Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/0IdVqWlEj8f-7-tVxkzTht9qg2Q.roa
File:                     0IdVqWlEj8f-7-tVxkzTht9qg2Q.roa (raw, json)
Hash identifier:          HHzGAGDT5+VdJPdxZpN0IgcBTi2lFS0qnnB9zfLbj3g=
Subject key identifier:   D0:87:55:A9:69:44:8F:C7:FE:EF:EB:55:C6:4C:D3:86:DF:6A:83:64
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0CB5
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/0IdVqWlEj8f-7-tVxkzTht9qg2Q.roa
Signing time:             Wed 29 Sep 2021 02:50:10 +0000
ROA not before:           Wed 29 Sep 2021 02:50:10 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131611
IP address blocks:        124.9.64.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3253 (0xcb5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:50:10 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=D08755A969448FC7FEEFEB55C64CD386DF6A8364
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:04:b0:65:ac:ed:3a:4c:8a:2e:b6:9a:c4:97:
                    f9:ee:ff:ad:fa:a9:9a:c5:c0:7f:4d:34:6e:b4:45:
                    84:9e:aa:d1:74:11:a7:36:a0:86:8e:20:b7:f5:ed:
                    e5:5c:b0:42:49:f4:b9:2c:31:ac:01:7a:3c:ea:ef:
                    b5:31:dc:dc:06:28:62:72:0a:1e:bd:da:db:13:14:
                    17:47:7a:e0:12:dc:97:00:a1:17:cf:3a:9c:65:f8:
                    f5:fa:91:ea:06:17:24:e7:72:aa:44:1b:07:e4:fe:
                    15:ed:09:b2:e1:99:a2:2c:f1:44:c7:c7:86:43:94:
                    13:c8:8a:06:70:2f:0b:19:36:45:c0:99:c6:c2:91:
                    d4:0e:44:03:78:29:b9:d7:c7:74:5c:98:89:4a:08:
                    6c:19:c7:df:5c:59:b2:f7:7f:93:f9:36:97:63:ff:
                    0f:7c:a9:3b:57:52:7e:a1:f2:22:63:7d:c6:2f:d4:
                    19:4e:8c:59:b9:af:0d:b1:8b:c9:4f:ff:62:97:9c:
                    a5:89:05:f2:d7:5f:c4:d3:c6:02:8e:4a:ba:52:4a:
                    c8:af:46:fd:51:46:b6:4e:fc:07:29:e4:36:33:85:
                    ed:12:5d:43:41:c9:93:fd:71:7c:df:f7:6f:c9:55:
                    b9:14:72:b0:76:50:0c:03:a9:74:e1:18:7b:26:a6:
                    db:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:87:55:A9:69:44:8F:C7:FE:EF:EB:55:C6:4C:D3:86:DF:6A:83:64
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/0IdVqWlEj8f-7-tVxkzTht9qg2Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.9.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         10:b3:af:14:d1:4e:3f:86:d2:1b:64:ed:a4:02:ed:c5:92:00:
         fd:b0:12:cb:c2:49:13:8a:f1:82:f4:b2:a4:76:1c:68:a6:6d:
         02:58:52:27:00:b5:60:ec:a4:24:e4:9b:8d:93:74:f6:a1:33:
         2a:06:e9:38:42:80:f9:72:53:70:89:17:ce:10:86:a4:51:b5:
         da:dc:85:76:be:98:7e:38:f3:e3:9e:09:d4:8e:de:fc:c6:9c:
         00:78:9e:53:eb:6f:c5:e8:b9:7f:97:7f:e0:e8:1b:fd:39:cd:
         95:b4:76:34:d9:94:77:0c:da:89:05:13:99:ce:65:6e:43:42:
         c9:04:37:ee:f6:f3:81:cb:93:8c:bf:b0:5f:a5:7e:69:2b:b1:
         5b:61:e0:92:ee:b7:62:66:aa:e6:02:17:1b:25:38:62:0a:d6:
         ef:f1:d0:42:ab:28:2e:fe:db:e2:6f:84:7e:cc:a4:59:eb:fb:
         87:4d:b9:b4:6f:1d:5a:a7:d0:06:09:2b:35:e2:1f:bb:44:88:
         ce:b0:f7:f9:21:59:6a:16:ef:28:19:0d:aa:a8:a0:cd:31:59:
         25:91:44:58:df:da:5d:55:7d:49:60:45:17:c0:bc:c4:11:af:
         b3:2b:f4:12:e6:ea:4f:45:dd:62:0d:ed:20:1b:ea:11:a2:7d:
         e6:96:d8:e0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjUwMTBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQwODc1NUE5Njk0NDhG
QzdGRUVGRUI1NUM2NENEMzg2REY2QTgzNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMBLBlrO06TIoutprEl/nu/636qZrFwH9NNG60RYSeqtF0Eac2
oIaOILf17eVcsEJJ9LksMawBejzq77Ux3NwGKGJyCh692tsTFBdHeuAS3JcAoRfP
Opxl+PX6keoGFyTncqpEGwfk/hXtCbLhmaIs8UTHx4ZDlBPIigZwLwsZNkXAmcbC
kdQORAN4KbnXx3RcmIlKCGwZx99cWbL3f5P5Npdj/w98qTtXUn6h8iJjfcYv1BlO
jFm5rw2xi8lP/2KXnKWJBfLXX8TTxgKOSrpSSsivRv1RRrZO/Acp5DYzhe0SXUNB
yZP9cXzf92/JVbkUcrB2UAwDqXThGHsmptsTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU0IdVqWlEj8f+7+tVxkzTht9qg2QwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvMElkVnFXbEVqOGYtNy10
VnhrelRodDlxZzJRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BXwJQDANBgkqhkiG9w0BAQsFAAOCAQEAELOvFNFOP4bSG2TtpALtxZIA/bASy8JJ
E4rxgvSypHYcaKZtAlhSJwC1YOykJOSbjZN09qEzKgbpOEKA+XJTcIkXzhCGpFG1
2tyFdr6Yfjjz454J1I7e/MacAHieU+tvxei5f5d/4Ogb/TnNlbR2NNmUdwzaiQUT
mc5lbkNCyQQ37vbzgcuTjL+wX6V+aSuxW2Hgku63Ymaq5gIXGyU4YgrW7/HQQqso
Lv7b4m+EfsykWev7h025tG8dWqfQBgkrNeIfu0SIzrD3+SFZahbvKBkNqqigzTFZ
JZFEWN/aXVV9SWBFF8C8xBGvsyv0EubqT0XdYg3tIBvqEaJ95pbY4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org