Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/w5sqwgXpWZsmnBbsEgawiZbsh1o.roa
File:                     w5sqwgXpWZsmnBbsEgawiZbsh1o.roa (raw, json)
Hash identifier:          n3jt6ee62D5+MhpZR5n4KCPv/hMQsfZURm2oZ44nivI=
Subject key identifier:   C3:9B:2A:C2:05:E9:59:9B:26:9C:16:EC:12:06:B0:89:96:EC:87:5A
Certificate issuer:       /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial:       087C
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/w5sqwgXpWZsmnBbsEgawiZbsh1o.roa
Signing time:             Wed 02 Dec 2020 01:59:50 +0000
ROA not before:           Wed 02 Dec 2020 01:59:50 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     132819
IP address blocks:        61.58.38.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2172 (0x87c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
        Validity
            Not Before: Dec  2 01:59:50 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=C39B2AC205E9599B269C16EC1206B08996EC875A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:90:0e:87:91:d8:7d:4c:7f:69:b3:ae:16:20:
                    63:ef:0a:b6:a9:6b:c9:3c:e4:85:03:24:d8:f5:5e:
                    d7:16:08:e6:71:a9:e1:e4:4e:26:f3:65:4f:75:c4:
                    d5:b3:bf:97:72:84:6b:d1:ac:ee:33:75:5d:65:c5:
                    c2:2b:4f:61:a9:c5:38:9b:00:66:79:df:0a:1b:94:
                    de:14:ea:df:ba:60:6c:3b:41:d0:32:37:d3:64:a0:
                    df:02:c1:e7:21:eb:ef:cc:48:f8:72:69:71:79:84:
                    fe:91:99:ce:f7:e1:1e:02:6a:3a:91:08:11:19:e4:
                    40:01:01:7f:62:2a:d1:04:b9:9e:b0:21:23:34:31:
                    f9:6f:73:f0:60:5d:46:16:6a:f6:08:2d:98:65:f3:
                    b3:fb:87:91:7f:6d:71:c6:22:ad:ac:c7:40:d8:a1:
                    e1:dc:6e:71:ae:0d:70:45:2b:b2:a0:a6:1c:a7:c7:
                    63:f8:88:dc:9a:65:68:ed:e0:fd:b8:7b:78:23:25:
                    99:80:77:08:75:d8:06:65:6e:c0:89:37:2f:a3:7f:
                    29:74:82:64:cc:29:2d:af:7b:1b:bb:73:81:e2:cd:
                    9e:52:9c:ac:ab:2b:db:c6:20:63:58:ba:97:1d:11:
                    5e:fa:6d:7c:d9:7d:47:d7:08:2a:77:2b:e9:8b:32:
                    de:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:9B:2A:C2:05:E9:59:9B:26:9C:16:EC:12:06:B0:89:96:EC:87:5A
            X509v3 Authority Key Identifier:
                keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/w5sqwgXpWZsmnBbsEgawiZbsh1o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.58.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:2e:57:84:75:fc:a0:ab:68:ca:43:64:ac:2c:50:4a:ca:28:
         c5:31:df:71:77:33:38:7e:0f:67:57:6b:18:18:9d:aa:50:5e:
         31:35:72:74:1f:a5:b7:58:05:fe:d6:70:0b:a2:c9:ea:d5:68:
         6d:bd:b1:40:dd:4b:50:e1:85:36:22:8c:a6:76:1e:74:3f:3a:
         d0:2c:43:cf:a9:00:eb:aa:c3:e1:e2:a9:64:a4:11:f4:8c:5f:
         c6:a0:00:08:e7:e9:1f:dd:6b:b4:59:9e:0d:1c:b5:af:86:a2:
         2c:d4:f9:64:bf:8c:d4:4c:c8:cf:b6:5a:aa:df:29:e0:b5:37:
         c7:89:65:8a:90:fc:ab:91:75:a0:77:dc:8f:95:88:e1:dd:5a:
         2c:ce:20:ba:7b:a5:76:fe:b0:d8:59:73:d3:d1:e0:d0:2c:b5:
         89:35:13:b4:f2:cb:4d:ff:66:dc:50:85:60:ff:0f:75:13:92:
         22:be:e9:e9:e1:ad:0e:82:f8:32:b8:b3:b7:35:48:cf:5c:71:
         ca:ef:a6:0c:72:b7:2f:2b:f4:c5:5c:5c:91:fb:74:7c:51:f4:
         12:85:ea:e3:c9:53:25:d0:ca:ff:bd:d6:b0:9e:09:57:f5:19:
         1f:b6:df:7f:59:99:71:68:e8:48:f9:15:a1:fd:7f:b5:13:9d:
         f5:e2:53:b9
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCHwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMDEyMDIw
MTU5NTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEMzOUIyQUMyMDVFOTU5
OUIyNjlDMTZFQzEyMDZCMDg5OTZFQzg3NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOkA6Hkdh9TH9ps64WIGPvCrapa8k85IUDJNj1XtcWCOZxqeHk
TibzZU91xNWzv5dyhGvRrO4zdV1lxcIrT2GpxTibAGZ53woblN4U6t+6YGw7QdAy
N9NkoN8Cwech6+/MSPhyaXF5hP6Rmc734R4CajqRCBEZ5EABAX9iKtEEuZ6wISM0
Mflvc/BgXUYWavYILZhl87P7h5F/bXHGIq2sx0DYoeHcbnGuDXBFK7Kgphynx2P4
iNyaZWjt4P24e3gjJZmAdwh12AZlbsCJNy+jfyl0gmTMKS2vexu7c4HizZ5SnKyr
K9vGIGNYupcdEV76bXzZfUfXCCp3K+mLMt4nAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUw5sqwgXpWZsmnBbsEgawiZbsh1owHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC93NXNxd2dYcFdac21uQmJzRWdh
d2laYnNoMW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPTom
MA0GCSqGSIb3DQEBCwUAA4IBAQAgLleEdfygq2jKQ2SsLFBKyijFMd9xdzM4fg9n
V2sYGJ2qUF4xNXJ0H6W3WAX+1nALosnq1WhtvbFA3UtQ4YU2Ioymdh50PzrQLEPP
qQDrqsPh4qlkpBH0jF/GoAAI5+kf3Wu0WZ4NHLWvhqIs1Plkv4zUTMjPtlqq3yng
tTfHiWWKkPyrkXWgd9yPlYjh3VosziC6e6V2/rDYWXPT0eDQLLWJNRO08stN/2bc
UIVg/w91E5Iivunp4a0OgvgyuLO3NUjPXHHK76YMcrcvK/TFXFyR+3R8UfQSherj
yVMl0Mr/vdawnglX9Rkftt9/WZlxaOhI+RWh/X+1E5314lO5
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org