Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/MCFBR6cnd7fsxvZ9tI1rGVMqu9o.roa
File:                     MCFBR6cnd7fsxvZ9tI1rGVMqu9o.roa (raw, json)
Hash identifier:          nMSYQpAcvLEjlkWE6UbJz3cMtUslrcNlJ2r2HgOjP3g=
Subject key identifier:   30:21:41:47:A7:27:77:B7:EC:C6:F6:7D:B4:8D:6B:19:53:2A:BB:DA
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0D61
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/MCFBR6cnd7fsxvZ9tI1rGVMqu9o.roa
Signing time:             Thu 15 Sep 2022 02:39:00 +0000
ROA not before:           Thu 15 Sep 2022 02:39:00 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17408
IP address blocks:        150.117.160.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3425 (0xd61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Sep 15 02:39:00 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=30214147A72777B7ECC6F67DB48D6B19532ABBDA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:5a:22:5a:b3:f1:38:9b:2a:cc:49:2c:80:aa:
                    76:23:8a:d3:bd:b6:43:db:a9:58:6d:b7:13:ec:af:
                    0e:f5:02:10:bc:c6:82:45:5e:a2:e1:5a:ce:78:3f:
                    d8:b6:ae:0d:ed:f5:e6:87:48:1c:2d:76:d7:dd:4e:
                    d5:b4:a7:f5:2c:d2:e1:89:e6:ea:63:a2:8d:f8:7d:
                    39:7f:da:4a:2f:31:7b:dc:a9:e3:90:12:ab:bf:ea:
                    59:7c:ca:80:79:f9:b8:a7:ea:09:0e:c4:6d:16:a2:
                    38:56:d7:ca:0a:b6:42:e5:26:d6:25:f9:14:22:8d:
                    bf:34:bd:d5:5e:24:d1:4f:b8:7b:04:99:a4:8f:3c:
                    75:a5:2c:81:38:c7:a1:7a:9b:94:54:03:b4:3f:e5:
                    21:47:52:97:8f:b4:65:e3:44:d9:01:1d:03:46:0e:
                    c6:42:fb:ad:05:bb:cf:b0:14:3c:69:8b:0e:04:67:
                    cf:62:2a:99:a4:80:64:33:eb:78:41:3f:56:78:c7:
                    7f:d3:f3:91:89:a8:19:0a:01:66:7e:e9:01:02:84:
                    0f:97:dc:df:aa:e1:a2:8d:ca:27:90:19:9a:c4:ba:
                    fb:7b:e1:b7:ac:c1:d6:c2:5d:38:59:19:e5:0c:65:
                    fa:b5:db:8d:e5:03:f3:5a:28:8b:8b:48:68:38:ea:
                    fa:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:21:41:47:A7:27:77:B7:EC:C6:F6:7D:B4:8D:6B:19:53:2A:BB:DA
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/MCFBR6cnd7fsxvZ9tI1rGVMqu9o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.117.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         14:99:be:3c:93:60:f5:68:4d:0a:ee:2b:87:80:be:8c:39:e4:
         3d:16:60:fa:d9:77:ce:0f:bf:84:6b:8c:ec:39:3e:19:c7:13:
         68:63:92:3c:58:03:9c:a1:a6:78:ca:95:84:fc:18:39:36:8d:
         65:8f:84:cc:c7:8f:b6:58:45:59:ae:e6:6a:96:3a:1f:dc:29:
         e8:cd:62:a4:6f:2f:06:40:f4:1b:d2:97:da:fd:33:15:34:9d:
         05:94:aa:40:bc:1c:43:4f:7f:d3:f2:95:73:bf:b4:14:da:74:
         67:00:f5:0b:d3:9e:1f:be:99:71:2d:12:42:43:0e:1e:ea:41:
         94:f7:1c:04:5c:5d:d6:91:10:f1:f5:23:7f:1b:1c:63:88:fc:
         62:6d:ec:ea:7e:26:76:aa:df:38:a1:55:0e:d0:53:ce:00:bc:
         e0:55:f7:ae:27:82:ec:f3:10:c3:b3:64:90:ce:02:d1:56:e4:
         4c:1e:10:26:bb:d7:c6:b5:12:8d:a0:71:9b:13:f8:cc:bf:bf:
         52:36:ed:4a:cd:39:e1:ee:37:e8:93:0e:53:8d:a4:5a:54:a3:
         42:22:6a:35:f2:a5:7e:42:7f:a5:75:67:09:11:27:01:6e:60:
         22:79:76:f9:97:69:96:af:c3:58:bc:00:46:5e:20:1e:43:17:
         74:ff:1e:75
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjA5MTUw
MjM5MDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMwMjE0MTQ3QTcyNzc3
QjdFQ0M2RjY3REI0OEQ2QjE5NTMyQUJCREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuWiJas/E4myrMSSyAqnYjitO9tkPbqVhttxPsrw71AhC8xoJF
XqLhWs54P9i2rg3t9eaHSBwtdtfdTtW0p/Us0uGJ5upjoo34fTl/2kovMXvcqeOQ
Equ/6ll8yoB5+bin6gkOxG0WojhW18oKtkLlJtYl+RQijb80vdVeJNFPuHsEmaSP
PHWlLIE4x6F6m5RUA7Q/5SFHUpePtGXjRNkBHQNGDsZC+60Fu8+wFDxpiw4EZ89i
KpmkgGQz63hBP1Z4x3/T85GJqBkKAWZ+6QEChA+X3N+q4aKNyieQGZrEuvt74bes
wdbCXThZGeUMZfq1243lA/NaKIuLSGg46vozAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUMCFBR6cnd7fsxvZ9tI1rGVMqu9owHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9NQ0ZCUjZjbmQ3ZnN4
dlo5dEkxckdWTXF1OW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnWgMA0GCSqGSIb3DQEBCwUAA4IBAQAUmb48k2D1aE0K7iuHgL6MOeQ9FmD6
2XfOD7+Ea4zsOT4ZxxNoY5I8WAOcoaZ4ypWE/Bg5No1lj4TMx4+2WEVZruZqljof
3CnozWKkby8GQPQb0pfa/TMVNJ0FlKpAvBxDT3/T8pVzv7QU2nRnAPUL054fvplx
LRJCQw4e6kGU9xwEXF3WkRDx9SN/GxxjiPxibezqfiZ2qt84oVUO0FPOALzgVfeu
J4Ls8xDDs2SQzgLRVuRMHhAmu9fGtRKNoHGbE/jMv79SNu1KzTnh7jfokw5TjaRa
VKNCImo18qV+Qn+ldWcJEScBbmAieXb5l2mWr8NYvABGXiAeQxd0/x51
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org