Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/TPMVdhZZHrwdgtvGVN1E-xaBEMk.roa
File:                     TPMVdhZZHrwdgtvGVN1E-xaBEMk.roa (raw, json)
Hash identifier:          djxsX455MpmDogi+1j1CensqVqMF5a9+JL5nf7CM+GE=
Subject key identifier:   4C:F3:15:76:16:59:1E:BC:1D:82:DB:C6:54:DD:44:FB:16:81:10:C9
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0E1C
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/TPMVdhZZHrwdgtvGVN1E-xaBEMk.roa
Signing time:             Thu 29 Dec 2022 09:32:15 +0000
ROA not before:           Thu 29 Dec 2022 09:32:15 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17651
IP address blocks:        150.116.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3612 (0xe1c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Dec 29 09:32:15 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=4CF3157616591EBC1D82DBC654DD44FB168110C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:77:c0:a8:0c:d4:5c:59:f9:9d:2f:3d:d2:b8:
                    d9:a9:7c:c8:70:eb:7a:af:55:87:4e:9d:a0:51:51:
                    b4:26:30:c0:92:4a:d0:9a:4b:e1:26:06:c1:1d:d8:
                    7d:e1:79:2f:bb:29:33:05:86:20:fc:86:e6:70:76:
                    e3:dd:92:ca:ee:d7:6b:f2:69:a6:f0:5b:f8:a3:95:
                    45:20:f4:55:c5:57:d6:90:47:40:f7:20:49:bc:34:
                    41:71:eb:40:a1:82:6f:6e:3b:e9:fc:6b:ee:07:40:
                    61:ec:28:80:21:f8:1c:0f:02:a0:b3:44:79:8b:34:
                    72:5b:e5:8e:35:9c:25:13:b2:93:be:41:be:38:44:
                    f3:5a:03:74:64:d8:e3:ac:47:61:ed:e0:4f:08:7d:
                    ca:50:d8:d4:2b:df:40:ff:4f:5e:cd:aa:f4:7a:0c:
                    ed:9e:f8:8a:75:2b:47:e0:12:77:eb:c0:b5:52:d0:
                    ae:c0:24:22:42:47:d7:92:47:89:9e:96:98:4b:f0:
                    41:6f:b1:a4:0f:5c:5c:50:7d:92:dc:73:5b:ef:46:
                    82:48:fe:cb:5e:76:1e:39:f2:a4:a5:19:a4:da:3f:
                    37:9d:b0:26:4e:ba:c0:35:54:77:1b:85:7b:56:dd:
                    04:cd:4b:c0:38:14:0f:8c:6f:f7:ac:69:63:c5:6f:
                    3b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:F3:15:76:16:59:1E:BC:1D:82:DB:C6:54:DD:44:FB:16:81:10:C9
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/TPMVdhZZHrwdgtvGVN1E-xaBEMk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:98:b3:9d:ff:01:f0:a9:5c:99:af:17:93:28:ef:92:3c:f9:
         8f:4d:cb:16:92:c7:fb:75:47:bb:b8:1b:f8:ab:1a:5f:25:18:
         ff:35:91:f2:42:04:2e:73:81:ab:8b:71:a0:db:49:87:7d:46:
         e1:72:17:d6:a6:c7:fe:10:2c:bb:61:1e:9f:4a:7e:18:ff:26:
         44:76:dd:a5:bb:cf:c4:a4:84:ba:c3:24:5e:0f:b5:f4:74:aa:
         c5:44:8a:1f:b7:e9:9c:4f:55:cf:98:0f:17:f7:5a:f0:11:5f:
         b3:c3:ca:fb:f3:76:cb:33:08:1f:fe:91:37:71:4f:23:c0:94:
         78:0b:78:91:a6:b5:61:01:59:aa:00:1b:4e:7f:43:53:25:ff:
         aa:93:75:35:93:1e:70:f9:28:31:b1:56:29:af:c0:88:3f:33:
         59:59:42:82:57:ee:98:f8:25:4a:8c:8b:f1:de:28:3e:72:5a:
         04:db:c0:a0:0a:f7:ca:c1:ed:22:a9:09:56:42:58:09:cc:71:
         f8:5c:d2:66:f7:d3:0d:25:97:58:dd:d6:5d:69:3d:9e:23:74:
         5a:15:cf:ac:a8:67:d9:d0:4e:73:1d:74:ed:dc:d9:26:ea:9c:
         b7:d6:07:25:ae:59:f4:2b:fa:58:87:77:19:84:a1:6d:b7:ca:
         43:1d:b3:ed
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDhwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMyMTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRDRjMxNTc2MTY1OTFF
QkMxRDgyREJDNjU0REQ0NEZCMTY4MTEwQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7d8CoDNRcWfmdLz3SuNmpfMhw63qvVYdOnaBRUbQmMMCSStCa
S+EmBsEd2H3heS+7KTMFhiD8huZwduPdksru12vyaabwW/ijlUUg9FXFV9aQR0D3
IEm8NEFx60Chgm9uO+n8a+4HQGHsKIAh+BwPAqCzRHmLNHJb5Y41nCUTspO+Qb44
RPNaA3Rk2OOsR2Ht4E8IfcpQ2NQr30D/T17NqvR6DO2e+Ip1K0fgEnfrwLVS0K7A
JCJCR9eSR4melphL8EFvsaQPXFxQfZLcc1vvRoJI/stedh458qSlGaTaPzedsCZO
usA1VHcbhXtW3QTNS8A4FA+Mb/esaWPFbzsPAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUTPMVdhZZHrwdgtvGVN1E+xaBEMkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9UUE1WZGhaWkhyd2Rn
dHZHVk4xRS14YUJFTWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAlnQ0MA0GCSqGSIb3DQEBCwUAA4IBAQBumLOd/wHwqVyZrxeTKO+SPPmPTcsW
ksf7dUe7uBv4qxpfJRj/NZHyQgQuc4Gri3Gg20mHfUbhchfWpsf+ECy7YR6fSn4Y
/yZEdt2lu8/EpIS6wyReD7X0dKrFRIoft+mcT1XPmA8X91rwEV+zw8r783bLMwgf
/pE3cU8jwJR4C3iRprVhAVmqABtOf0NTJf+qk3U1kx5w+SgxsVYpr8CIPzNZWUKC
V+6Y+CVKjIvx3ig+cloE28CgCvfKwe0iqQlWQlgJzHH4XNJm99MNJZdY3dZdaT2e
I3RaFc+sqGfZ0E5zHXTt3Nkm6py31gclrln0K/pYh3cZhKFtt8pDHbPt
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org