlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDVENERDMkQ2N0RCNzRF
QUVBNTlFMDI1OEQ4MjI4Q0UwOUUwMTAzOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCylehEpyES1VNagJuVjH6f7RYkmDRMhV47jgXnU6tnwY8JfNYT
x2Vg+9Ph4kz7bWRV0pcbEvuxopeT/P79PytkqCCqWkXJdnJHV3WM9lQBuFyPQYYY
Yi5Uf0uGhfoCypTAitP8J5FjPNGe8LEACzoQwB/vPYZ/KA0ZHIo8FQ2mc9Q6Q9qS
UTLi1z2b+K+hHEGl8AhIciti1LD6Ocr10FqYWzSKuPeTnLBZAr1RmpF/bSoka00B
bVnp1aVG6XM4BZx0lS7Wfl5gG7cqrdV3eJyFyvM0mKEpejaZiyrF0HOFA4oRORRz
9xgCLmP6vcZXWL9QTJHgzBev8oOJzqpY2hJ3AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUXU3C1n23Tq6lngJY2CKM4J4BA40wHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9YVTNDMW4yM1RxNmxuZ0pZMkNL
TTRKNEJBNDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQB
eAAEMA0GCSqGSIb3DQEBCwUAA4IBAQAxQhxzzQk5tx/uJiQcZZ3fvkFGdQ68YDpp
t86wY720nCpbggXVrugkoCYEaY9JI090Sgs9iGfnuhysbx3UY76N+uj84UhLSOF+
lJRABL+L54pFKvg4uYY2R1ZyzjnOU2l+ailEaUniSAWcEH1oZxvXDgtb6VDkLj2E
y/Xylfg72ysR+bG8KQfeu87oH4BTmSTkElRDS6UO3EulV45hg4LJkzv1Kt1hKnSi
xLsIYK8RyYQUYEWKf6YPtn93umxKn5ziZmHl24GUkI5Rl4uhfxbta33fdS1FOXot
TA0M7LXKjj0YBsT5NpPz90nBb1MiwMS+2nMYH79oyAnVbFHJcYK0
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org