Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/YMpfDxO1579EJXAvTn2bQtbB27Y.roa
File:                     YMpfDxO1579EJXAvTn2bQtbB27Y.roa (raw, json)
Hash identifier:          ZdoczzGRz3szkfG2tThifzclmgLhhuNJj0E0AkUZGRg=
Subject key identifier:   60:CA:5F:0F:13:B5:E7:BF:44:25:70:2F:4E:7D:9B:42:D6:C1:DB:B6
Certificate issuer:       /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial:       0981
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/YMpfDxO1579EJXAvTn2bQtbB27Y.roa
Signing time:             Wed 29 Sep 2021 02:53:09 +0000
ROA not before:           Wed 29 Sep 2021 02:53:09 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     18018
IP address blocks:        61.58.34.0/25 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2433 (0x981)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
        Validity
            Not Before: Sep 29 02:53:09 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=60CA5F0F13B5E7BF4425702F4E7D9B42D6C1DBB6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:66:8d:f4:06:53:bd:63:38:52:96:18:8c:c9:
                    ad:da:d4:25:5d:97:fc:41:0d:9e:61:f2:67:2c:6c:
                    d9:a6:0b:bd:9e:03:1f:2a:f6:3a:a1:18:c5:7d:ac:
                    90:64:9a:c3:a1:8e:16:0d:04:9c:47:07:29:d5:a3:
                    3f:53:0e:20:66:67:d1:8e:d7:2d:65:af:fd:e3:e4:
                    06:0a:55:7d:03:05:fb:ec:4d:c0:82:a0:fd:4d:b5:
                    45:5b:19:4a:01:a2:1f:df:5c:e4:40:68:7f:42:9f:
                    f2:56:fd:f7:04:44:9f:71:db:c3:5e:59:be:28:75:
                    45:6e:0d:d3:ad:2d:44:0a:f5:1a:81:d5:7b:5b:55:
                    9e:64:5f:7b:b6:37:0d:97:07:cf:34:f9:8e:62:d3:
                    97:bb:c8:7d:78:0c:bc:f0:75:92:66:46:7d:e8:14:
                    ff:03:ab:98:85:26:84:6b:90:d3:ba:df:6c:da:c3:
                    01:39:7e:5f:09:ad:41:ad:2e:32:d5:bf:e0:94:ef:
                    08:0c:c1:02:ca:2d:eb:ff:35:af:b1:51:f9:cc:b5:
                    a0:c1:a8:d6:4b:c7:27:ad:c2:b8:12:c2:92:1b:98:
                    0b:68:ec:2e:1d:67:14:29:00:dd:26:d1:40:1f:8e:
                    6d:00:28:ac:ca:58:c4:2e:37:fa:b6:2b:7a:4d:28:
                    94:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:CA:5F:0F:13:B5:E7:BF:44:25:70:2F:4E:7D:9B:42:D6:C1:DB:B6
            X509v3 Authority Key Identifier:
                keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/YMpfDxO1579EJXAvTn2bQtbB27Y.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.58.34.0/25

    Signature Algorithm: sha256WithRSAEncryption
         52:0f:da:a8:92:16:eb:dd:09:7e:bf:4b:c4:26:aa:54:36:54:
         8b:2b:23:a6:88:c9:e8:20:d5:a7:06:7a:3b:dc:be:0e:84:5f:
         4c:97:55:9b:2b:bb:0d:a9:7c:5b:4c:96:00:68:53:83:c8:34:
         86:fd:45:86:4a:51:87:a9:9e:a6:77:67:fe:6e:f6:6a:84:3b:
         bb:2b:aa:ef:46:4e:f0:28:60:71:ab:95:59:93:8b:a1:37:47:
         82:80:69:fa:93:e6:52:8b:37:14:79:ba:7c:65:56:b5:a2:15:
         c4:b6:61:27:c6:26:ef:71:19:d3:fa:dc:18:2b:7e:9c:a6:fd:
         71:a4:76:f0:34:d4:eb:3c:f8:94:f4:70:07:c4:e0:c0:6c:ea:
         63:fc:66:34:e2:76:1d:ae:95:f7:6e:29:f9:f0:62:31:52:f0:
         96:1d:13:7a:56:df:58:ea:3d:c8:f0:b9:da:43:1d:f0:62:95:
         a2:8f:13:ee:93:43:22:c2:d8:a5:7e:3d:f7:4d:1d:ac:77:38:
         97:ee:32:6d:18:1e:90:a1:bd:98:7c:ca:5d:c3:f2:25:b3:65:
         e8:39:da:70:c0:3a:7e:de:fc:a0:f4:4d:a1:56:b1:97:98:23:
         49:5e:c8:35:8f:78:39:c0:ab:58:48:fe:2b:dc:72:d0:d7:a6:
         ab:9c:8d:82
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCYEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMTA5Mjkw
MjUzMDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDYwQ0E1RjBGMTNCNUU3
QkY0NDI1NzAyRjRFN0Q5QjQyRDZDMURCQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvZo30BlO9YzhSlhiMya3a1CVdl/xBDZ5h8mcsbNmmC72eAx8q
9jqhGMV9rJBkmsOhjhYNBJxHBynVoz9TDiBmZ9GO1y1lr/3j5AYKVX0DBfvsTcCC
oP1NtUVbGUoBoh/fXORAaH9Cn/JW/fcERJ9x28NeWb4odUVuDdOtLUQK9RqB1Xtb
VZ5kX3u2Nw2XB880+Y5i05e7yH14DLzwdZJmRn3oFP8Dq5iFJoRrkNO632zawwE5
fl8JrUGtLjLVv+CU7wgMwQLKLev/Na+xUfnMtaDBqNZLxyetwrgSwpIbmAto7C4d
ZxQpAN0m0UAfjm0AKKzKWMQuN/q2K3pNKJRJAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUYMpfDxO1579EJXAvTn2bQtbB27YwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9ZTXBmRHhPMTU3OUVKWEF2VG4y
YlF0YkIyN1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHPToi
ADANBgkqhkiG9w0BAQsFAAOCAQEAUg/aqJIW690Jfr9LxCaqVDZUiysjpojJ6CDV
pwZ6O9y+DoRfTJdVmyu7Dal8W0yWAGhTg8g0hv1FhkpRh6mepndn/m72aoQ7uyuq
70ZO8ChgcauVWZOLoTdHgoBp+pPmUos3FHm6fGVWtaIVxLZhJ8Ym73EZ0/rcGCt+
nKb9caR28DTU6zz4lPRwB8TgwGzqY/xmNOJ2Ha6V924p+fBiMVLwlh0TelbfWOo9
yPC52kMd8GKVoo8T7pNDIsLYpX49900drHc4l+4ybRgekKG9mHzKXcPyJbNl6Dna
cMA6ft78oPRNoVaxl5gjSV7INY94OcCrWEj+K9xy0Nemq5yNgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:01 2024 by rpki-client on console-fra.rpki-client.org