Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3vEMGYhWkiYT7STEySYVkmxknCA.roa
File:                     3vEMGYhWkiYT7STEySYVkmxknCA.roa (raw, json)
Hash identifier:          7MgzZenY/Z6JWINC3e2iS/9wu+9tzWj5lQH9pbYfHoI=
Subject key identifier:   DE:F1:0C:19:88:56:92:26:13:ED:24:C4:C9:26:15:92:6C:64:9C:20
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0DB3
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3vEMGYhWkiYT7STEySYVkmxknCA.roa
Signing time:             Thu 29 Dec 2022 09:31:45 +0000
ROA not before:           Thu 29 Dec 2022 09:31:45 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18419
IP address blocks:        150.117.48.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3507 (0xdb3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Dec 29 09:31:45 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=DEF10C198856922613ED24C4C92615926C649C20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c3:cd:b5:01:d4:3d:54:ac:a3:03:32:c9:81:
                    cd:26:72:f4:59:31:2d:38:66:bf:f4:cc:ca:aa:49:
                    7b:fb:4e:82:24:76:56:c1:4c:59:23:9d:64:ef:0a:
                    61:62:b9:0e:51:1a:84:f4:eb:56:fc:87:cc:06:f7:
                    6f:fd:19:42:be:6e:32:59:65:51:20:3c:cd:df:e7:
                    a8:d7:09:47:81:20:9d:55:3b:98:0a:2d:09:94:65:
                    de:c1:6d:af:eb:e7:8b:16:84:30:f5:26:f0:36:03:
                    28:f7:78:13:d1:a9:3f:6b:77:bf:58:90:02:f7:65:
                    cc:f5:13:b7:a3:73:46:0d:01:01:06:98:d9:a3:ff:
                    d5:fb:6e:28:23:58:d2:c5:1b:0f:49:c3:55:9f:2d:
                    48:82:a5:95:95:1f:e9:87:6b:4d:23:11:14:33:d5:
                    55:fb:57:51:9f:41:c6:6c:e8:15:ea:48:c4:ac:e3:
                    be:a3:93:db:b9:ed:a0:b0:07:2c:92:1a:e3:bf:23:
                    d8:0b:3c:60:2b:d6:3e:6e:0c:1b:ef:21:f6:12:44:
                    e9:f3:67:af:8e:5f:f0:4d:6a:d3:cb:5f:13:d6:1f:
                    1b:23:37:a9:3f:e6:ab:b8:74:aa:3c:ee:10:c4:4a:
                    c3:2c:93:0c:c5:15:43:6e:5a:91:bc:02:d6:c2:c3:
                    f9:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:F1:0C:19:88:56:92:26:13:ED:24:C4:C9:26:15:92:6C:64:9C:20
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3vEMGYhWkiYT7STEySYVkmxknCA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.117.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1f:20:65:54:2e:b9:f5:36:13:e8:3d:1b:33:ab:01:08:bf:43:
         ab:43:0a:ab:94:29:e5:69:72:74:f0:9f:cd:15:9c:20:9b:cb:
         64:f0:74:07:2d:8d:5a:11:d3:14:9f:ba:b0:70:ca:88:1a:4a:
         3f:a3:e7:ca:50:a6:4a:cc:01:89:25:63:e6:0c:5f:06:61:0b:
         e1:1e:30:b0:9e:bd:4c:9e:47:2f:b1:0a:f5:4c:bf:dd:48:95:
         c2:ce:0c:9f:3d:b7:3a:ff:cd:29:fb:08:4b:c6:30:98:0d:ab:
         0a:2c:00:5d:e3:fe:55:a4:80:76:96:ac:e5:f4:ea:47:3e:76:
         02:84:68:bb:d3:99:86:fb:34:71:37:ef:9c:c2:71:2b:3a:3c:
         3c:6e:aa:76:b4:07:43:e6:11:be:fd:4c:e6:cf:ba:bc:b9:04:
         8e:47:e6:65:d6:a9:68:21:b0:15:9c:3e:3f:07:c3:af:fe:66:
         8a:c6:e9:3c:b5:f0:42:73:91:f1:32:a0:29:b6:7c:df:2e:e3:
         5e:be:35:81:b9:af:fc:45:59:e9:54:41:79:2d:33:25:03:18:
         05:cb:62:50:4a:10:29:8c:cf:62:17:af:52:e3:24:5c:75:cf:
         8f:4b:bf:8f:26:4b:74:80:15:c5:7a:05:13:22:60:df:cd:a2:
         ba:0c:5f:54
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDbMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMxNDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERFRjEwQzE5ODg1Njky
MjYxM0VEMjRDNEM5MjYxNTkyNkM2NDlDMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBw821AdQ9VKyjAzLJgc0mcvRZMS04Zr/0zMqqSXv7ToIkdlbB
TFkjnWTvCmFiuQ5RGoT061b8h8wG92/9GUK+bjJZZVEgPM3f56jXCUeBIJ1VO5gK
LQmUZd7Bba/r54sWhDD1JvA2Ayj3eBPRqT9rd79YkAL3Zcz1E7ejc0YNAQEGmNmj
/9X7bigjWNLFGw9Jw1WfLUiCpZWVH+mHa00jERQz1VX7V1GfQcZs6BXqSMSs476j
k9u57aCwByySGuO/I9gLPGAr1j5uDBvvIfYSROnzZ6+OX/BNatPLXxPWHxsjN6k/
5qu4dKo87hDESsMskwzFFUNuWpG8AtbCw/lTAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU3vEMGYhWkiYT7STEySYVkmxknCAwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8zdkVNR1loV2tpWVQ3
U1RFeVNZVmtteGtuQ0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnUwMA0GCSqGSIb3DQEBCwUAA4IBAQAfIGVULrn1NhPoPRszqwEIv0OrQwqr
lCnlaXJ08J/NFZwgm8tk8HQHLY1aEdMUn7qwcMqIGko/o+fKUKZKzAGJJWPmDF8G
YQvhHjCwnr1MnkcvsQr1TL/dSJXCzgyfPbc6/80p+whLxjCYDasKLABd4/5VpIB2
lqzl9OpHPnYChGi705mG+zRxN++cwnErOjw8bqp2tAdD5hG+/Uzmz7q8uQSOR+Zl
1qloIbAVnD4/B8Ov/maKxuk8tfBCc5HxMqAptnzfLuNevjWBua/8RVnpVEF5LTMl
AxgFy2JQShApjM9iF69S4yRcdc+PS7+PJkt0gBXFegUTImDfzaK6DF9U
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org