Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/23H7NI3c31lm-vmgZsT-keSxpzY.roa
File:                     23H7NI3c31lm-vmgZsT-keSxpzY.roa (raw, json)
Hash identifier:          EFBo+oSi13vD80dSGpB17hSh6BQZi6jzBbBDUpLZPRg=
Subject key identifier:   DB:71:FB:34:8D:DC:DF:59:66:FA:F9:A0:66:C4:FE:91:E4:B1:A7:36
Certificate issuer:       /CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
Certificate serial:       0BC5
Authority key identifier: FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/23H7NI3c31lm-vmgZsT-keSxpzY.roa
Signing time:             Mon 27 Mar 2023 23:14:04 +0000
ROA not before:           Mon 27 Mar 2023 23:14:04 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     6939
IP address blocks:        2405:8700:3000::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3013 (0xbc5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
        Validity
            Not Before: Mar 27 23:14:04 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=DB71FB348DDCDF5966FAF9A066C4FE91E4B1A736
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:28:52:75:87:74:8d:2a:58:74:1a:20:ca:2b:
                    96:93:8d:fa:17:12:1e:e9:5c:82:28:a3:90:22:29:
                    31:b9:55:90:c9:5e:0d:bb:aa:cc:e7:7e:8f:c1:31:
                    21:cd:5d:1d:52:ef:f8:a7:5f:7e:1e:cb:8e:9d:64:
                    6f:fe:01:9c:38:30:e0:b7:0f:b5:85:19:ce:e8:5d:
                    20:2b:f8:54:a2:55:4a:b0:ee:92:55:ec:f6:cf:78:
                    c6:79:9e:08:25:91:ad:84:41:75:51:2f:69:34:c7:
                    ad:ce:32:23:b2:17:ed:43:01:a4:04:f5:b5:2d:1e:
                    29:ae:30:65:cf:42:96:d8:5a:e8:59:1f:36:92:fc:
                    6d:ad:ec:aa:28:28:10:c1:e2:d4:bf:90:0d:d1:78:
                    5b:22:85:6e:a9:cc:6b:26:92:a9:f0:c0:09:9c:e2:
                    15:45:d9:e4:f4:cf:38:7e:f3:53:59:e0:c7:9f:f5:
                    5c:21:b6:a3:38:b0:a0:21:5a:66:e5:12:5a:96:92:
                    2e:02:0a:66:3c:04:be:bf:e4:3f:3e:27:b1:f1:db:
                    b3:72:b0:74:a9:5b:04:b1:11:01:84:d7:17:83:06:
                    13:da:c8:bf:5b:b9:1c:c9:1f:d9:a1:d5:0a:7e:63:
                    9c:9a:65:df:ef:5d:eb:1e:3a:6b:ac:1b:e2:eb:22:
                    dd:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:71:FB:34:8D:DC:DF:59:66:FA:F9:A0:66:C4:FE:91:E4:B1:A7:36
            X509v3 Authority Key Identifier:
                keyid:FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/_37NtiAv_Cw033vNcaHAiIU4L7c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/23H7NI3c31lm-vmgZsT-keSxpzY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:8700:3000::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:54:be:e5:8c:b7:e9:d5:65:11:15:e7:fc:ec:e6:1e:c1:c7:
         c0:99:28:5e:92:d7:7a:cd:52:22:50:e8:d3:28:bc:49:a1:56:
         f2:da:f8:17:75:ea:fe:22:d8:3d:25:df:55:30:4a:f3:d4:63:
         72:56:0d:54:93:18:79:32:94:7a:d1:63:ad:0b:48:79:b7:6b:
         97:37:db:cc:c1:6b:18:65:25:37:16:f3:4c:ee:13:75:f5:e0:
         36:19:2a:63:b3:ae:07:af:80:a0:dc:4a:35:ce:f6:a3:74:df:
         0a:ae:f5:27:9a:60:bf:f4:8a:7c:10:7e:13:99:95:59:ae:e6:
         45:5c:27:0a:c5:ab:a7:26:5f:f9:aa:60:d1:97:2e:42:57:f9:
         3e:c7:69:01:e6:af:f6:88:8e:96:43:da:03:06:28:d6:d5:41:
         d2:35:5d:58:4d:b4:cf:76:a4:50:a6:7c:6b:45:dd:5b:ec:6a:
         91:d6:cd:22:ee:ff:27:a1:28:35:5f:f1:76:1d:13:74:d2:56:
         7d:88:02:00:9e:cc:5e:54:d5:78:09:a0:ee:f8:b2:f0:c5:a9:
         7a:c9:ed:f3:46:44:d9:27:52:22:9c:3d:28:00:ba:c8:24:ff:
         8e:55:ca:25:24:14:87:a5:f5:1d:71:14:d4:d2:f0:9a:5f:b3:
         77:e7:45:67
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC8UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkY3
RUNEQjYyMDJGRkMyQzM0REY3QkNENzFBMUMwODg4NTM4MkZCNzAeFw0yMzAzMjcy
MzE0MDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERCNzFGQjM0OEREQ0RG
NTk2NkZBRjlBMDY2QzRGRTkxRTRCMUE3MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4KFJ1h3SNKlh0GiDKK5aTjfoXEh7pXIIoo5AiKTG5VZDJXg27
qsznfo/BMSHNXR1S7/inX34ey46dZG/+AZw4MOC3D7WFGc7oXSAr+FSiVUqw7pJV
7PbPeMZ5ngglka2EQXVRL2k0x63OMiOyF+1DAaQE9bUtHimuMGXPQpbYWuhZHzaS
/G2t7KooKBDB4tS/kA3ReFsihW6pzGsmkqnwwAmc4hVF2eT0zzh+81NZ4Mef9Vwh
tqM4sKAhWmblElqWki4CCmY8BL6/5D8+J7Hx27NysHSpWwSxEQGE1xeDBhPayL9b
uRzJH9mh1Qp+Y5yaZd/vXeseOmusG+LrIt2fAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU23H7NI3c31lm+vmgZsT+keSxpzYwHwYDVR0jBBgwFoAU/37NtiAv/Cw033vN
caHAiIU4L7cwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJ
V0FOL18zN050aUF2X0N3MDMzdk5jYUhBaUlVNEw3Yy5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvXzM3TnRpQXZfQ3cwMzN2TmNhSEFpSVU0TDdjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJV0FOLzIzSDdOSTNjMzFs
bS12bWdac1Qta2VTeHB6WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAkBYcAMAAwDQYJKoZIhvcNAQELBQADggEBAENUvuWMt+nVZREV5/zs5h7B
x8CZKF6S13rNUiJQ6NMovEmhVvLa+Bd16v4i2D0l31UwSvPUY3JWDVSTGHkylHrR
Y60LSHm3a5c328zBaxhlJTcW80zuE3X14DYZKmOzrgevgKDcSjXO9qN03wqu9Sea
YL/0inwQfhOZlVmu5kVcJwrFq6cmX/mqYNGXLkJX+T7HaQHmr/aIjpZD2gMGKNbV
QdI1XVhNtM92pFCmfGtF3VvsapHWzSLu/yehKDVf8XYdE3TSVn2IAgCezF5U1XgJ
oO74svDFqXrJ7fNGRNknUiKcPSgAusgk/45VyiUkFIel9R1xFNTS8Jpfs3fnRWc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org