Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/iQQ3pZJaobwzTpSeS-dm9bmC_9E.roa
File:                     iQQ3pZJaobwzTpSeS-dm9bmC_9E.roa (raw, json)
Hash identifier:          2lUQNU4mpxSQRPCXFcVwfazbu4JymZYM/mIEhasdG40=
Subject key identifier:   89:04:37:A5:92:5A:A1:BC:33:4E:94:9E:4B:E7:66:F5:B9:82:FF:D1
Certificate issuer:       /CN=ABC8439FE19D99B038270208C94B66CA231FFED5
Certificate serial:       05
Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/iQQ3pZJaobwzTpSeS-dm9bmC_9E.roa
Signing time:             Tue 08 Mar 2022 07:32:01 +0000
ROA not before:           Tue 08 Mar 2022 07:32:01 +0000
ROA not after:            Wed 08 Mar 2023 06:55:31 +0000
asID:                     38047
IP address blocks:        103.183.79.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5
        Validity
            Not Before: Mar  8 07:32:01 2022 GMT
            Not After : Mar  8 06:55:31 2023 GMT
        Subject: CN=890437A5925AA1BC334E949E4BE766F5B982FFD1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:99:28:db:65:c8:13:39:fd:54:3b:23:cb:ce:
                    d6:23:e9:da:d4:1c:b4:6a:f6:62:38:52:98:d5:57:
                    7e:b2:85:39:eb:9e:b3:fb:1b:49:53:89:30:7c:6e:
                    96:8a:fd:fd:c0:3e:7b:01:a9:5d:c0:30:9c:a5:dc:
                    71:3f:0c:c2:97:3b:08:20:a6:e2:47:5d:43:82:3a:
                    13:38:37:69:ae:ee:64:55:57:9a:3a:ed:7c:0d:91:
                    62:ce:f1:40:8f:a8:3e:9d:17:a2:11:3c:a8:0c:cb:
                    25:e1:98:7f:48:90:fe:80:0a:55:ea:ea:e7:54:96:
                    61:e1:f1:79:b3:b2:be:a9:00:69:73:31:d1:be:38:
                    7f:71:11:30:79:06:9a:3f:55:fe:e5:6f:10:e5:f5:
                    c7:32:c3:e1:fa:4a:22:6b:b0:f3:84:fe:8c:b8:77:
                    e9:fa:87:8f:d1:d1:54:78:b6:8e:f3:49:a2:b9:ac:
                    40:d9:d6:d2:39:60:f4:ad:00:df:27:58:7f:b2:b9:
                    f9:87:47:d5:b1:c7:26:c0:a5:d4:7c:c2:55:3d:30:
                    b3:0f:e6:cb:69:7a:95:00:a9:34:9a:49:2d:1b:02:
                    70:53:33:73:93:ac:b8:59:1a:6e:e2:5b:72:da:44:
                    b5:20:fb:26:60:9f:87:9c:d5:20:49:7d:28:6f:7f:
                    95:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:04:37:A5:92:5A:A1:BC:33:4E:94:9E:4B:E7:66:F5:B9:82:FF:D1
            X509v3 Authority Key Identifier:
                keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/iQQ3pZJaobwzTpSeS-dm9bmC_9E.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.183.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:40:e2:56:4f:53:83:28:d9:1d:de:e2:55:0c:c2:4f:da:c4:
