Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/5njzXk57jxgz7EpN_1yVhdTZjGg.roa
File:                     5njzXk57jxgz7EpN_1yVhdTZjGg.roa (raw, json)
Hash identifier:          akohOGAOYMreWAFQF06ryBIAYSKMeIxNSOjtl+j1pcM=
Subject key identifier:   E6:78:F3:5E:4E:7B:8F:18:33:EC:4A:4D:FF:5C:95:85:D4:D9:8C:68
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0952
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/5njzXk57jxgz7EpN_1yVhdTZjGg.roa
Signing time:             Thu 10 Dec 2020 11:26:14 +0000
ROA not before:           Thu 10 Dec 2020 11:26:14 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        210.17.19.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2386 (0x952)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Dec 10 11:26:14 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E678F35E4E7B8F1833EC4A4DFF5C9585D4D98C68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fe:ba:36:d6:6a:df:b1:ad:14:b3:69:0a:36:
                    c5:ff:5a:e7:87:01:30:48:12:45:0c:a3:28:8c:a5:
                    a2:bc:d5:75:92:a6:7d:6a:78:63:35:6c:c8:56:e2:
                    3e:4a:75:91:e2:09:5b:73:8d:9d:64:a2:d6:1e:53:
                    f1:b0:b3:6c:4f:f1:55:51:71:58:24:3f:47:96:b7:
                    df:69:f4:51:9f:36:44:a4:b8:18:a7:0d:fd:16:ce:
                    7d:64:92:08:f0:b8:2f:8d:88:66:1f:68:7b:ad:bf:
                    ea:c0:41:20:9c:a1:21:6a:49:ea:95:70:8a:6c:0a:
                    50:b0:70:0a:84:4e:07:e8:4f:bb:ce:c8:be:d9:a2:
                    84:41:0e:4d:be:da:0e:f1:4e:74:98:5c:d5:96:c3:
                    46:6f:40:10:aa:3f:f7:d9:37:a1:0d:d1:a2:7c:bd:
                    a7:ab:69:ce:ae:3b:f0:18:98:a7:d1:1b:60:74:dd:
                    c6:aa:61:ec:9b:ae:11:9b:38:54:09:bc:ef:b3:4b:
                    de:cc:93:8b:e8:ac:78:c2:e2:f8:d7:ad:36:f3:cc:
                    59:e2:8c:86:0f:02:da:07:a4:ff:b0:2b:8c:6f:b4:
                    01:49:0d:f6:08:da:4f:90:45:09:29:92:91:b2:d4:
                    5b:cd:da:e8:a6:01:70:28:53:e5:9b:bf:93:a1:73:
                    db:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:78:F3:5E:4E:7B:8F:18:33:EC:4A:4D:FF:5C:95:85:D4:D9:8C:68
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/5njzXk57jxgz7EpN_1yVhdTZjGg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:63:72:16:7a:98:36:21:d7:ae:af:39:fb:dc:47:5d:36:a3:
         d4:a6:ad:7c:cf:1c:1a:6a:a1:d9:c1:d6:8d:e7:3d:c2:ee:ea:
         90:e6:46:21:ad:87:91:d2:fd:fa:3e:6f:2f:cb:6c:7f:a7:fe:
         d2:a4:98:42:29:5e:17:97:84:43:ab:e2:80:f5:61:dc:b7:b7:
         a4:90:21:37:ec:67:64:5a:51:7c:18:82:9d:5d:08:a6:1d:30:
         61:3b:b4:cb:c6:d6:c1:d2:95:e2:ec:d3:4a:23:48:82:ea:c2:
         d3:cb:c5:3d:71:41:82:94:a8:d5:57:2d:fe:49:89:e9:7e:bd:
         da:58:2c:57:b0:8f:83:29:c3:0a:26:e6:7b:1f:4e:15:c3:ad:
         58:fb:36:36:39:80:77:c9:fe:79:d5:5a:d2:bb:39:77:b9:ef:
         99:20:4c:dc:df:c1:84:3c:0c:01:b2:1a:06:3b:f1:24:72:c3:
         06:ad:ea:73:59:b1:33:31:52:24:33:e3:ca:2d:b9:f5:6c:05:
         21:6e:32:c4:81:76:52:8e:5f:fa:bf:c5:3e:a5:d7:f8:b9:84:
         ab:98:cc:b5:53:e6:80:f5:90:9f:88:19:b4:e3:e2:30:17:6a:
         59:cf:d8:72:36:68:bb:62:d6:84:a5:87:29:0c:8f:20:eb:20:
         65:ea:2f:53
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTAx
MTI2MTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEU2NzhGMzVFNEU3QjhG
MTgzM0VDNEE0REZGNUM5NTg1RDREOThDNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy/ro21mrfsa0Us2kKNsX/WueHATBIEkUMoyiMpaK81XWSpn1q
eGM1bMhW4j5KdZHiCVtzjZ1kotYeU/Gws2xP8VVRcVgkP0eWt99p9FGfNkSkuBin
Df0Wzn1kkgjwuC+NiGYfaHutv+rAQSCcoSFqSeqVcIpsClCwcAqETgfoT7vOyL7Z
ooRBDk2+2g7xTnSYXNWWw0ZvQBCqP/fZN6EN0aJ8vaerac6uO/AYmKfRG2B03caq
YeybrhGbOFQJvO+zS97Mk4vorHjC4vjXrTbzzFnijIYPAtoHpP+wK4xvtAFJDfYI
2k+QRQkpkpGy1FvN2uimAXAoU+Wbv5Ohc9tHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5njzXk57jxgz7EpN/1yVhdTZjGgwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvNW5qelhrNTdqeGd6N0Vw
Tl8xeVZoZFRaakdnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIREzANBgkqhkiG9w0BAQsFAAOCAQEADWNyFnqYNiHXrq85+9xHXTaj1KatfM8c
Gmqh2cHWjec9wu7qkOZGIa2HkdL9+j5vL8tsf6f+0qSYQileF5eEQ6vigPVh3Le3
pJAhN+xnZFpRfBiCnV0Iph0wYTu0y8bWwdKV4uzTSiNIgurC08vFPXFBgpSo1Vct
/kmJ6X692lgsV7CPgynDCibmex9OFcOtWPs2NjmAd8n+edVa0rs5d7nvmSBM3N/B
hDwMAbIaBjvxJHLDBq3qc1mxMzFSJDPjyi259WwFIW4yxIF2Uo5f+r/FPqXX+LmE
q5jMtVPmgPWQn4gZtOPiMBdqWc/YcjZou2LWhKWHKQyPIOsgZeovUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org