Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/cHRwYKbFfaHuhdXA_3456GTLHrU.roa
File:                     cHRwYKbFfaHuhdXA_3456GTLHrU.roa (raw, json)
Hash identifier:          +gYOtO3a4MBdRB6FvqBDT/9B/K8OhZrORK14N9u93FM=
Subject key identifier:   70:74:70:60:A6:C5:7D:A1:EE:85:D5:C0:FF:7E:39:E8:64:CB:1E:B5
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0C40
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/cHRwYKbFfaHuhdXA_3456GTLHrU.roa
Signing time:             Wed 29 Sep 2021 02:39:12 +0000
ROA not before:           Wed 29 Sep 2021 02:39:12 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     38851
IP address blocks:        150.116.120.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3136 (0xc40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Sep 29 02:39:12 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=70747060A6C57DA1EE85D5C0FF7E39E864CB1EB5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:40:8a:c5:75:23:6f:17:bc:63:0a:a8:ec:e2:
                    4b:f3:37:a4:67:27:c6:53:b3:3b:19:10:10:a0:9f:
                    d1:e8:25:a3:f3:70:17:df:03:8f:43:82:05:8b:a3:
                    e7:34:2a:c1:e8:60:c5:17:76:ba:9d:16:69:0f:14:
                    db:3e:0b:ce:b2:9c:cb:00:ef:0f:95:2d:6e:19:ca:
                    fd:08:54:05:9f:de:94:fa:99:4c:6f:55:6e:fa:82:
                    ce:29:39:67:ec:a8:eb:35:c1:64:9d:84:36:63:d3:
                    c2:48:6a:88:a4:8c:32:9a:b3:df:bd:24:98:a5:5c:
                    53:05:6f:58:8a:4b:ce:ff:43:64:38:23:28:e2:9e:
                    13:82:b3:1e:7b:a8:75:e7:64:0d:73:e0:60:b6:21:
                    aa:3e:ff:03:98:6b:67:ad:40:da:cc:21:7e:43:36:
                    75:a0:d6:51:14:7d:73:68:63:b1:2b:02:7b:e2:28:
                    b6:c7:d7:c9:18:7e:26:da:bf:2c:4d:ba:07:32:5f:
                    6d:52:32:ed:37:f1:13:68:59:80:ee:59:63:4a:70:
                    af:49:ba:92:5e:5a:36:32:7c:96:5d:e4:58:0f:99:
                    e7:59:59:7b:b5:94:56:a8:75:1c:49:6f:f7:68:41:
                    4a:2e:c4:a9:83:d4:d9:5b:b9:41:15:1e:27:61:c4:
                    64:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:74:70:60:A6:C5:7D:A1:EE:85:D5:C0:FF:7E:39:E8:64:CB:1E:B5
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/cHRwYKbFfaHuhdXA_3456GTLHrU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3f:37:9a:07:b6:29:c0:91:9f:87:ea:67:0f:66:0e:70:51:ed:
         85:86:0a:6a:58:17:68:31:f6:13:06:ee:d6:1b:91:00:b8:37:
         0d:19:69:86:6b:3e:1e:9f:56:86:d2:b5:03:1e:61:b5:9f:4f:
         e7:ef:1d:b8:f8:b9:f8:6a:92:5f:8c:48:1f:15:fa:e8:a5:35:
         27:b4:62:1c:6b:17:0e:de:6f:e5:74:60:29:ce:8c:78:79:dd:
         d2:57:9e:c1:43:c1:ac:b3:3e:36:28:02:a9:aa:e8:9c:58:bd:
         46:ed:94:7e:78:b8:7b:77:1d:68:7f:c5:a9:91:ed:66:b9:3b:
         c5:ef:3b:3e:de:18:a0:07:f7:ef:3c:20:04:5d:6f:c2:55:30:
         64:52:76:74:d0:1c:21:e7:94:84:de:5a:e5:74:39:3b:f2:ac:
         8b:bf:84:6b:41:55:1b:8c:04:80:5c:13:4b:83:0c:db:e2:02:
         5d:be:f9:12:ae:1c:b6:84:70:a2:ec:a2:88:08:f7:77:66:35:
         5a:07:19:77:40:cd:44:02:23:93:2b:b6:7e:a5:1e:23:b4:9f:
         53:b2:c1:2f:db:c4:a4:75:ab:b0:41:fa:9b:f3:c8:cf:a0:3c:
         77:fc:ba:2a:e8:ee:7a:e5:08:b8:e7:3a:30:8d:a2:23:4a:e3:
         51:bd:d6:45
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTA5Mjkw
MjM5MTJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDcwNzQ3MDYwQTZDNTdE
QTFFRTg1RDVDMEZGN0UzOUU4NjRDQjFFQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdQIrFdSNvF7xjCqjs4kvzN6RnJ8ZTszsZEBCgn9HoJaPzcBff
A49DggWLo+c0KsHoYMUXdrqdFmkPFNs+C86ynMsA7w+VLW4Zyv0IVAWf3pT6mUxv
VW76gs4pOWfsqOs1wWSdhDZj08JIaoikjDKas9+9JJilXFMFb1iKS87/Q2Q4Iyji
nhOCsx57qHXnZA1z4GC2Iao+/wOYa2etQNrMIX5DNnWg1lEUfXNoY7ErAnviKLbH
18kYfibavyxNugcyX21SMu038RNoWYDuWWNKcK9JupJeWjYyfJZd5FgPmedZWXu1
lFaodRxJb/doQUouxKmD1NlbuUEVHidhxGRDAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUcHRwYKbFfaHuhdXA/3456GTLHrUwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9jSFJ3WUtiRmZhSHVo
ZFhBXzM0NTZHVExIclUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnR4MA0GCSqGSIb3DQEBCwUAA4IBAQA/N5oHtinAkZ+H6mcPZg5wUe2Fhgpq
WBdoMfYTBu7WG5EAuDcNGWmGaz4en1aG0rUDHmG1n0/n7x24+Ln4apJfjEgfFfro
pTUntGIcaxcO3m/ldGApzox4ed3SV57BQ8Gssz42KAKpquicWL1G7ZR+eLh7dx1o
f8Wpke1muTvF7zs+3higB/fvPCAEXW/CVTBkUnZ00Bwh55SE3lrldDk78qyLv4Rr
QVUbjASAXBNLgwzb4gJdvvkSrhy2hHCi7KKICPd3ZjVaBxl3QM1EAiOTK7Z+pR4j
tJ9TssEv28SkdauwQfqb88jPoDx3/Loq6O565Qi45zowjaIjSuNRvdZF
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org