         1d:56:19:b0:32:f2:52:3e:8f:93:7b:d4:5f:5f:9f:47:11:2a:
         1b:a1:ae:69:50:f3:50:15:3b:55:05:75:25:7d:f0:3e:30:42:
         27:79:a9:f2:a5:7a:34:da:7d:a4:0b:17:5c:a5:7d:3e:ca:fe:
         cd:19:c5:f8:be:c5:51:0f:6c:1f:3e:3f:0b:43:77:21:a5:ca:
         49:70:de:eb:ea:60:16:5f:e6:aa:6e:07:b1:61:79:78:73:8a:
         79:18:76:2a:9e:29:21:28:5b:20:84:a2:9c:8c:4f:e9:aa:fc:
         6e:cc:69:74:63:ef:85:56:c4:58:4e:67:a6:e8:81:d4:db:a5:
         64:7c:65:e1:34:ee:2d:f0:c5:25:15:b3:36:a9:23:e7:cf:90:
         ab:2a:30:bf:26:11:1c:f8:38:20:0a:a3:da:12:39:2e:8d:4c:
         c0:10:88:75:f7:45:88:8c:20:6d:d2:39:af:d5:5c:76:5a:22:
         d6:1e:de:0d:b8:00:1f:d6:a0:0a:80:a3:f2:d9:d5:09:9e:92:
         02:80:3c:49:2b:a1:d5:6e:d0:b3:e4:65:a1:67:44:78:0f:71:
         d0:c0:eb:11:86:a1:c6:f2:ad:75:fc:ff:9f:0a:53:11:1c:b1:
         f8:0c:da:5d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBQkM4
NDM5RkUxOUQ5OUIwMzgyNzAyMDhDOTRCNjZDQTIzMUZGRUQ1MB4XDTIyMDMwODA3
MzIwMVoXDTIzMDMwODA2NTUzMVowMzExMC8GA1UEAxMoODkwNDM3QTU5MjVBQTFC
QzMzNEU5NDlFNEJFNzY2RjVCOTgyRkZEMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMGZKNtlyBM5/VQ7I8vO1iPp2tQctGr2YjhSmNVXfrKFOeues/sb
SVOJMHxulor9/cA+ewGpXcAwnKXccT8Mwpc7CCCm4kddQ4I6Ezg3aa7uZFVXmjrt
fA2RYs7xQI+oPp0XohE8qAzLJeGYf0iQ/oAKVerq51SWYeHxebOyvqkAaXMx0b44
f3ERMHkGmj9V/uVvEOX1xzLD4fpKImuw84T+jLh36fqHj9HRVHi2jvNJormsQNnW
0jlg9K0A3ydYf7K5+YdH1bHHJsCl1HzCVT0wsw/my2l6lQCpNJpJLRsCcFMzc5Os
uFkabuJbctpEtSD7JmCfh5zVIEl9KG9/lS0CAwEAAaOCAfIwggHuMB0GA1UdDgQW
BBSJBDelklqhvDNOlJ5L52b1uYL/0TAfBgNVHSMEGDAWgBSryEOf4Z2ZsDgnAgjJ
S2bKIx/+1TAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GA1UdHwRXMFUwU6BR
oE+GTXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRF
TC9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3E4aERuLUdkbWJBNEp3SUl5VXRteWlNZl90VS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGeBggrBgEFBQcBCwSBkTCBjjBZBggrBgEFBQcwC4ZNcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISU5BVEVML2lRUTNwWkphb2J3elRw
U2VTLWRtOWJtQ185RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25p
Yy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnt08wDQYJKoZIhvcNAQELBQADggEBAB5A4lZPU4Mo2R3e4lUMwk/axB1WGbAy
8lI+j5N71F9fn0cRKhuhrmlQ81AVO1UFdSV98D4wQid5qfKlejTafaQLF1ylfT7K
/s0Zxfi+xVEPbB8+PwtDdyGlyklw3uvqYBZf5qpuB7FheXhzinkYdiqeKSEoWyCE
opyMT+mq/G7MaXRj74VWxFhOZ6bogdTbpWR8ZeE07i3wxSUVszapI+fPkKsqML8m
ERz4OCAKo9oSOS6NTMAQiHX3RYiMIG3SOa/VXHZaItYe3g24AB/WoAqAo/LZ1Qme
kgKAPEkrodVu0LPkZaFnRHgPcdDA6xGGocbyrXX8/58KUxEcsfgM2l0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org