Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/dYrpWTcHV9eOtXOWsN9W_DaD51g.roa
File:                     dYrpWTcHV9eOtXOWsN9W_DaD51g.roa (raw, json)
Hash identifier:          hiSfrTI4ky6bn5ESS44hyhzaeprBHgs0F3AkKaJt7x8=
Subject key identifier:   75:8A:E9:59:37:07:57:D7:8E:B5:73:96:B0:DF:56:FC:36:83:E7:58
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0DDF
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/dYrpWTcHV9eOtXOWsN9W_DaD51g.roa
Signing time:             Thu 29 Dec 2022 09:31:57 +0000
ROA not before:           Thu 29 Dec 2022 09:31:57 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131627
IP address blocks:        150.116.176.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3551 (0xddf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Dec 29 09:31:57 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=758AE959370757D78EB57396B0DF56FC3683E758
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:06:80:7d:30:d1:8e:94:26:01:dc:62:9c:25:
                    5a:03:67:00:25:17:be:5b:cf:55:9b:a3:44:69:9c:
                    f2:2a:c0:32:b0:92:1f:08:a4:fd:8b:24:37:2c:25:
                    40:ea:6e:28:5a:11:fc:30:7d:17:2c:9d:6f:a6:f3:
                    04:57:36:2f:7f:2f:2e:65:6b:d9:ed:c1:13:86:67:
                    11:53:b4:35:97:88:86:b9:65:1f:a0:83:a6:a9:3f:
                    1a:df:42:2b:cf:9e:52:95:cc:b2:0c:d6:24:19:0d:
                    ff:c1:8a:1a:3d:aa:fd:fc:5a:44:d5:0c:02:76:68:
                    b7:bb:fd:e7:44:3f:8a:63:cd:bb:21:72:9d:a7:99:
                    66:29:06:53:ec:16:a2:31:76:38:68:b1:3c:f2:04:
                    cb:d7:ed:f4:18:92:69:7f:22:54:b7:83:7d:54:90:
                    97:0e:bb:12:32:53:9e:58:3d:cf:f8:e2:be:25:ac:
                    b4:a5:44:32:86:de:89:fe:97:4b:df:45:f4:9d:bb:
                    89:41:ba:4e:ee:ad:ff:19:7a:cc:f6:72:e8:8f:39:
                    4c:d6:ea:75:e2:f3:b2:88:df:f5:77:69:b1:c7:c2:
                    4a:69:52:27:de:e6:4a:aa:67:3e:ee:5f:c0:6b:fc:
                    bb:c6:2b:11:67:d1:ec:35:39:54:48:e5:7c:d7:8d:
                    c2:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:8A:E9:59:37:07:57:D7:8E:B5:73:96:B0:DF:56:FC:36:83:E7:58
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/dYrpWTcHV9eOtXOWsN9W_DaD51g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3c:2c:9f:28:da:32:9b:ff:06:9d:99:1b:11:b0:90:f6:bc:79:
         85:c8:79:5b:3d:95:41:eb:2c:b1:96:9a:45:09:da:ad:ff:4e:
         c5:22:e2:6d:e2:3b:8a:e3:7c:0a:e8:0c:7e:de:21:6e:a2:68:
         72:c8:68:1f:7d:92:6c:73:0e:0f:0e:c6:3c:b4:4f:56:58:87:
         e6:50:6a:fd:b0:71:50:43:6c:0a:a4:12:34:23:2b:1b:1c:88:
         c8:11:63:fb:f5:7e:6f:46:78:1d:0a:52:46:69:37:f6:b4:a8:
         1f:d3:6e:2d:51:13:01:ce:e2:e2:27:b4:55:57:3e:6c:ec:46:
         a3:d2:ad:11:50:fb:07:1c:06:f3:15:66:59:b4:4a:73:c0:30:
         0c:47:df:dd:e4:e5:34:2e:6f:b9:1a:d0:8e:04:3d:0d:5d:da:
         2e:81:62:c4:2c:2b:11:ce:cf:15:2f:ab:5b:ea:ed:3e:f2:c7:
         f1:c8:a4:15:15:4d:4f:4a:24:76:9d:c8:a2:ff:36:c5:d1:02:
         27:e1:fa:fb:dc:1d:ca:0f:fb:43:94:21:bb:a0:7b:5d:76:e3:
         74:99:0d:b4:41:a7:45:5d:37:04:12:fd:36:42:45:1b:4c:ab:
         dd:15:af:d2:75:7b:fa:d7:9b:05:07:28:62:17:9a:9f:b1:c5:
         c9:13:b9:3b
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDd8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMxNTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDc1OEFFOTU5MzcwNzU3
RDc4RUI1NzM5NkIwREY1NkZDMzY4M0U3NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdBoB9MNGOlCYB3GKcJVoDZwAlF75bz1Wbo0RpnPIqwDKwkh8I
pP2LJDcsJUDqbihaEfwwfRcsnW+m8wRXNi9/Ly5la9ntwROGZxFTtDWXiIa5ZR+g
g6apPxrfQivPnlKVzLIM1iQZDf/Biho9qv38WkTVDAJ2aLe7/edEP4pjzbshcp2n
mWYpBlPsFqIxdjhosTzyBMvX7fQYkml/IlS3g31UkJcOuxIyU55YPc/44r4lrLSl
RDKG3on+l0vfRfSdu4lBuk7urf8Zesz2cuiPOUzW6nXi87KI3/V3abHHwkppUife
5kqqZz7uX8Br/LvGKxFn0ew1OVRI5XzXjcLdAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUdYrpWTcHV9eOtXOWsN9W/DaD51gwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9kWXJwV1RjSFY5ZU90
WE9Xc045V19EYUQ1MWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQElnSwMA0GCSqGSIb3DQEBCwUAA4IBAQA8LJ8o2jKb/wadmRsRsJD2vHmFyHlb
PZVB6yyxlppFCdqt/07FIuJt4juK43wK6Ax+3iFuomhyyGgffZJscw4PDsY8tE9W
WIfmUGr9sHFQQ2wKpBI0IysbHIjIEWP79X5vRngdClJGaTf2tKgf024tURMBzuLi
J7RVVz5s7Eaj0q0RUPsHHAbzFWZZtEpzwDAMR9/d5OU0Lm+5GtCOBD0NXdougWLE
LCsRzs8VL6tb6u0+8sfxyKQVFU1PSiR2ncii/zbF0QIn4fr73B3KD/tDlCG7oHtd
duN0mQ20QadFXTcEEv02QkUbTKvdFa/SdXv615sFByhiF5qfscXJE7k7
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org