Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/mk1d_yYnYBg46GozS_a_Lz09l7k.roa
File:                     mk1d_yYnYBg46GozS_a_Lz09l7k.roa (raw, json)
Hash identifier:          jrd3bc83yumEG2ux+af9Fp+wN5GV+xDcFYjSk99+j/M=
Subject key identifier:   9A:4D:5D:FF:26:27:60:18:38:E8:6A:33:4B:F6:BF:2F:3D:3D:97:B9
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0881
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/mk1d_yYnYBg46GozS_a_Lz09l7k.roa
Signing time:             Tue 29 Sep 2020 10:02:32 +0000
ROA not before:           Tue 29 Sep 2020 10:02:32 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131627
IP address blocks:        150.116.144.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2177 (0x881)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Sep 29 10:02:32 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=9A4D5DFF2627601838E86A334BF6BF2F3D3D97B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ab:5e:c0:38:cb:d0:35:05:ce:2c:21:fe:e2:
                    81:79:72:91:62:22:6f:34:65:c3:58:63:b4:ea:5e:
                    c9:72:53:91:c0:09:b1:66:96:de:c3:67:9f:47:4e:
                    80:66:5c:ac:7e:05:88:3f:71:d3:e5:01:82:36:07:
                    7c:3b:76:03:ca:8b:fd:d5:83:e7:9a:97:75:fd:8b:
                    53:9a:b7:da:24:77:6f:7d:2b:18:37:8f:f8:6c:13:
                    0e:0d:e1:1b:bf:4a:b0:ba:06:7d:8c:9c:24:fa:7f:
                    d9:b0:41:11:02:2d:6b:c0:4e:7b:e1:5e:ac:7e:8e:
                    ba:1e:fc:76:04:dc:39:6e:e3:92:36:f7:d8:86:9a:
                    bb:6f:fc:d9:f9:cc:eb:31:4c:15:51:d5:c1:95:53:
                    c6:14:cb:03:52:b1:98:07:7c:97:df:13:9a:01:8c:
                    5a:4a:9a:92:48:7d:c7:49:a6:b7:51:44:82:d0:a2:
                    31:ca:91:ac:ec:ca:16:84:05:53:56:62:75:79:ff:
                    7b:0f:10:6a:e5:43:27:17:99:d9:66:0d:5e:e4:92:
                    8d:fb:aa:3c:14:dd:fd:fa:0f:c9:85:a1:d0:28:5f:
                    4e:b3:02:f4:37:65:98:34:2c:ed:e6:87:92:e2:ad:
                    f3:9e:95:08:dc:34:86:8b:c8:e6:91:7c:3b:24:4e:
                    da:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:4D:5D:FF:26:27:60:18:38:E8:6A:33:4B:F6:BF:2F:3D:3D:97:B9
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/mk1d_yYnYBg46GozS_a_Lz09l7k.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         10:1a:85:4e:5f:1a:12:18:0c:5f:2a:96:cf:87:01:e5:86:37:
         9a:3b:54:a3:69:54:48:f3:13:fe:8f:b6:cf:83:f1:71:ae:a0:
         a4:10:f4:a0:d8:4a:b9:2e:b8:c1:f0:aa:03:34:78:92:36:05:
         45:eb:e3:10:f8:ed:cf:f3:21:24:67:c6:f4:dd:e8:8d:a5:03:
         04:9d:e2:24:b5:f5:de:bf:f8:a7:c5:ec:0f:37:ed:32:07:0c:
         8e:b7:0f:1f:4c:a1:b2:7d:35:b8:41:16:91:06:69:f8:fc:0f:
         93:72:27:64:bc:f0:47:de:4e:14:0e:e9:3c:95:c8:85:72:ac:
         2c:eb:5b:b1:0a:0e:17:55:fd:28:e5:94:d0:5a:47:70:16:5b:
         e9:96:d4:ca:e0:ff:b7:74:cd:a8:36:31:f4:02:34:10:03:08:
         ae:03:9f:96:c0:af:f2:18:f8:a5:bf:a1:de:1e:22:19:88:9d:
         28:e0:5f:0c:56:27:86:00:ac:9f:95:75:30:dd:f1:b4:c7:41:
         1e:65:aa:43:e1:c4:5d:5c:e0:e1:87:58:42:56:18:ad:70:6f:
         88:74:f1:52:dd:08:fc:90:3f:5f:87:67:6f:ff:4f:16:58:e1:
         0b:4c:66:76:0c:13:f6:5a:f4:91:1d:0a:bd:8d:c5:f7:d7:59:
         5d:d2:ae:67
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMDA5Mjkx
MDAyMzJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlBNEQ1REZGMjYyNzYw
MTgzOEU4NkEzMzRCRjZCRjJGM0QzRDk3QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNq17AOMvQNQXOLCH+4oF5cpFiIm80ZcNYY7TqXslyU5HACbFm
lt7DZ59HToBmXKx+BYg/cdPlAYI2B3w7dgPKi/3Vg+eal3X9i1Oat9okd299Kxg3
j/hsEw4N4Ru/SrC6Bn2MnCT6f9mwQRECLWvATnvhXqx+jroe/HYE3Dlu45I299iG
mrtv/Nn5zOsxTBVR1cGVU8YUywNSsZgHfJffE5oBjFpKmpJIfcdJprdRRILQojHK
kazsyhaEBVNWYnV5/3sPEGrlQycXmdlmDV7kko37qjwU3f36D8mFodAoX06zAvQ3
ZZg0LO3mh5LirfOelQjcNIaLyOaRfDskTtr3AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUmk1d/yYnYBg46GozS/a/Lz09l7kwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9tazFkX3lZbllCZzQ2
R296U19hX0x6MDlsN2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQElnSQMA0GCSqGSIb3DQEBCwUAA4IBAQAQGoVOXxoSGAxfKpbPhwHlhjeaO1Sj
aVRI8xP+j7bPg/FxrqCkEPSg2Eq5LrjB8KoDNHiSNgVF6+MQ+O3P8yEkZ8b03eiN
pQMEneIktfXev/inxewPN+0yBwyOtw8fTKGyfTW4QRaRBmn4/A+TcidkvPBH3k4U
Duk8lciFcqws61uxCg4XVf0o5ZTQWkdwFlvpltTK4P+3dM2oNjH0AjQQAwiuA5+W
wK/yGPilv6HeHiIZiJ0o4F8MVieGAKyflXUw3fG0x0EeZapD4cRdXODhh1hCVhit
cG+IdPFS3Qj8kD9fh2dv/08WWOELTGZ2DBP2WvSRHQq9jcX311ld0q5n
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org