Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/npL47coNgaoZMOXnfOcG20XyDjY.roa
File:                     npL47coNgaoZMOXnfOcG20XyDjY.roa (raw, json)
Hash identifier:          UxcMlLT+i0qLWCI/+gyYXB2olo1OMyujEPm0tf9V6xM=
Subject key identifier:   9E:92:F8:ED:CA:0D:81:AA:19:30:E5:E7:7C:E7:06:DB:45:F2:0E:36
Certificate issuer:       /CN=ABC8439FE19D99B038270208C94B66CA231FFED5
Certificate serial:       42
Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/npL47coNgaoZMOXnfOcG20XyDjY.roa
Signing time:             Thu 02 Jun 2022 00:06:22 +0000
ROA not before:           Thu 02 Jun 2022 00:06:22 +0000
ROA not after:            Wed 08 Mar 2023 06:55:31 +0000
asID:                     38047
IP address blocks:        2400:61a0:a055::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66 (0x42)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5
        Validity
            Not Before: Jun  2 00:06:22 2022 GMT
            Not After : Mar  8 06:55:31 2023 GMT
        Subject: CN=9E92F8EDCA0D81AA1930E5E77CE706DB45F20E36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:78:2c:95:7f:e7:b5:a4:10:ee:64:2c:04:fa:
                    94:b3:65:e9:d4:db:4d:d5:eb:7d:65:d3:ec:05:3b:
                    7e:7b:6c:fa:4b:5c:95:51:fa:eb:b9:58:28:53:8c:
                    c2:bb:98:90:2a:58:ff:52:15:39:bc:bb:bf:5c:90:
                    ec:57:e0:e7:cc:32:50:31:ab:9d:70:08:32:7a:15:
                    6e:f1:a8:33:e4:1e:6c:03:eb:28:52:dd:b7:72:c4:
                    6f:50:c6:36:9b:18:fb:d5:ac:97:82:5e:8d:29:d7:
                    47:80:6a:58:df:69:9d:0a:46:df:b8:6d:f1:7d:6f:
                    ad:55:d5:0a:96:e3:ef:8f:47:1e:ea:5c:a1:f1:d5:
                    d6:17:b1:c1:2f:e2:f2:ca:26:55:bd:2c:4e:6a:a5:
                    7a:58:79:8d:f0:db:84:42:a2:5d:13:78:b9:2c:b6:
                    11:63:c2:2b:97:4f:d5:d0:b8:e6:3d:16:b1:40:8d:
                    d9:21:94:7f:fb:90:74:27:0e:0b:c7:d8:48:ec:9e:
                    ba:46:c2:09:e8:e3:88:39:c2:19:1d:d4:d3:eb:7f:
                    69:0e:90:84:28:66:bf:89:e1:c7:2d:89:6c:0a:c0:
                    b0:66:06:b5:0d:75:7c:74:f5:74:f8:8f:8d:3a:14:
                    01:ff:99:0f:07:b1:4f:8d:3f:a8:6c:c3:8c:33:64:
                    4d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:92:F8:ED:CA:0D:81:AA:19:30:E5:E7:7C:E7:06:DB:45:F2:0E:36
            X509v3 Authority Key Identifier:
                keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/npL47coNgaoZMOXnfOcG20XyDjY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:61a0:a055::/48

    Signature Algorithm: sha256WithRSAEncryption
         25:66:d2:64:7d:1b:33:92:b4:bd:2d:ad:87:a6:ac:0e:41:ac:
