Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/h3OgmNnbyyDtLhulv_zZ1qBZLbk.roa
File:                     h3OgmNnbyyDtLhulv_zZ1qBZLbk.roa (raw, json)
Hash identifier:          wSYpbd/KPq1fmHJsq0k6tIj7KYe8YSzCBpWThk5yVSc=
Subject key identifier:   87:73:A0:98:D9:DB:CB:20:ED:2E:1B:A5:BF:FC:D9:D6:A0:59:2D:B9
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0CC1
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/h3OgmNnbyyDtLhulv_zZ1qBZLbk.roa
Signing time:             Tue 01 Mar 2022 07:33:48 +0000
ROA not before:           Tue 01 Mar 2022 07:33:48 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131636
IP address blocks:        150.116.6.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3265 (0xcc1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Mar  1 07:33:48 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=8773A098D9DBCB20ED2E1BA5BFFCD9D6A0592DB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:19:f5:10:5c:f6:8c:31:dc:8b:b1:73:ee:f3:
                    be:eb:ac:37:79:29:d9:71:bc:c3:37:a7:3a:21:11:
                    ff:1f:af:d0:63:a9:0d:50:c2:d2:a2:8f:81:ad:a4:
                    94:e9:34:30:71:e8:b9:c3:cd:2a:18:f2:7c:db:07:
                    94:3e:3d:e8:3e:de:c1:e8:6a:02:62:c7:08:df:c1:
                    96:79:63:c2:8a:6c:7b:e4:bf:d8:be:14:95:1d:c6:
                    fc:92:5d:6b:c6:75:c7:42:f2:98:13:f4:ee:89:00:
                    ab:d8:52:d7:14:0e:f0:f4:5f:d6:0c:ef:65:d4:4c:
                    7e:90:4b:76:39:81:50:fb:a5:3d:c2:cf:82:f7:37:
                    85:3d:fe:cc:8c:3a:56:b2:4f:73:77:96:88:c3:e2:
                    46:73:3c:30:88:76:89:26:c5:07:36:3d:ac:a4:fc:
                    b6:7f:01:da:4e:fd:0a:a7:86:9f:2c:de:64:62:d9:
                    29:a3:74:2b:d3:b0:7d:e5:47:22:b7:27:14:36:bd:
                    40:b0:36:0a:eb:6a:f8:14:fc:7d:49:25:54:c2:86:
                    ae:ba:74:9e:38:41:90:1f:af:db:f1:61:47:d1:49:
                    fd:74:1b:99:d3:9d:d3:66:03:b0:5d:09:0d:1c:38:
                    f3:26:db:95:79:24:0e:39:a4:16:55:51:1c:b8:bd:
                    68:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:73:A0:98:D9:DB:CB:20:ED:2E:1B:A5:BF:FC:D9:D6:A0:59:2D:B9
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/h3OgmNnbyyDtLhulv_zZ1qBZLbk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:eb:48:15:94:06:5e:83:94:fc:e2:56:65:74:1e:88:70:de:
         8f:de:0d:20:62:7d:04:ea:cd:b9:24:5f:b0:a0:dc:2c:94:41:
         b7:0d:12:b3:95:1f:28:80:90:e9:a6:f4:39:4d:d3:b8:33:59:
         2b:fb:b7:36:c6:bb:46:cb:ec:ff:2b:06:75:35:a9:0b:6d:45:
         3f:26:9f:92:c9:e2:f0:3f:cb:7b:d8:2d:fa:45:d3:ef:fa:0a:
         1f:e5:44:84:24:50:52:1f:f1:fa:4c:3a:af:96:ff:d1:64:04:
         c7:c9:8b:c2:41:f3:dc:79:81:0a:34:99:22:8d:bb:79:82:06:
         68:b4:6b:15:95:b3:96:c2:c4:fa:95:bd:84:23:60:7b:3b:d5:
         28:14:03:62:5e:72:ac:0f:b9:d1:dc:e1:38:4b:62:ad:e8:23:
         8d:2b:81:92:0f:e2:9f:ac:03:70:f9:83:16:4a:d3:f7:fd:a4:
         d5:5f:77:8c:31:6b:f4:a4:f2:50:e4:ee:a6:5e:bf:93:d2:10:
         64:55:e8:85:72:cf:84:fa:bc:4e:1b:41:de:5e:58:c5:98:7d:
         9b:62:b6:fc:9a:d5:f8:03:a2:2e:e6:0b:32:11:39:b4:50:2b:
         d9:f9:3e:74:e4:19:8d:bf:23:64:21:cb:7d:56:8d:49:82:f2:
         3e:b8:a5:e7
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjAzMDEw
NzMzNDhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg3NzNBMDk4RDlEQkNC
MjBFRDJFMUJBNUJGRkNEOUQ2QTA1OTJEQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdGfUQXPaMMdyLsXPu877rrDd5KdlxvMM3pzohEf8fr9BjqQ1Q
wtKij4GtpJTpNDBx6LnDzSoY8nzbB5Q+Peg+3sHoagJixwjfwZZ5Y8KKbHvkv9i+
FJUdxvySXWvGdcdC8pgT9O6JAKvYUtcUDvD0X9YM72XUTH6QS3Y5gVD7pT3Cz4L3
N4U9/syMOlayT3N3lojD4kZzPDCIdokmxQc2Payk/LZ/AdpO/Qqnhp8s3mRi2Smj
dCvTsH3lRyK3JxQ2vUCwNgrravgU/H1JJVTChq66dJ44QZAfr9vxYUfRSf10G5nT
ndNmA7BdCQ0cOPMm25V5JA45pBZVURy4vWiLAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUh3OgmNnbyyDtLhulv/zZ1qBZLbkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9oM09nbU5uYnl5RHRM
aHVsdl96WjFxQlpMYmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBlnQGMA0GCSqGSIb3DQEBCwUAA4IBAQAg60gVlAZeg5T84lZldB6IcN6P3g0g
Yn0E6s25JF+woNwslEG3DRKzlR8ogJDppvQ5TdO4M1kr+7c2xrtGy+z/KwZ1NakL
bUU/Jp+SyeLwP8t72C36RdPv+gof5USEJFBSH/H6TDqvlv/RZATHyYvCQfPceYEK
NJkijbt5ggZotGsVlbOWwsT6lb2EI2B7O9UoFANiXnKsD7nR3OE4S2Kt6CONK4GS
D+KfrANw+YMWStP3/aTVX3eMMWv0pPJQ5O6mXr+T0hBkVeiFcs+E+rxOG0HeXljF
mH2bYrb8mtX4A6Iu5gsyETm0UCvZ+T505BmNvyNkIct9Vo1JgvI+uKXn
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org