Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/9-JQ1NeJ8n1ffT4i4Zp8f-Vtmx4.roa
File:                     9-JQ1NeJ8n1ffT4i4Zp8f-Vtmx4.roa (raw, json)
Hash identifier:          1HZvA6CHtyPB+ZRMyQM66QAp6tbfwwSmYdRvw9FL7/o=
Subject key identifier:   F7:E2:50:D4:D7:89:F2:7D:5F:7D:3E:22:E1:9A:7C:7F:E5:6D:9B:1E
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/9-JQ1NeJ8n1ffT4i4Zp8f-Vtmx4.roa
Signing time:             Thu 15 Sep 2022 02:46:54 +0000
ROA not before:           Thu 15 Sep 2022 02:46:54 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        210.67.144.0/20 maxlen: 25

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:46:54 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=F7E250D4D789F27D5F7D3E22E19A7C7FE56D9B1E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:63:f7:df:fd:53:f8:77:16:d0:54:39:27:8b:
                    14:fd:fa:90:14:5a:a0:46:78:41:12:62:45:8c:3b:
                    2e:ea:01:12:91:2d:96:fc:4e:db:65:ed:c6:ce:9c:
                    83:62:60:48:94:4e:55:ab:e3:47:f1:61:c8:a5:aa:
                    2b:8f:58:fa:4a:15:b5:cf:d9:43:c0:d2:7e:06:a9:
                    f8:38:3d:b9:04:ad:da:bb:ca:6d:cb:a1:7f:d3:50:
                    df:b9:5e:67:0e:17:27:a7:30:f5:10:42:ba:81:3f:
                    88:99:3c:41:b9:23:eb:fc:aa:90:45:30:93:1e:22:
                    62:61:c6:91:ee:ad:d7:2f:37:bb:11:e6:7d:58:20:
                    27:9a:9e:92:8b:4c:f8:ce:5d:7a:8a:80:ad:bf:00:
                    ec:4f:58:8c:99:96:98:99:fd:fd:4e:2e:6f:07:3e:
                    3a:4a:ae:50:9d:47:c6:71:0a:b1:9d:a6:57:1a:4b:
                    c7:74:bd:1f:45:2d:c5:a3:20:66:19:08:3d:d8:dd:
                    7d:5e:51:63:99:df:fc:91:46:49:5a:81:4c:57:8f:
                    3e:4f:a8:33:48:86:dc:67:8f:71:10:16:90:2a:1e:
                    c7:56:6f:1b:fe:e7:4e:87:32:df:8c:9f:0a:84:59:
                    42:68:78:c5:2f:73:ca:0d:01:31:2f:1f:08:f3:4c:
                    4e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:E2:50:D4:D7:89:F2:7D:5F:7D:3E:22:E1:9A:7C:7F:E5:6D:9B:1E
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/9-JQ1NeJ8n1ffT4i4Zp8f-Vtmx4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.67.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         74:25:6a:2b:12:54:32:79:d5:f8:87:9c:48:92:b6:d6:08:92:
         a2:35:3c:3c:f8:a2:36:08:2b:44:c0:89:71:45:4c:10:6b:e2:
         86:6f:17:ba:3b:e8:af:10:26:0f:a5:6a:f2:46:3f:ec:f0:d1:
         b6:60:1f:35:1b:65:eb:72:e1:09:00:fa:b8:cc:6b:a4:8d:de:
         d9:08:d7:74:67:0e:87:75:24:ba:ae:a3:f6:7d:3e:96:92:e1:
         5d:50:60:57:ac:46:82:1f:58:c3:89:4e:7b:9e:16:e2:14:09:
         ea:b5:b5:16:69:3f:35:2b:c0:3a:f9:1e:c3:46:94:79:e3:52:
         b1:78:66:ed:ba:a6:7c:61:59:a4:4c:be:06:a7:13:89:4e:f6:
         45:91:a4:aa:0f:16:d5:1a:4e:a1:81:dc:18:8e:3d:f1:07:42:
         79:b0:86:bc:14:dc:7f:d6:3a:ba:73:5e:13:34:83:54:87:90:
         eb:41:e3:15:6b:e3:22:89:58:0e:f0:d4:7b:2a:5a:aa:c6:ad:
         4a:af:42:c1:c6:09:1e:a2:e1:1a:38:78:d4:75:1e:fc:0d:3c:
         ed:24:9d:b0:c5:64:19:a2:0e:f7:bc:47:e9:32:09:1b:b7:e1:
         74:97:dc:c5:20:1c:58:9a:44:19:db:9c:8f:c8:16:33:1a:f2:
         e9:e8:18:ca
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ2NTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY3RTI1MEQ0RDc4OUYy
N0Q1RjdEM0UyMkUxOUE3QzdGRTU2RDlCMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBY/ff/VP4dxbQVDknixT9+pAUWqBGeEESYkWMOy7qARKRLZb8
Tttl7cbOnINiYEiUTlWr40fxYcilqiuPWPpKFbXP2UPA0n4Gqfg4PbkErdq7ym3L
oX/TUN+5XmcOFyenMPUQQrqBP4iZPEG5I+v8qpBFMJMeImJhxpHurdcvN7sR5n1Y
ICeanpKLTPjOXXqKgK2/AOxPWIyZlpiZ/f1OLm8HPjpKrlCdR8ZxCrGdplcaS8d0
vR9FLcWjIGYZCD3Y3X1eUWOZ3/yRRklagUxXjz5PqDNIhtxnj3EQFpAqHsdWbxv+
506HMt+MnwqEWUJoeMUvc8oNATEvHwjzTE7xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9+JQ1NeJ8n1ffT4i4Zp8f+Vtmx4wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvOS1KUTFOZUo4bjFmZlQ0
aTRacDhmLVZ0bXg0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BNJDkDANBgkqhkiG9w0BAQsFAAOCAQEAdCVqKxJUMnnV+IecSJK21giSojU8PPii
NggrRMCJcUVMEGvihm8XujvorxAmD6Vq8kY/7PDRtmAfNRtl63LhCQD6uMxrpI3e
2QjXdGcOh3Ukuq6j9n0+lpLhXVBgV6xGgh9Yw4lOe54W4hQJ6rW1Fmk/NSvAOvke
w0aUeeNSsXhm7bqmfGFZpEy+BqcTiU72RZGkqg8W1RpOoYHcGI498QdCebCGvBTc
f9Y6unNeEzSDVIeQ60HjFWvjIolYDvDUeypaqsatSq9CwcYJHqLhGjh41HUe/A08
7SSdsMVkGaIO97xH6TIJG7fhdJfcxSAcWJpEGducj8gWMxry6egYyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org