Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/CLYDBkTQo-PlTkbnWKF0PnSC8XY.roa
File:                     CLYDBkTQo-PlTkbnWKF0PnSC8XY.roa (raw, json)
Hash identifier:          0AyacOYli8vuZz8IqNzigE9/O3hjDUu5uyi+H+TKhms=
Subject key identifier:   08:B6:03:06:44:D0:A3:E3:E5:4E:46:E7:58:A1:74:3E:74:82:F1:76
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0A96
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/CLYDBkTQo-PlTkbnWKF0PnSC8XY.roa
Signing time:             Sun 07 Feb 2021 11:50:33 +0000
ROA not before:           Sun 07 Feb 2021 11:50:33 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131607
IP address blocks:        150.117.64.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2710 (0xa96)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Feb  7 11:50:33 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=08B6030644D0A3E3E54E46E758A1743E7482F176
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:32:df:98:2e:d3:4a:7a:4e:01:e5:54:ce:e8:
                    e9:42:9a:22:de:9e:2b:b3:01:fd:c9:90:bd:7d:33:
                    ca:97:b5:f4:b7:63:b7:5d:d2:da:18:e8:f8:9a:d6:
                    8e:41:12:f3:69:a6:62:8b:9a:4d:40:97:e8:4b:d6:
                    c0:5c:5b:4e:79:15:43:12:e1:22:be:d5:0e:49:dc:
                    a5:3b:91:cd:bf:e5:af:9e:5a:94:0b:63:fe:43:bb:
                    f9:ce:f2:f5:e4:a4:26:9b:b2:74:12:02:39:71:29:
                    6b:72:9c:c9:2b:73:a7:2a:c6:12:5f:9e:a6:ad:9b:
                    e8:95:7a:9e:b7:2c:54:88:82:92:eb:1d:0e:b7:4b:
                    63:e3:fb:eb:c1:9a:73:4a:f1:96:13:77:3f:a9:86:
                    54:3a:a4:bd:e7:06:46:6c:f1:23:79:40:ff:ae:9e:
                    7f:d1:6d:49:5e:5b:0c:c2:bc:ae:bf:89:b8:42:ba:
                    04:dc:1d:d6:77:30:dc:19:86:83:fe:79:61:7c:4b:
                    ca:77:09:2e:78:19:8c:27:59:96:dd:85:44:cf:25:
                    5e:a5:4b:4c:a5:9a:17:e6:79:9b:0f:be:72:6b:5c:
                    33:8f:cd:c7:8c:ac:83:02:c8:ba:de:b2:c3:d9:ec:
                    1a:95:c9:b3:4d:79:18:81:35:29:36:2b:90:2a:d3:
                    08:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:B6:03:06:44:D0:A3:E3:E5:4E:46:E7:58:A1:74:3E:74:82:F1:76
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/CLYDBkTQo-PlTkbnWKF0PnSC8XY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.117.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ad:0b:aa:c7:5c:9a:07:27:fa:2d:af:42:dd:63:1b:88:9d:59:
         d6:4f:06:70:c0:dd:52:66:6e:eb:9f:3b:66:64:7a:36:94:76:
         f2:da:e8:ad:4e:b7:f6:b6:f4:5f:80:d4:e5:95:52:dc:51:b3:
         b5:40:dc:0c:b6:5c:a0:7f:6c:a7:d1:8e:3e:00:0d:aa:d7:77:
         c2:64:b9:a9:ea:84:51:61:f6:1c:6f:30:89:b0:b1:7f:d3:ba:
         16:d9:49:75:8c:12:27:af:18:58:9e:3d:4a:3f:4f:06:1d:98:
         b1:46:aa:88:09:4b:7a:72:a2:2c:79:b7:c4:67:9f:be:5e:cf:
         9e:2e:a9:3b:3f:12:14:0d:f2:58:ed:0c:f0:e4:f8:0e:8e:77:
         8f:8f:01:19:e9:7e:1d:32:4e:ca:5f:b4:5a:79:af:5e:ca:5e:
         76:dc:a8:fb:e1:c5:e1:78:3c:e4:bb:ae:6a:0c:d5:c6:ed:7f:
         d3:b6:5e:e6:06:ba:bf:4f:7c:fa:bb:e5:48:6d:64:8a:6e:97:
         2a:56:10:dd:20:cc:99:d9:ca:d3:b5:03:91:41:ea:17:b3:b8:
         f1:34:6f:7f:b0:93:eb:9d:4e:83:4c:63:8a:62:0d:63:5a:3f:
         4f:51:8d:47:2e:b3:b5:2f:e9:81:07:d4:0a:6e:40:1f:ac:5d:
         bd:e2:3c:a6
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTAyMDcx
MTUwMzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA4QjYwMzA2NDREMEEz
RTNFNTRFNDZFNzU4QTE3NDNFNzQ4MkYxNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Mt+YLtNKek4B5VTO6OlCmiLeniuzAf3JkL19M8qXtfS3Y7dd
0toY6Pia1o5BEvNppmKLmk1Al+hL1sBcW055FUMS4SK+1Q5J3KU7kc2/5a+eWpQL
Y/5Du/nO8vXkpCabsnQSAjlxKWtynMkrc6cqxhJfnqatm+iVep63LFSIgpLrHQ63
S2Pj++vBmnNK8ZYTdz+phlQ6pL3nBkZs8SN5QP+unn/RbUleWwzCvK6/ibhCugTc
HdZ3MNwZhoP+eWF8S8p3CS54GYwnWZbdhUTPJV6lS0ylmhfmeZsPvnJrXDOPzceM
rIMCyLressPZ7BqVybNNeRiBNSk2K5Aq0wg7AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUCLYDBkTQo+PlTkbnWKF0PnSC8XYwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9DTFlEQmtUUW8tUGxU
a2JuV0tGMFBuU0M4WFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQElnVAMA0GCSqGSIb3DQEBCwUAA4IBAQCtC6rHXJoHJ/otr0LdYxuInVnWTwZw
wN1SZm7rnztmZHo2lHby2uitTrf2tvRfgNTllVLcUbO1QNwMtlygf2yn0Y4+AA2q
13fCZLmp6oRRYfYcbzCJsLF/07oW2Ul1jBInrxhYnj1KP08GHZixRqqICUt6cqIs
ebfEZ5++Xs+eLqk7PxIUDfJY7Qzw5PgOjnePjwEZ6X4dMk7KX7Raea9eyl523Kj7
4cXheDzku65qDNXG7X/Ttl7mBrq/T3z6u+VIbWSKbpcqVhDdIMyZ2crTtQORQeoX
s7jxNG9/sJPrnU6DTGOKYg1jWj9PUY1HLrO1L+mBB9QKbkAfrF294jym
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org