Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/6XP_aGjRViSxj0sZltA-w1V9TWs.roa
File:                     6XP_aGjRViSxj0sZltA-w1V9TWs.roa (raw, json)
Hash identifier:          2lemgAg8PvbzJ/fYfTZQSWOvIE7d3ApAaFE9YJbNvjI=
Subject key identifier:   E9:73:FF:68:68:D1:56:24:B1:8F:4B:19:96:D0:3E:C3:55:7D:4D:6B
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0957
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/6XP_aGjRViSxj0sZltA-w1V9TWs.roa
Signing time:             Fri 11 Dec 2020 04:09:08 +0000
ROA not before:           Fri 11 Dec 2020 04:09:08 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        124.108.128.0/18 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2391 (0x957)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Dec 11 04:09:08 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E973FF6868D15624B18F4B1996D03EC3557D4D6B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:2e:93:45:bd:87:f9:79:e8:96:88:fb:ee:6c:
                    a8:69:32:cc:f4:82:40:ec:0f:9a:f4:8c:87:82:f8:
                    30:5a:9e:fe:21:3a:a4:62:ac:e6:61:05:7a:a7:62:
                    a6:c5:9a:3b:45:cd:19:e0:b3:3b:a6:7e:17:d5:68:
                    7e:f0:a5:b1:0d:5b:d0:95:10:57:0e:8b:d2:1a:a8:
                    07:17:d2:65:95:9b:3e:49:e6:46:c2:3a:da:f4:3e:
                    c3:ec:b8:19:ac:80:2d:cf:ce:81:07:e1:3c:09:5e:
                    8e:54:72:7b:dd:82:b7:3d:f1:c4:12:35:d9:fa:86:
                    9b:83:ba:c0:e1:2e:6b:ac:08:b5:5c:56:5d:bd:ff:
                    35:1f:bf:45:ec:9a:4c:f6:45:fd:8e:dc:d5:11:a7:
                    e1:e1:21:46:ff:c2:4c:a1:15:ab:0f:f6:98:26:b1:
                    15:db:f6:2e:d4:36:19:4e:2f:b2:ac:27:19:05:93:
                    f5:3e:e4:60:00:14:98:1a:2f:15:42:9b:e9:4b:63:
                    23:45:ac:cc:cd:6f:21:10:28:89:2a:eb:62:5b:5d:
                    f2:f3:bd:da:f3:92:65:0a:51:87:41:93:0d:38:9e:
                    b3:b9:af:8a:33:d7:f0:e6:a9:8f:09:0e:e6:54:28:
                    60:8b:b7:7f:f6:5f:d6:e4:64:09:ba:dd:fe:c6:bb:
                    5a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:73:FF:68:68:D1:56:24:B1:8F:4B:19:96:D0:3E:C3:55:7D:4D:6B
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/6XP_aGjRViSxj0sZltA-w1V9TWs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.108.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         52:68:81:52:7c:21:14:3c:6a:9b:50:b4:4b:1a:99:83:21:90:
         89:df:16:4b:0b:9e:2d:a7:5c:47:96:47:a6:c2:de:97:a3:2e:
         f4:17:8d:42:b7:2c:ca:f9:04:d6:45:0c:3a:10:87:45:9e:c0:
         08:4e:7a:a0:13:cd:87:7a:80:76:2e:36:0d:a4:58:40:c9:87:
         62:89:a7:66:17:af:09:01:e5:9e:9d:ee:f5:91:76:ab:d4:f0:
         b1:93:5a:4e:4c:aa:41:1c:64:1b:aa:20:f3:8f:1c:7f:0e:2c:
         8f:37:93:e0:1b:ce:7a:bf:d8:fc:23:aa:36:78:c8:df:18:d0:
         11:b0:3f:05:2e:d8:a6:4b:66:ea:2c:bd:0e:60:ef:69:8e:a8:
         9f:84:fb:5c:f4:95:79:9f:24:23:89:73:a5:a2:dc:c0:d9:aa:
         05:0f:32:f6:25:f1:52:01:5e:71:5a:fc:6f:00:53:8d:22:cd:
         79:5d:36:c3:85:a4:01:19:f0:ae:cf:e7:ff:7b:54:4b:dc:9c:
         1e:f8:21:41:1a:6c:ba:64:30:c7:cf:ba:0e:7b:f3:d0:8b:1c:
         76:5c:8f:89:aa:e5:27:34:c1:37:d2:29:39:c7:66:1b:bd:58:
         c9:05:1f:5b:19:a3:fa:e6:b7:63:50:b7:da:27:36:7e:3e:b3:
         6f:e2:b7:c9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTEw
NDA5MDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEU5NzNGRjY4NjhEMTU2
MjRCMThGNEIxOTk2RDAzRUMzNTU3RDRENkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcLpNFvYf5eeiWiPvubKhpMsz0gkDsD5r0jIeC+DBanv4hOqRi
rOZhBXqnYqbFmjtFzRngszumfhfVaH7wpbENW9CVEFcOi9IaqAcX0mWVmz5J5kbC
Otr0PsPsuBmsgC3PzoEH4TwJXo5Ucnvdgrc98cQSNdn6hpuDusDhLmusCLVcVl29
/zUfv0Xsmkz2Rf2O3NURp+HhIUb/wkyhFasP9pgmsRXb9i7UNhlOL7KsJxkFk/U+
5GAAFJgaLxVCm+lLYyNFrMzNbyEQKIkq62JbXfLzvdrzkmUKUYdBkw04nrO5r4oz
1/DmqY8JDuZUKGCLt3/2X9bkZAm63f7Gu1rlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6XP/aGjRViSxj0sZltA+w1V9TWswHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvNlhQX2FHalJWaVN4ajBz
Wmx0QS13MVY5VFdzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BnxsgDANBgkqhkiG9w0BAQsFAAOCAQEAUmiBUnwhFDxqm1C0SxqZgyGQid8WSwue
LadcR5ZHpsLel6Mu9BeNQrcsyvkE1kUMOhCHRZ7ACE56oBPNh3qAdi42DaRYQMmH
YomnZhevCQHlnp3u9ZF2q9TwsZNaTkyqQRxkG6og848cfw4sjzeT4BvOer/Y/COq
NnjI3xjQEbA/BS7Ypktm6iy9DmDvaY6on4T7XPSVeZ8kI4lzpaLcwNmqBQ8y9iXx
UgFecVr8bwBTjSLNeV02w4WkARnwrs/n/3tUS9ycHvghQRpsumQwx8+6Dnvz0Isc
dlyPiarlJzTBN9IpOcdmG71YyQUfWxmj+ua3Y1C32ic2fj6zb+K3yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org