         b7:1f:a2:d7:f3:e2:07:e0:b1:4b:8e:ec:d7:49:56:cc:7c:00:
         40:08:fe:6c:84:2f:9e:26:26:33:b6:ec:69:ac:84:0a:0e:9f:
         16:22:79:1f:65:be:59:1f:9d:02:ac:2f:0f:3d:95:61:79:8b:
         6d:cc:27:d0:f4:df:86:b6:c3:2e:fc:80:00:70:d5:ea:7d:ed:
         42:a7:81:9c:24:52:fa:b0:16:07:ba:24:8d:3a:0e:b8:77:a0:
         4d:ab:fb:49:59:38:ea:41:39:6c:9f:55:71:50:9d:82:12:9f:
         76:5d:74:e5:4f:20:e8:21:aa:b5:6a:d8:62:dd:db:cd:2c:78:
         0c:88:02:1d:06:af:87:49:60:6a:fc:70:1c:91:7b:de:e4:0e:
         59:d4:2b:50:3e:d8:d6:9b:51:a8:de:31:a3:ef:a3:b8:a9:c6:
         04:bb:18:68:e2:f2:85:ef:ed:8f:64:70:37:83:92:7c:af:49:
         99:10:51:39:df:97:84:14:c8:85:95:46:1f:c3:ca:64:f2:82:
         42:23:8a:be:13:2b:46:dc:4f:64:41:41:47:b3:d7:20:b0:29:
         10:5e:51:07:57:d4:43:bd:00:0e:be:9a:2a:64:33:14:51:c0:
         41:c2:50:a1
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgIBQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBQkM4
NDM5RkUxOUQ5OUIwMzgyNzAyMDhDOTRCNjZDQTIzMUZGRUQ1MB4XDTIyMDYwMjAw
MDYyMloXDTIzMDMwODA2NTUzMVowMzExMC8GA1UEAxMoOUU5MkY4RURDQTBEODFB
QTE5MzBFNUU3N0NFNzA2REI0NUYyMEUzNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALF4LJV/57WkEO5kLAT6lLNl6dTbTdXrfWXT7AU7fnts+ktclVH6
67lYKFOMwruYkCpY/1IVOby7v1yQ7Ffg58wyUDGrnXAIMnoVbvGoM+QebAPrKFLd
t3LEb1DGNpsY+9Wsl4JejSnXR4BqWN9pnQpG37ht8X1vrVXVCpbj749HHupcofHV
1hexwS/i8somVb0sTmqlelh5jfDbhEKiXRN4uSy2EWPCK5dP1dC45j0WsUCN2SGU
f/uQdCcOC8fYSOyeukbCCejjiDnCGR3U0+t/aQ6QhChmv4nhxy2JbArAsGYGtQ11
fHT1dPiPjToUAf+ZDwexT40/qGzDjDNkTcsCAwEAAaOCAfUwggHxMB0GA1UdDgQW
BBSekvjtyg2Bqhkw5ed85wbbRfIONjAfBgNVHSMEGDAWgBSryEOf4Z2ZsDgnAgjJ
S2bKIx/+1TAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GA1UdHwRXMFUwU6BR
oE+GTXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRF
TC9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3E4aERuLUdkbWJBNEp3SUl5VXRteWlNZl90VS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGeBggrBgEFBQcBCwSBkTCBjjBZBggrBgEFBQcwC4ZNcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISU5BVEVML25wTDQ3Y29OZ2FvWk1P
WG5mT2NHMjBYeURqWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25p
Yy50dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAkAGGgoFUwDQYJKoZIhvcNAQELBQADggEBACVm0mR9GzOStL0trYemrA5BrLcf
otfz4gfgsUuO7NdJVsx8AEAI/myEL54mJjO27GmshAoOnxYieR9lvlkfnQKsLw89
lWF5i23MJ9D034a2wy78gABw1ep97UKngZwkUvqwFge6JI06Drh3oE2r+0lZOOpB
OWyfVXFQnYISn3ZddOVPIOghqrVq2GLd280seAyIAh0Gr4dJYGr8cByRe97kDlnU
K1A+2NabUajeMaPvo7ipxgS7GGji8oXv7Y9kcDeDknyvSZkQUTnfl4QUyIWVRh/D
ymTygkIjir4TK0bcT2RBQUez1yCwKRBeUQdX1EO9AA6+mipkMxRRwEHCUKE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org