Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/4ssj0U9jhpvAvBDVF0ijQxVV72k.roa
File:                     4ssj0U9jhpvAvBDVF0ijQxVV72k.roa (raw, json)
Hash identifier:          Cle0XuaDF+ey4ZYG8NtqFhRmjsPwCIPo8ivvHps/h7w=
Subject key identifier:   E2:CB:23:D1:4F:63:86:9B:C0:BC:10:D5:17:48:A3:43:15:55:EF:69
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0974
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/4ssj0U9jhpvAvBDVF0ijQxVV72k.roa
Signing time:             Wed 16 Dec 2020 02:09:10 +0000
ROA not before:           Wed 16 Dec 2020 02:09:10 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        60.199.134.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2420 (0x974)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Dec 16 02:09:10 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E2CB23D14F63869BC0BC10D51748A3431555EF69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:ff:02:ef:6c:12:84:a8:28:3d:9a:d0:2b:9e:
                    35:44:44:d0:f9:db:73:f0:f6:6f:58:4b:7d:e4:2e:
                    16:8f:8b:13:2a:29:41:56:90:0f:8b:72:05:24:ab:
                    3f:8a:9e:d4:62:06:af:2b:94:76:7a:fa:89:a9:e2:
                    a5:44:a9:97:3e:fd:68:54:a0:47:79:7a:7e:e5:1c:
                    a1:63:c0:b5:bc:42:7f:a0:98:93:63:0d:4f:15:25:
                    0a:9d:c4:90:1e:a2:46:e0:e3:6b:89:ee:26:b2:3b:
                    0f:5c:36:1b:6e:50:0a:b7:af:21:93:8e:d5:9b:bb:
                    45:2b:38:58:d9:07:fa:ae:e7:68:df:6a:60:f9:3e:
                    e1:ed:83:b7:26:74:d4:ce:8d:ee:53:0e:b2:da:6e:
                    33:29:00:a6:5d:53:78:c2:44:c3:97:62:05:a0:ec:
                    dd:89:03:5e:2c:ea:dd:99:59:34:a3:ec:cc:7a:5b:
                    7d:07:6e:93:24:18:50:21:b1:0a:66:87:a4:99:dd:
                    76:41:b7:f0:6b:e9:0c:98:b9:78:4f:84:a3:29:73:
                    e9:45:e2:12:c9:97:63:b2:6f:27:43:56:85:52:ac:
                    47:64:7c:05:27:87:72:44:ee:4f:4f:28:7f:bd:60:
                    b3:9f:28:9f:9e:ac:bf:9b:07:8e:34:e7:2d:bf:04:
                    73:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:CB:23:D1:4F:63:86:9B:C0:BC:10:D5:17:48:A3:43:15:55:EF:69
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/4ssj0U9jhpvAvBDVF0ijQxVV72k.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.199.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:1d:34:69:95:35:b4:c7:b5:ed:a9:fd:16:05:63:87:27:0c:
         86:b9:0e:31:99:a1:92:79:ff:fb:58:da:cd:5b:d1:f7:ef:c7:
         66:54:50:65:54:0c:27:55:ec:7f:fe:ad:e7:f2:0e:79:fe:fd:
         18:30:b7:b5:b7:c0:53:ce:cd:b9:aa:84:64:f6:b8:81:15:e2:
         90:02:bb:eb:1d:06:98:f4:0e:0a:0b:43:3e:67:08:fd:5a:2b:
         47:ca:17:1b:d1:df:c8:00:7a:3e:eb:af:cc:0b:7f:4f:2a:e9:
         d1:af:bc:39:27:6b:83:34:d9:fc:c8:4e:97:d4:a9:21:16:a8:
         ae:01:71:02:00:2e:a1:9f:14:57:48:46:1f:77:a7:0d:ba:45:
         0a:63:fd:14:60:83:f3:b2:b4:68:cb:72:44:31:d0:ed:77:bd:
         d5:e1:10:13:8f:47:8a:f0:91:c0:72:ac:7d:b7:8c:59:3a:90:
         06:32:aa:34:27:df:03:10:a4:be:f7:5a:fa:2b:11:b6:ce:62:
         84:aa:40:27:16:77:7a:61:0f:69:77:e2:ad:71:8e:9b:91:4b:
         71:6a:e6:49:3a:b3:5a:b7:7b:53:e1:5a:4f:5a:e7:1c:ce:9e:
         0b:38:88:ed:3d:d2:5a:d3:c4:79:18:8f:df:cb:2d:67:ba:83:
         7b:2c:08:22
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTYw
MjA5MTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEUyQ0IyM0QxNEY2Mzg2
OUJDMEJDMTBENTE3NDhBMzQzMTU1NUVGNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDo/wLvbBKEqCg9mtArnjVERND523Pw9m9YS33kLhaPixMqKUFW
kA+LcgUkqz+KntRiBq8rlHZ6+omp4qVEqZc+/WhUoEd5en7lHKFjwLW8Qn+gmJNj
DU8VJQqdxJAeokbg42uJ7iayOw9cNhtuUAq3ryGTjtWbu0UrOFjZB/qu52jfamD5
PuHtg7cmdNTOje5TDrLabjMpAKZdU3jCRMOXYgWg7N2JA14s6t2ZWTSj7Mx6W30H
bpMkGFAhsQpmh6SZ3XZBt/Br6QyYuXhPhKMpc+lF4hLJl2OybydDVoVSrEdkfAUn
h3JE7k9PKH+9YLOfKJ+erL+bB4405y2/BHOVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4ssj0U9jhpvAvBDVF0ijQxVV72kwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvNHNzajBVOWpocHZBdkJE
VkYwaWpReFZWNzJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzHhjANBgkqhkiG9w0BAQsFAAOCAQEAKx00aZU1tMe17an9FgVjhycMhrkOMZmh
knn/+1jazVvR9+/HZlRQZVQMJ1Xsf/6t5/IOef79GDC3tbfAU87NuaqEZPa4gRXi
kAK76x0GmPQOCgtDPmcI/VorR8oXG9HfyAB6PuuvzAt/Tyrp0a+8OSdrgzTZ/MhO
l9SpIRaorgFxAgAuoZ8UV0hGH3enDbpFCmP9FGCD87K0aMtyRDHQ7Xe91eEQE49H
ivCRwHKsfbeMWTqQBjKqNCffAxCkvvda+isRts5ihKpAJxZ3emEPaXfirXGOm5FL
cWrmSTqzWrd7U+FaT1rnHM6eCziI7T3SWtPEeRiP38stZ7qDeywIIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org