Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/Oboo2h-mrpJbPKMkLAr3rfpaOeI.roa
File:                     Oboo2h-mrpJbPKMkLAr3rfpaOeI.roa (raw, json)
Hash identifier:          jULNXPjIxgqfJ2wwqMAy7uLgBIl4y7SqALGt1VXtzVM=
Subject key identifier:   39:BA:28:DA:1F:A6:AE:92:5B:3C:A3:24:2C:0A:F7:AD:FA:5A:39:E2
Certificate issuer:       /CN=B2CA39D8D17B10D97D5A51E0EA2F9FB1BC40CD90
Certificate serial:       0A9C
Authority key identifier: B2:CA:39:D8:D1:7B:10:D9:7D:5A:51:E0:EA:2F:9F:B1:BC:40:CD:90
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/sso52NF7ENl9WlHg6i-fsbxAzZA.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/Oboo2h-mrpJbPKMkLAr3rfpaOeI.roa
Signing time:             Thu 15 Sep 2022 02:37:01 +0000
ROA not before:           Thu 15 Sep 2022 02:37:01 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24158
IP address blocks:        2402:7500::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2716 (0xa9c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B2CA39D8D17B10D97D5A51E0EA2F9FB1BC40CD90
        Validity
            Not Before: Sep 15 02:37:01 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=39BA28DA1FA6AE925B3CA3242C0AF7ADFA5A39E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:bc:7a:76:c1:cd:01:0e:b2:7c:a6:93:52:16:
                    d2:49:15:9f:12:8c:cd:e9:e5:9d:41:e3:2d:23:8f:
                    ea:0b:35:7e:66:a3:48:5e:73:7c:c9:a0:0e:1c:8e:
                    c7:02:e7:fa:91:be:fb:4b:66:d9:40:bf:a7:96:8f:
                    6a:4b:f2:17:bc:c0:7e:3e:a8:44:12:6d:51:65:34:
                    b1:2d:e5:c1:e5:64:99:40:83:cf:a2:6a:d9:71:a7:
                    a0:30:0c:1b:cb:ed:e3:c2:cd:34:28:38:e3:4b:0c:
                    79:0f:4b:27:11:11:9b:38:22:85:12:06:57:16:3a:
                    df:4a:cc:77:20:34:d5:cf:57:a7:38:05:67:9d:5f:
                    c4:5a:5d:51:81:40:91:53:4e:ce:f6:cc:7a:c0:0a:
                    c0:35:8f:c0:d8:7f:10:27:10:7c:49:1d:9a:de:bd:
                    cd:b8:cb:c3:b4:9a:65:17:ff:ab:ee:e4:12:18:03:
                    d5:d2:5f:b7:f2:36:4f:f9:3f:e5:29:13:89:52:e4:
                    53:8c:08:00:9f:d3:45:2d:e5:83:e5:c4:e6:a6:30:
                    aa:6c:22:5c:7e:2d:cf:71:b4:01:f4:b9:26:9a:56:
                    48:75:3d:81:32:57:3e:5a:ae:9d:48:6b:c8:6a:0b:
                    ba:99:2d:6d:67:c0:47:74:8e:34:6e:fa:39:d7:6d:
                    64:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:BA:28:DA:1F:A6:AE:92:5B:3C:A3:24:2C:0A:F7:AD:FA:5A:39:E2
            X509v3 Authority Key Identifier:
                keyid:B2:CA:39:D8:D1:7B:10:D9:7D:5A:51:E0:EA:2F:9F:B1:BC:40:CD:90

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/sso52NF7ENl9WlHg6i-fsbxAzZA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/sso52NF7ENl9WlHg6i-fsbxAzZA.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/Oboo2h-mrpJbPKMkLAr3rfpaOeI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:7500::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:06:50:e0:32:e6:a5:d5:4c:a0:0f:17:97:61:ea:8a:b1:09:
