Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/0f28Rx_uP5NUhF_xH0sfyXT7DOo.roa
File:                     0f28Rx_uP5NUhF_xH0sfyXT7DOo.roa (raw, json)
Hash identifier:          Jwq55DVo3fdmwQy4WQtf0FJzy2LwnykxFmTuWV5R6+c=
Subject key identifier:   D1:FD:BC:47:1F:EE:3F:93:54:84:5F:F1:1F:4B:1F:C9:74:FB:0C:EA
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/0f28Rx_uP5NUhF_xH0sfyXT7DOo.roa
Signing time:             Thu 15 Sep 2022 02:47:03 +0000
ROA not before:           Thu 15 Sep 2022 02:47:03 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        210.17.35.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:03 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=D1FDBC471FEE3F9354845FF11F4B1FC974FB0CEA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:67:71:2b:ed:cc:6a:de:d3:97:a9:2f:6c:49:
                    05:db:ec:93:81:bd:e1:61:4a:35:d0:1a:e1:1b:56:
                    c6:22:7b:e8:dc:5e:d3:90:76:7f:4c:91:fa:c7:af:
                    41:6a:51:77:21:35:22:8f:ba:50:43:b8:7e:32:85:
                    94:93:9c:d8:72:f6:4a:b5:b7:8f:4a:19:d6:bd:84:
                    58:ee:9e:5c:f0:52:d0:ca:39:d9:1c:fa:69:ea:29:
                    1b:be:4b:c9:35:c2:3b:65:cb:c7:5f:6e:c4:c8:51:
                    a1:b7:02:b1:2e:5c:8d:d9:90:3a:0b:8a:28:05:e8:
                    46:b0:1d:94:36:cc:24:79:51:84:c8:3d:06:4e:ee:
                    19:69:38:9c:47:e2:0b:a2:36:1b:c6:64:63:e2:09:
                    b8:63:1c:c8:33:4a:d4:57:37:dc:10:94:20:d9:34:
                    04:33:94:7f:b6:b1:20:8a:36:7d:c7:20:77:21:09:
                    cf:d3:2d:1c:55:65:a5:86:a1:c3:a9:0c:d7:8d:30:
                    b1:cf:3f:46:e0:aa:2f:24:5d:50:86:ea:ce:81:85:
                    3f:cd:da:2c:4e:64:9d:1f:db:d8:4b:6f:e1:bd:d8:
                    6a:8b:61:48:25:ea:e4:70:5c:5c:3a:4d:1c:a9:c7:
                    fe:71:c5:8e:9a:94:3f:aa:f9:43:83:42:9b:97:0c:
                    07:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:FD:BC:47:1F:EE:3F:93:54:84:5F:F1:1F:4B:1F:C9:74:FB:0C:EA
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/0f28Rx_uP5NUhF_xH0sfyXT7DOo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:f4:49:82:f4:52:f3:bc:25:54:0f:e3:c9:f2:d2:dd:78:17:
         e6:4d:b9:a6:ad:3b:2c:0d:ec:1b:c8:81:ab:1f:93:50:91:96:
         25:82:aa:33:8f:30:cc:50:21:eb:2a:d5:02:ac:bb:8a:db:a5:
         75:ef:9b:74:b0:0c:69:45:a0:91:e8:22:7b:27:c6:bc:58:99:
         c8:15:c6:20:b8:81:1a:64:97:cc:82:20:11:82:b6:a7:82:e4:
         9d:e2:cf:68:f6:53:eb:f0:96:43:56:22:b4:e5:f6:00:ad:3e:
         53:f5:5b:2b:96:ef:27:5c:1a:fd:2b:87:13:1b:29:62:85:a4:
         ad:ea:b2:8a:11:4a:7b:c9:c7:3e:98:ce:d6:ac:a9:c1:90:0a:
         f2:bc:ae:57:32:05:32:b7:0c:12:4e:86:2f:16:01:ac:e3:77:
         bd:05:f1:8b:a8:18:59:9b:bb:01:b2:03:6f:7d:4d:02:08:3e:
         ce:14:d0:80:ff:89:f0:b9:a4:79:b4:d2:18:1c:b5:18:0d:c5:
         56:7d:37:37:64:cd:1e:3d:0d:3a:64:df:53:68:10:38:be:81:
         58:dd:90:5c:9e:c1:78:72:be:16:6f:30:55:d2:00:81:e5:fa:
         69:e7:80:86:77:f1:4a:d9:14:aa:73:ec:31:c8:6c:5f:f9:bb:
         56:1b:5f:3e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQxRkRCQzQ3MUZFRTNG
OTM1NDg0NUZGMTFGNEIxRkM5NzRGQjBDRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHZ3Er7cxq3tOXqS9sSQXb7JOBveFhSjXQGuEbVsYie+jcXtOQ
dn9MkfrHr0FqUXchNSKPulBDuH4yhZSTnNhy9kq1t49KGda9hFjunlzwUtDKOdkc
+mnqKRu+S8k1wjtly8dfbsTIUaG3ArEuXI3ZkDoLiigF6EawHZQ2zCR5UYTIPQZO
7hlpOJxH4guiNhvGZGPiCbhjHMgzStRXN9wQlCDZNAQzlH+2sSCKNn3HIHchCc/T
LRxVZaWGocOpDNeNMLHPP0bgqi8kXVCG6s6BhT/N2ixOZJ0f29hLb+G92GqLYUgl
6uRwXFw6TRypx/5xxY6alD+q+UODQpuXDAeRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU0f28Rx/uP5NUhF/xH0sfyXT7DOowHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvMGYyOFJ4X3VQNU5VaEZf
eEgwc2Z5WFQ3RE9vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRIzANBgkqhkiG9w0BAQsFAAOCAQEAKfRJgvRS87wlVA/jyfLS3XgX5k25pq07
LA3sG8iBqx+TUJGWJYKqM48wzFAh6yrVAqy7itulde+bdLAMaUWgkegieyfGvFiZ
yBXGILiBGmSXzIIgEYK2p4LkneLPaPZT6/CWQ1YitOX2AK0+U/VbK5bvJ1wa/SuH
ExspYoWkreqyihFKe8nHPpjO1qypwZAK8ryuVzIFMrcMEk6GLxYBrON3vQXxi6gY
WZu7AbIDb31NAgg+zhTQgP+J8LmkebTSGBy1GA3FVn03N2TNHj0NOmTfU2gQOL6B
WN2QXJ7BeHK+Fm8wVdIAgeX6aeeAhnfxStkUqnPsMchsX/m7VhtfPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org