Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/yO7a1-2aBUk-k9-qRgvj3dOaLPo.roa
File:                     yO7a1-2aBUk-k9-qRgvj3dOaLPo.roa (raw, json)
Hash identifier:          HQnU9BDw6t6lVDWazuw0/xgZbNfe7kVX4DLl6IarnTo=
Subject key identifier:   C8:EE:DA:D7:ED:9A:05:49:3E:93:DF:AA:46:0B:E3:DD:D3:9A:2C:FA
Certificate issuer:       /CN=ABC8439FE19D99B038270208C94B66CA231FFED5
Certificate serial:       89
Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/yO7a1-2aBUk-k9-qRgvj3dOaLPo.roa
Signing time:             Sun 11 Sep 2022 14:30:25 +0000
ROA not before:           Sun 11 Sep 2022 14:30:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     38047
IP address blocks:        2400:61a0:a001::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137 (0x89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5
        Validity
            Not Before: Sep 11 14:30:25 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C8EEDAD7ED9A05493E93DFAA460BE3DDD39A2CFA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:0a:b6:ba:4e:53:db:f7:1f:dd:a4:0a:55:9e:
                    dd:5a:13:6a:32:07:c7:fa:a2:18:0a:a5:d3:80:b8:
                    0b:9e:de:9c:71:d2:c5:fc:bf:66:74:92:3a:24:61:
                    92:4d:2a:17:c3:1e:e2:b4:f0:84:6c:45:5c:aa:c2:
                    59:b2:f4:e2:26:43:03:a6:e0:eb:32:cb:40:9e:d1:
                    a7:57:21:b6:83:2f:1c:97:e1:a3:80:b8:2e:f4:0f:
                    66:eb:6c:32:e3:5b:a0:c3:37:82:aa:1c:c8:d8:e5:
                    38:cc:e4:45:9d:c8:fe:8f:16:1c:21:15:ea:c2:77:
                    2a:e4:f7:ce:af:c9:68:7c:8b:0b:af:58:94:0e:89:
                    ba:b8:10:ac:59:7b:0a:c2:e2:28:b9:97:93:0a:f5:
                    85:c5:3a:97:04:04:19:2d:20:a1:61:2e:29:36:c3:
                    6f:04:de:4b:e4:6c:4a:5f:95:6e:76:32:72:9e:41:
                    5e:60:43:a4:5c:82:7f:6a:c0:91:df:4c:89:33:29:
                    34:53:e2:71:48:7c:e2:42:81:7e:d9:18:ea:da:e9:
                    ce:2a:be:cc:a5:25:14:e8:c4:d9:ca:06:6d:b7:65:
                    8c:f1:b9:78:95:a0:23:06:0c:1e:46:d1:39:98:94:
                    5b:a9:1b:12:b1:c8:84:29:43:aa:df:85:0b:6b:de:
                    f1:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:EE:DA:D7:ED:9A:05:49:3E:93:DF:AA:46:0B:E3:DD:D3:9A:2C:FA
            X509v3 Authority Key Identifier:
                keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/yO7a1-2aBUk-k9-qRgvj3dOaLPo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:61a0:a001::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:33:75:f3:99:aa:90:cd:57:91:4b:2c:c2:9c:47:16:41:a8:
         9a:a5:ae:8d:e0:16:a8:1a:2e:f2:49:e1:28:da:62:77:05:6c:
         d1:57:f1:1a:62:d0:7d:5f:bc:2b:2f:b3:85:e0:d9:fa:39:d9:
         2c:e7:bf:e8:a5:5f:1a:a5:32:89:36:0b:82:e4:96:af:86:e1:
         c0:a9:a0:0a:8d:ae:fa:32:2d:00:46:ee:2d:3c:ed:c1:3e:c7:
         8f:17:84:37:9e:8e:f1:11:77:6b:77:5a:bc:ab:b9:e7:ab:43:
         f1:e6:52:dc:11:d6:c2:40:ca:13:a5:3f:1d:dd:c9:1a:a9:f3:
         97:79:2f:79:34:12:b9:7d:09:0d:68:d6:74:a9:6c:53:3c:83:
         64:c0:93:fb:bd:67:a1:0f:4b:7a:8e:b2:20:f7:a2:87:e7:52:
         8a:12:71:63:7b:08:7b:c2:45:02:ed:b4:b0:36:97:2a:78:47:
         48:a4:0b:5a:66:cd:53:96:23:54:7d:4b:c3:df:c6:12:84:4e:
         ec:d9:a9:fa:6a:f0:19:7d:ed:21:fd:25:53:84:31:8f:65:a8:
         ba:87:2b:91:60:3c:19:7c:8d:8e:09:ab:cc:36:eb:f4:3b:1f:
         80:fc:74:9e:76:8c:da:42:24:94:00:14:60:54:13:84:7b:f3:
         94:98:fe:ac
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICAIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJD
ODQzOUZFMTlEOTlCMDM4MjcwMjA4Qzk0QjY2Q0EyMzFGRkVENTAeFw0yMjA5MTEx
NDMwMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM4RUVEQUQ3RUQ5QTA1
NDkzRTkzREZBQTQ2MEJFM0RERDM5QTJDRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3Cra6TlPb9x/dpApVnt1aE2oyB8f6ohgKpdOAuAue3pxx0sX8
v2Z0kjokYZJNKhfDHuK08IRsRVyqwlmy9OImQwOm4Osyy0Ce0adXIbaDLxyX4aOA
uC70D2brbDLjW6DDN4KqHMjY5TjM5EWdyP6PFhwhFerCdyrk986vyWh8iwuvWJQO
ibq4EKxZewrC4ii5l5MK9YXFOpcEBBktIKFhLik2w28E3kvkbEpflW52MnKeQV5g
Q6Rcgn9qwJHfTIkzKTRT4nFIfOJCgX7ZGOra6c4qvsylJRToxNnKBm23ZYzxuXiV
oCMGDB5G0TmYlFupGxKxyIQpQ6rfhQtr3vEnAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUyO7a1+2aBUk+k9+qRgvj3dOaLPowHwYDVR0jBBgwFoAUq8hDn+GdmbA4JwII
yUtmyiMf/tUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU
RUwvcThoRG4tR2RtYkE0SndJSXlVdG15aU1mX3RVLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRFTC95TzdhMS0yYUJVay1r
OS1xUmd2ajNkT2FMUG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAJABhoKABMA0GCSqGSIb3DQEBCwUAA4IBAQBSM3XzmaqQzVeRSyzCnEcWQaia
pa6N4BaoGi7ySeEo2mJ3BWzRV/EaYtB9X7wrL7OF4Nn6Odks57/opV8apTKJNguC
5JavhuHAqaAKja76Mi0ARu4tPO3BPsePF4Q3no7xEXdrd1q8q7nnq0Px5lLcEdbC
QMoTpT8d3ckaqfOXeS95NBK5fQkNaNZ0qWxTPINkwJP7vWehD0t6jrIg96KH51KK
EnFjewh7wkUC7bSwNpcqeEdIpAtaZs1TliNUfUvD38YShE7s2an6avAZfe0h/SVT
hDGPZai6hyuRYDwZfI2OCavMNuv0Ox+A/HSedozaQiSUABRgVBOEe/OUmP6s
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org