Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Yx-ZSSs8yBYII6qEvCnhb4SAXrw.roa
File:                     Yx-ZSSs8yBYII6qEvCnhb4SAXrw.roa (raw, json)
Hash identifier:          v1hXxw3slpePU7vqAnkm1tQdcnaERTzI5SOVMMECgVc=
Subject key identifier:   63:1F:99:49:2B:3C:C8:16:08:23:AA:84:BC:29:E1:6F:84:80:5E:BC
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       0DC9
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Yx-ZSSs8yBYII6qEvCnhb4SAXrw.roa
Signing time:             Mon 23 Nov 2020 07:23:12 +0000
ROA not before:           Mon 23 Nov 2020 07:23:12 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18180
IP address blocks:        2404:178:10::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Nov 23 07:23:12 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=631F99492B3CC8160823AA84BC29E16F84805EBC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:e6:7a:ca:94:c9:98:5e:33:c4:a4:71:4e:ff:
                    17:32:8c:db:d4:de:e7:e7:4a:83:89:e7:30:06:d9:
                    57:8d:4d:d0:91:9b:cf:e9:7c:b0:40:29:a3:5f:21:
                    d4:83:2a:46:82:97:81:29:1f:96:fb:ff:f6:2b:d4:
                    6a:20:1d:42:19:0f:ce:01:be:76:05:30:b4:26:b4:
                    13:98:43:72:33:df:33:31:df:dc:ee:60:66:70:69:
                    80:e0:a7:a6:27:35:e0:83:05:26:17:cd:aa:56:5b:
                    8a:6e:f5:7b:1d:f5:cd:18:d9:96:d0:e6:bf:94:ad:
                    36:51:00:6f:c7:9b:95:d9:dd:8f:23:3d:81:8b:0c:
                    7c:2c:5c:db:4a:4a:c4:d5:40:7a:13:11:85:7b:a1:
                    7c:4f:2a:d7:3b:5e:76:48:91:00:e8:3d:6f:de:07:
                    aa:b5:1e:be:ea:fe:f2:68:75:a5:55:17:8f:93:da:
                    c9:5b:b2:0c:2d:d9:f8:e1:19:dc:b2:c7:5d:69:62:
                    7e:7d:b4:37:d0:83:53:fe:ca:8f:08:13:42:dd:18:
                    41:ac:0b:f0:5f:36:e7:68:e1:94:8c:4a:8f:63:22:
                    19:02:7c:a0:87:19:ab:36:76:8b:4b:4e:6e:d6:f8:
                    01:2e:04:4a:30:f0:d7:da:6e:99:dd:1f:13:06:8f:
                    62:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:1F:99:49:2B:3C:C8:16:08:23:AA:84:BC:29:E1:6F:84:80:5E:BC
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Yx-ZSSs8yBYII6qEvCnhb4SAXrw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:178:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:4d:a7:b5:e9:d1:f3:20:2c:22:41:8a:28:3f:f6:21:93:72:
         2b:81:ce:e5:18:e5:5d:49:39:a5:12:e7:9a:c7:e8:6e:f9:9a:
         9e:9d:60:4f:b4:6f:be:1d:20:1a:4e:ba:fa:3e:94:53:9e:6f:
         2a:fe:c0:cd:76:e0:51:97:19:03:17:7d:2b:dd:c3:95:c0:88:
         5f:f6:f7:60:f0:a0:10:71:a1:33:2b:03:f6:fb:f9:a9:cb:17:
         d4:d3:7c:c1:83:0c:e5:39:47:62:b6:c5:ca:37:93:74:06:f1:
         8a:89:d2:56:52:96:1d:7c:9c:5a:f2:cb:44:a9:17:a6:9a:c5:
         c5:fc:c7:4d:05:f6:43:a9:9f:92:8e:8c:1b:62:d3:58:85:6d:
         2e:2e:51:dd:ce:e7:15:cb:8b:1d:40:4e:d1:4b:46:9b:0a:84:
         9a:43:1e:e6:35:a8:e7:55:87:fc:57:77:d7:1a:45:db:98:76:
         a0:ba:e1:36:ed:ca:cc:05:63:89:75:4b:90:56:b0:8f:a8:a1:
         46:57:91:31:1e:d9:5e:12:64:9e:ed:72:d0:0e:b2:0b:25:30:
         eb:61:d0:b8:21:e4:66:09:9b:40:83:d4:40:94:05:4a:2e:a2:
         97:f9:98:4a:10:09:60:2e:8d:b6:5f:74:0a:89:1d:7b:41:e6:
         cc:ce:c2:a7
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDExMjMw
NzIzMTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDYzMUY5OTQ5MkIzQ0M4
MTYwODIzQUE4NEJDMjlFMTZGODQ4MDVFQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC65nrKlMmYXjPEpHFO/xcyjNvU3ufnSoOJ5zAG2VeNTdCRm8/p
fLBAKaNfIdSDKkaCl4EpH5b7//Yr1GogHUIZD84BvnYFMLQmtBOYQ3Iz3zMx39zu
YGZwaYDgp6YnNeCDBSYXzapWW4pu9Xsd9c0Y2ZbQ5r+UrTZRAG/Hm5XZ3Y8jPYGL
DHwsXNtKSsTVQHoTEYV7oXxPKtc7XnZIkQDoPW/eB6q1Hr7q/vJodaVVF4+T2slb
sgwt2fjhGdyyx11pYn59tDfQg1P+yo8IE0LdGEGsC/BfNudo4ZSMSo9jIhkCfKCH
Gas2dotLTm7W+AEuBEow8NfabpndHxMGj2LFAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUYx+ZSSs8yBYII6qEvCnhb4SAXrwwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9ZeC1aU1NzOHlCWUlJNnFFdkNu
aGI0U0FYcncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQB
eAAQMA0GCSqGSIb3DQEBCwUAA4IBAQChTae16dHzICwiQYooP/Yhk3Irgc7lGOVd
STmlEueax+hu+ZqenWBPtG++HSAaTrr6PpRTnm8q/sDNduBRlxkDF30r3cOVwIhf
9vdg8KAQcaEzKwP2+/mpyxfU03zBgwzlOUditsXKN5N0BvGKidJWUpYdfJxa8stE
qRemmsXF/MdNBfZDqZ+SjowbYtNYhW0uLlHdzucVy4sdQE7RS0abCoSaQx7mNajn
VYf8V3fXGkXbmHaguuE27crMBWOJdUuQVrCPqKFGV5ExHtleEmSe7XLQDrILJTDr
YdC4IeRmCZtAg9RAlAVKLqKX+ZhKEAlgLo22X3QKiR17QebMzsKn
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org