Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/NbeFD7rSbjILY3VNcZgagOdSgeI.roa
File:                     NbeFD7rSbjILY3VNcZgagOdSgeI.roa (raw, json)
Hash identifier:          xrXs1AqINjHdZhqwMdgLvI78ZzD89PigcyMHiIGU/9Q=
Subject key identifier:   35:B7:85:0F:BA:D2:6E:32:0B:63:75:4D:71:98:1A:80:E7:52:81:E2
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       09E8
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/NbeFD7rSbjILY3VNcZgagOdSgeI.roa
Signing time:             Tue 26 Jan 2021 07:40:08 +0000
ROA not before:           Tue 26 Jan 2021 07:40:08 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     18046
IP address blocks:        150.116.120.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2536 (0x9e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Jan 26 07:40:08 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=35B7850FBAD26E320B63754D71981A80E75281E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:45:f8:f0:98:b5:4e:c1:e4:c0:da:30:2d:a8:
                    80:80:a8:70:04:dd:fa:4b:c3:30:42:8d:50:ac:2a:
                    e8:7d:eb:46:8f:dc:e5:8f:1d:56:a9:87:87:a0:36:
                    79:ce:87:44:24:e7:17:e1:de:ca:5b:d3:9c:d5:90:
                    1b:b8:a7:e1:ea:20:be:c3:9d:96:a9:cd:32:49:11:
                    df:49:cd:9a:9c:73:b9:4a:88:f5:19:11:81:7a:e7:
                    fe:0a:b5:71:97:36:81:71:6f:c8:9d:52:78:22:e5:
                    9b:00:79:05:2d:fa:29:6f:6e:42:d7:af:8e:3c:86:
                    35:c4:73:b6:7a:b9:1a:28:cb:a4:48:89:63:91:75:
                    bf:51:c4:7c:3f:ad:04:f8:e4:b1:90:73:7a:6f:c9:
                    40:96:34:f2:04:1f:69:e0:1c:1c:2d:37:52:39:e3:
                    c7:82:67:fd:23:6d:b3:0d:f5:a0:fb:02:7a:a3:eb:
                    ea:41:21:2c:1a:23:04:75:94:01:48:e7:14:8c:64:
                    a1:d6:2c:dc:17:5f:27:76:ae:1a:ca:14:be:30:77:
                    f1:eb:57:41:d1:bb:19:be:83:4f:b8:4e:a9:df:04:
                    38:73:bf:85:56:d5:ff:e9:be:da:7b:4b:28:0d:0f:
                    8f:4d:29:c1:13:0e:a7:90:0d:b1:54:fa:01:e0:95:
                    2b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:B7:85:0F:BA:D2:6E:32:0B:63:75:4D:71:98:1A:80:E7:52:81:E2
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/NbeFD7rSbjILY3VNcZgagOdSgeI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         37:75:2f:8e:fe:2f:70:e8:0c:b0:9a:17:bb:f2:cc:e3:10:25:
         6e:75:98:ad:5d:b0:e8:a1:72:3e:f2:58:65:63:fc:50:04:1f:
         19:01:9d:7d:20:61:a3:25:0e:f6:6b:f5:ba:b5:5d:10:86:8e:
         94:e2:e5:8b:f1:f4:13:6f:e5:74:fc:21:70:b0:d2:29:ce:63:
         48:3a:bd:6b:cf:d9:49:80:d0:48:6a:ab:f6:d7:f0:56:f9:53:
         d7:f4:c6:70:67:53:60:29:98:02:6a:1c:07:01:da:3b:b9:50:
         1d:1b:4a:5f:b0:a2:17:5e:4b:7d:7e:20:0e:ef:61:59:a4:b5:
         37:c2:83:3c:8d:10:ea:89:8c:e3:84:94:f3:d8:46:f9:e1:94:
         fa:4e:38:54:21:6b:fd:11:8c:63:c2:c1:d8:14:c3:b2:a0:b7:
         0d:5d:68:16:b0:54:dc:89:c9:ea:ec:5b:a1:18:ed:de:91:28:
         77:a6:90:60:53:8e:f5:fc:51:3f:2b:cc:08:48:ec:5e:6f:9d:
         46:ab:d8:b5:19:b5:f2:a4:00:f8:ac:a5:3b:23:db:f8:a5:b7:
         d3:83:ec:f8:4f:84:d2:ff:ff:58:5d:61:4c:9d:bf:71:c3:9b:
         4c:2e:ae:7b:fb:d0:b7:1a:0f:1c:df:0c:82:c2:7e:67:63:eb:
         92:e9:df:9e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTAxMjYw
NzQwMDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM1Qjc4NTBGQkFEMjZF
MzIwQjYzNzU0RDcxOTgxQTgwRTc1MjgxRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjRfjwmLVOweTA2jAtqICAqHAE3fpLwzBCjVCsKuh960aP3OWP
HVaph4egNnnOh0Qk5xfh3spb05zVkBu4p+HqIL7DnZapzTJJEd9JzZqcc7lKiPUZ
EYF65/4KtXGXNoFxb8idUngi5ZsAeQUt+ilvbkLXr448hjXEc7Z6uRooy6RIiWOR
db9RxHw/rQT45LGQc3pvyUCWNPIEH2ngHBwtN1I548eCZ/0jbbMN9aD7Anqj6+pB
ISwaIwR1lAFI5xSMZKHWLNwXXyd2rhrKFL4wd/HrV0HRuxm+g0+4TqnfBDhzv4VW
1f/pvtp7SygND49NKcETDqeQDbFU+gHglStZAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUNbeFD7rSbjILY3VNcZgagOdSgeIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9OYmVGRDdyU2JqSUxZ
M1ZOY1pnYWdPZFNnZUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnR4MA0GCSqGSIb3DQEBCwUAA4IBAQA3dS+O/i9w6Aywmhe78szjECVudZit
XbDooXI+8lhlY/xQBB8ZAZ19IGGjJQ72a/W6tV0Qho6U4uWL8fQTb+V0/CFwsNIp
zmNIOr1rz9lJgNBIaqv21/BW+VPX9MZwZ1NgKZgCahwHAdo7uVAdG0pfsKIXXkt9
fiAO72FZpLU3woM8jRDqiYzjhJTz2Eb54ZT6TjhUIWv9EYxjwsHYFMOyoLcNXWgW
sFTcicnq7FuhGO3ekSh3ppBgU471/FE/K8wISOxeb51Gq9i1GbXypAD4rKU7I9v4
pbfTg+z4T4TS//9YXWFMnb9xw5tMLq57+9C3Gg8c3wyCwn5nY+uS6d+e
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org