         78:59:74:d7:5c:9e:e8:76:bb:00:b8:6c:83:fd:ee:bf:7c:20:
         a2:64:e2:41:18:b8:ff:2d:ab:19:98:7e:7d:8a:02:d3:ab:7e:
         79:29:41:76:ff:df:07:a9:99:2d:5a:2c:6f:45:d6:04:07:0b:
         67:44:24:8b:ac:31:c4:ee:d8:50:9a:77:1d:87:2e:58:c0:3d:
         bd:b5:4f:ef:87:8d:0f:65:d9:64:7a:77:81:52:06:cf:90:9d:
         b4:63:5f:51:76:93:90:9b:91:8a:13:17:f0:3f:e0:61:d6:76:
         ea:0e:0a:3a:96:8a:59:18:b4:26:3d:5a:45:5a:49:db:91:38:
         11:c4:83:87:c6:da:38:de:0d:33:29:06:0b:9f:c6:17:b7:a9:
         02:df:51:d3:f8:a6:fa:83:c4:43:a6:53:c3:d3:f6:b6:ec:5b:
         6f:40:85:65:8f:f9:57:f7:6d:60:df:33:31:fc:44:85:c7:26:
         38:57:cd:50:85:55:38:0e:3c:61:b7:4c:77:4f:f4:51:86:58:
         07:5e:fe:cc:22:cb:ec:53:89:2f:9d:86:81:cf:12:4e:35:20:
         d3:86:50:84:2b:49:ce:c2:be:98:d1:63:e5:f0:cb:bf:40:28:
         f9:d8:bb:e1
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICCpwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjJD
QTM5RDhEMTdCMTBEOTdENUE1MUUwRUEyRjlGQjFCQzQwQ0Q5MDAeFw0yMjA5MTUw
MjM3MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM5QkEyOERBMUZBNkFF
OTI1QjNDQTMyNDJDMEFGN0FERkE1QTM5RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+vHp2wc0BDrJ8ppNSFtJJFZ8SjM3p5Z1B4y0jj+oLNX5mo0he
c3zJoA4cjscC5/qRvvtLZtlAv6eWj2pL8he8wH4+qEQSbVFlNLEt5cHlZJlAg8+i
atlxp6AwDBvL7ePCzTQoOONLDHkPSycREZs4IoUSBlcWOt9KzHcgNNXPV6c4BWed
X8RaXVGBQJFTTs72zHrACsA1j8DYfxAnEHxJHZrevc24y8O0mmUX/6vu5BIYA9XS
X7fyNk/5P+UpE4lS5FOMCACf00Ut5YPlxOamMKpsIlx+Lc9xtAH0uSaaVkh1PYEy
Vz5arp1Ia8hqC7qZLW1nwEd0jjRu+jnXbWSjAgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUOboo2h+mrpJbPKMkLAr3rfpaOeIwHwYDVR0jBBgwFoAUsso52NF7ENl9WlHg
6i+fsbxAzZAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBiBgNVHR8EWzBZMFeg
VaBThlFyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJV0FO
TU9CSUxFL3NzbzUyTkY3RU5sOVdsSGc2aS1mc2J4QXpaQS5jcmwwYAYIKwYBBQUH
AQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtp
L1RXTklDQ0Evc3NvNTJORjdFTmw5V2xIZzZpLWZzYnhBelpBLmNlcjAOBgNVHQ8B
Af8EBAMCB4AwgaIGCCsGAQUFBwELBIGVMIGSMF0GCCsGAQUFBzALhlFyc3luYzov
L3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJV0FOTU9CSUxFL09ib28y
aC1tcnBKYlBLTWtMQXIzcmZwYU9lSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8v
cnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAkAnUAMA0GCSqGSIb3DQEBCwUAA4IBAQAZBlDgMual1UygDxeX
YeqKsQl4WXTXXJ7odrsAuGyD/e6/fCCiZOJBGLj/LasZmH59igLTq355KUF2/98H
qZktWixvRdYEBwtnRCSLrDHE7thQmncdhy5YwD29tU/vh40PZdlkeneBUgbPkJ20
Y19RdpOQm5GKExfwP+Bh1nbqDgo6lopZGLQmPVpFWknbkTgRxIOHxto43g0zKQYL
n8YXt6kC31HT+Kb6g8RDplPD0/a27FtvQIVlj/lX921g3zMx/ESFxyY4V81QhVU4
Djxht0x3T/RRhlgHXv7MIsvsU4kvnYaBzxJONSDThlCEK0nOwr6Y0WPl8Mu/QCj5
2Lvh
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:21 2024 by rpki-client on console-ams.rpki-client.org