Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/k69uLfm-dQ_Abl7JMpLgxxFgJZQ.roa
File:                     k69uLfm-dQ_Abl7JMpLgxxFgJZQ.roa (raw, json)
Hash identifier:          6+r52Hx0ZkULjeXSJkxVYqe/GFFWOwnHJQspRiw2Jbs=
Subject key identifier:   93:AF:6E:2D:F9:BE:75:0F:C0:6E:5E:C9:32:92:E0:C7:11:60:25:94
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       0DC5
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/k69uLfm-dQ_Abl7JMpLgxxFgJZQ.roa
Signing time:             Mon 23 Nov 2020 07:22:55 +0000
ROA not before:           Mon 23 Nov 2020 07:22:55 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18180
IP address blocks:        2404:178:8::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3525 (0xdc5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Nov 23 07:22:55 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=93AF6E2DF9BE750FC06E5EC93292E0C711602594
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:37:1e:da:a9:64:db:f8:9e:4c:d1:ea:c2:ca:
                    34:a0:b8:72:c0:c6:62:c5:70:5d:1f:99:41:7c:56:
                    92:25:32:15:e5:05:91:71:27:7a:dd:ff:ef:a8:dc:
                    fd:7f:89:33:c9:69:d1:45:31:1d:0f:7e:e0:06:27:
                    21:ca:c5:ee:4a:02:5c:0c:74:94:96:f2:e3:a1:a5:
                    f9:66:7d:2e:98:3f:09:7b:51:59:13:70:d5:17:73:
                    19:fd:fe:92:f6:43:0d:62:14:cf:96:86:90:36:a8:
                    73:85:ff:64:e2:c7:a4:b4:c3:2a:75:b0:de:6a:fb:
                    14:c7:ce:d8:9c:66:e2:40:22:f5:02:f5:33:56:9d:
                    07:7c:de:9a:6c:82:b8:4f:09:dd:21:a6:a9:39:51:
                    89:23:63:0b:a7:ec:03:b7:0f:07:4d:96:57:37:00:
                    35:5e:9d:81:db:3d:d9:47:ce:97:b1:9e:7c:17:45:
                    b4:48:d8:1c:7c:fe:14:24:cd:8a:ff:c6:82:65:69:
                    ff:44:99:de:31:8b:90:fa:e6:77:eb:8e:a3:e9:17:
                    5e:25:36:3c:1e:5f:25:1a:ce:2b:ba:c9:ee:e2:cf:
                    e1:bf:bf:d9:2a:5e:1c:0c:f7:d3:40:c1:ba:01:05:
                    5d:87:f2:e5:a1:5f:71:2a:d0:6b:95:9b:98:cb:54:
                    61:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:AF:6E:2D:F9:BE:75:0F:C0:6E:5E:C9:32:92:E0:C7:11:60:25:94
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/k69uLfm-dQ_Abl7JMpLgxxFgJZQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:178:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         89:e1:e9:83:95:f8:cc:d2:03:30:44:6f:1a:48:10:b8:70:ed:
         ea:9c:87:e2:bc:1b:66:ea:ba:23:31:07:02:34:3a:20:19:57:
         33:44:a2:fa:33:78:ba:26:84:cb:1f:15:92:5d:f6:32:0d:0f:
         8a:1e:72:23:46:81:b6:84:05:7b:67:a5:6d:22:e8:72:df:8d:
         61:da:49:45:96:c5:f1:0e:4b:37:4e:13:ee:3f:4b:3e:43:4e:
         95:99:30:b7:a7:18:1d:ae:0e:6c:ce:dd:9d:68:b1:b6:b5:49:
         5d:00:ed:eb:21:05:96:88:d9:a0:a2:4f:ea:53:50:55:14:6d:
         0a:e6:c7:0b:c1:17:17:08:71:58:be:fe:74:1c:06:ae:f9:2f:
         e5:fb:d0:89:6b:6e:61:f6:41:ba:89:a3:24:8d:c8:0f:a5:0c:
         50:66:5c:dc:9f:e9:28:40:9b:19:ee:74:1b:c5:b0:b6:3d:cf:
         6f:f3:c0:09:97:8c:b1:3e:ef:50:ca:d0:87:62:19:1e:ad:83:
         54:08:25:4d:a4:cb:0f:9e:4d:8d:32:a8:cb:76:ee:5c:12:f2:
         9a:60:08:a6:8b:c1:18:ee:d5:97:d7:b3:ea:f4:f0:49:f4:a5:
         07:be:2e:a6:0a:c2:ac:7f:10:07:4f:fa:c4:70:d7:6d:7e:59:
         c1:1f:be:dc
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDcUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMDExMjMw
NzIyNTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDkzQUY2RTJERjlCRTc1
MEZDMDZFNUVDOTMyOTJFMEM3MTE2MDI1OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrNx7aqWTb+J5M0erCyjSguHLAxmLFcF0fmUF8VpIlMhXlBZFx
J3rd/++o3P1/iTPJadFFMR0PfuAGJyHKxe5KAlwMdJSW8uOhpflmfS6YPwl7UVkT
cNUXcxn9/pL2Qw1iFM+WhpA2qHOF/2Tix6S0wyp1sN5q+xTHzticZuJAIvUC9TNW
nQd83ppsgrhPCd0hpqk5UYkjYwun7AO3DwdNllc3ADVenYHbPdlHzpexnnwXRbRI
2Bx8/hQkzYr/xoJlaf9Emd4xi5D65nfrjqPpF14lNjweXyUaziu6ye7iz+G/v9kq
XhwM99NAwboBBV2H8uWhX3Eq0GuVm5jLVGFTAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUk69uLfm+dQ/Abl7JMpLgxxFgJZQwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9rNjl1TGZtLWRRX0FibDdKTXBM
Z3h4RmdKWlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQB
eAAIMA0GCSqGSIb3DQEBCwUAA4IBAQCJ4emDlfjM0gMwRG8aSBC4cO3qnIfivBtm
6rojMQcCNDogGVczRKL6M3i6JoTLHxWSXfYyDQ+KHnIjRoG2hAV7Z6VtIuhy341h
2klFlsXxDks3ThPuP0s+Q06VmTC3pxgdrg5szt2daLG2tUldAO3rIQWWiNmgok/q
U1BVFG0K5scLwRcXCHFYvv50HAau+S/l+9CJa25h9kG6iaMkjcgPpQxQZlzcn+ko
QJsZ7nQbxbC2Pc9v88AJl4yxPu9QytCHYhkerYNUCCVNpMsPnk2NMqjLdu5cEvKa
YAimi8EY7tWX17Pq9PBJ9KUHvi6mCsKsfxAHT/rEcNdtflnBH77c
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org