Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/3pjCQ9J4ex7AJbBPx3rmVA9nWhs.roa
File:                     3pjCQ9J4ex7AJbBPx3rmVA9nWhs.roa (raw, json)
Hash identifier:          l2qkua7AyQVAk0vgD/Q+9fIYP/rGxLqlG4oYP0VvRpo=
Subject key identifier:   DE:98:C2:43:D2:78:7B:1E:C0:25:B0:4F:C7:7A:E6:54:0F:67:5A:1B
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/3pjCQ9J4ex7AJbBPx3rmVA9nWhs.roa
Signing time:             Thu 15 Sep 2022 02:47:15 +0000
ROA not before:           Thu 15 Sep 2022 02:47:15 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        219.86.0.0/15 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:15 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=DE98C243D2787B1EC025B04FC77AE6540F675A1B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b5:01:83:ab:2b:3f:36:ac:12:12:8a:52:95:
                    62:90:c3:51:e5:34:4d:0e:82:43:e3:a1:4b:e4:7c:
                    ae:e6:4a:fd:3e:dd:07:40:11:76:64:26:db:8e:fb:
                    93:68:0a:4b:b5:57:8f:93:f2:62:8b:2c:b0:00:35:
                    d5:25:93:a6:c3:bc:7f:4c:4e:20:74:71:2b:49:42:
                    87:7f:af:57:c6:09:e7:ed:96:d0:67:33:71:8f:b1:
                    6c:af:89:73:88:27:fd:f4:7b:94:7e:86:1f:15:90:
                    18:c0:75:c3:96:f8:fe:04:7f:f2:7e:17:d0:03:b1:
                    aa:a5:84:e9:d5:3d:1e:40:5d:24:af:d8:a5:a7:d1:
                    11:42:56:b6:dd:67:02:e0:dc:eb:2f:b4:e3:e3:a4:
                    4f:4a:e5:af:85:49:2d:4c:87:c9:e0:19:ac:9c:ef:
                    8c:f8:22:4b:11:62:74:7d:19:25:53:f1:4f:4c:80:
                    8d:e6:44:40:37:be:e6:64:02:5e:38:28:88:75:c0:
                    e3:d4:52:a8:3c:97:da:49:8f:ca:f2:8a:61:3c:7c:
                    93:b7:fa:35:46:ef:8f:3e:01:67:bd:69:31:bd:ba:
                    d9:77:01:57:a5:33:32:f0:b4:31:b8:e8:c3:93:6b:
                    ec:c2:78:3c:23:69:7b:e1:db:c5:95:36:02:5b:c2:
                    f7:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:98:C2:43:D2:78:7B:1E:C0:25:B0:4F:C7:7A:E6:54:0F:67:5A:1B
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/3pjCQ9J4ex7AJbBPx3rmVA9nWhs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.86.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         2f:9d:0a:09:b2:b3:8a:40:45:13:f6:69:25:55:52:23:cb:32:
         b8:ba:a1:42:c2:79:60:5c:24:2d:fa:dc:5c:bd:df:fb:dd:e3:
         80:8d:e1:26:27:a5:ad:6b:86:47:d6:4b:69:96:5d:fd:14:c4:
         0c:87:3b:b1:8d:da:72:f9:90:df:1b:57:52:eb:1b:43:d6:ea:
         07:77:40:07:9f:64:b1:2d:6e:38:7c:4b:07:e3:54:62:9f:4a:
         e7:73:a5:b1:1d:93:4b:d0:19:c1:d3:85:5b:40:c8:ac:34:56:
         22:2f:56:b7:b9:74:b5:39:d4:c3:41:f8:88:1a:b9:10:24:ac:
         cf:3e:41:c8:06:ed:0f:51:21:55:96:ac:a8:3c:78:1e:50:04:
         ad:24:d4:ec:6d:79:b7:7d:ec:6d:d8:fc:72:f2:27:15:b7:04:
         55:49:17:44:30:cb:da:b5:32:43:62:2c:bc:b8:6f:65:aa:95:
         61:02:fa:5e:76:29:84:c3:f3:0d:0b:b4:f5:f2:34:59:00:01:
         11:17:cd:fc:c6:6b:1b:02:d9:b0:b8:bc:3c:b1:06:4d:09:96:
         c4:32:34:41:37:b0:9a:27:38:50:1b:dd:4d:9a:2a:ad:3f:ee:
         c4:f4:3d:77:67:1f:f2:f6:82:dc:5e:33:0a:76:f7:69:9e:cf:
         3d:24:7b:3a
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERFOThDMjQzRDI3ODdC
MUVDMDI1QjA0RkM3N0FFNjU0MEY2NzVBMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXtQGDqys/NqwSEopSlWKQw1HlNE0OgkPjoUvkfK7mSv0+3QdA
EXZkJtuO+5NoCku1V4+T8mKLLLAANdUlk6bDvH9MTiB0cStJQod/r1fGCeftltBn
M3GPsWyviXOIJ/30e5R+hh8VkBjAdcOW+P4Ef/J+F9ADsaqlhOnVPR5AXSSv2KWn
0RFCVrbdZwLg3OsvtOPjpE9K5a+FSS1Mh8ngGayc74z4IksRYnR9GSVT8U9MgI3m
REA3vuZkAl44KIh1wOPUUqg8l9pJj8ryimE8fJO3+jVG748+AWe9aTG9utl3AVel
MzLwtDG46MOTa+zCeDwjaXvh28WVNgJbwvdXAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQU3pjCQ9J4ex7AJbBPx3rmVA9nWhswHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvM3BqQ1E5SjRleDdBSmJC
UHgzcm1WQTluV2hzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
AdtWMA0GCSqGSIb3DQEBCwUAA4IBAQAvnQoJsrOKQEUT9mklVVIjyzK4uqFCwnlg
XCQt+txcvd/73eOAjeEmJ6Wta4ZH1ktpll39FMQMhzuxjdpy+ZDfG1dS6xtD1uoH
d0AHn2SxLW44fEsH41Rin0rnc6WxHZNL0BnB04VbQMisNFYiL1a3uXS1OdTDQfiI
GrkQJKzPPkHIBu0PUSFVlqyoPHgeUAStJNTsbXm3fext2Pxy8icVtwRVSRdEMMva
tTJDYiy8uG9lqpVhAvpedimEw/MNC7T18jRZAAERF838xmsbAtmwuLw8sQZNCZbE
MjRBN7CaJzhQG91NmiqtP+7E9D13Zx/y9oLcXjMKdvdpns89JHs6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:42 2024 by rpki-client on console-fra.rpki-client.org