Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/9JgYbuUfgCnk84eFZn3pDLyDLwY.roa
File:                     9JgYbuUfgCnk84eFZn3pDLyDLwY.roa (raw, json)
Hash identifier:          ruhDFhDLvlji/mnk7/yPfZTgYM/ZcGn57IVwRUBIwKI=
Subject key identifier:   F4:98:18:6E:E5:1F:80:29:E4:F3:87:85:66:7D:E9:0C:BC:83:2F:06
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       09BB
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/9JgYbuUfgCnk84eFZn3pDLyDLwY.roa
Signing time:             Wed 16 Dec 2020 03:43:53 +0000
ROA not before:           Wed 16 Dec 2020 03:43:53 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        210.17.112.0/20 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2491 (0x9bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Dec 16 03:43:53 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=F498186EE51F8029E4F38785667DE90CBC832F06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:0a:93:c8:22:92:96:f5:08:5c:1e:62:3a:dc:
                    78:77:fa:6c:51:c4:2b:a5:d2:bf:d8:9a:f0:36:d9:
                    c8:60:f2:a7:86:95:0e:af:5b:0a:f2:d7:37:45:e5:
                    df:41:bf:1d:d6:ee:79:fa:c9:60:c9:ba:0f:b4:4f:
                    be:86:97:0f:b9:a7:33:3c:e7:ae:6f:75:94:a1:80:
                    04:73:15:a8:8b:5e:f8:03:e3:56:99:ef:d6:79:bd:
                    02:b7:dc:7c:41:ec:5c:05:72:82:60:7c:83:1d:ee:
                    af:e5:e2:00:2c:58:45:fa:d6:44:72:e1:53:8d:c0:
                    68:d4:24:f1:ea:1a:ac:3c:7d:f3:c3:6f:80:ed:78:
                    a8:b3:92:f9:6f:6c:a9:c0:d6:1c:40:34:b7:db:1a:
                    8d:b8:3e:0f:f7:a1:5d:65:31:6a:cc:7d:0e:2e:17:
                    fa:da:59:cb:1c:d4:ad:e8:e2:6a:b1:fc:21:c1:e1:
                    dd:18:49:1c:86:0b:e2:ca:91:d2:1b:55:56:60:91:
                    0d:ca:76:3b:6f:f4:e1:3b:73:b0:29:73:8e:7b:1e:
                    f4:0b:fb:b0:45:d4:1e:47:8b:77:40:15:1e:9c:e5:
                    bc:1e:d2:ad:68:c5:b2:d8:92:a0:fd:2d:1d:d0:f6:
                    b0:84:19:36:ed:d5:c3:d0:8a:2b:36:54:30:ac:1f:
                    89:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:98:18:6E:E5:1F:80:29:E4:F3:87:85:66:7D:E9:0C:BC:83:2F:06
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/9JgYbuUfgCnk84eFZn3pDLyDLwY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1d:d4:29:1c:98:a6:40:e2:4e:2a:5e:35:48:ae:87:27:ed:04:
         6a:f3:d5:b9:93:5f:47:0f:0d:bd:ea:c4:51:d6:9e:43:aa:54:
         ac:69:b6:f0:de:c8:2c:76:61:7a:e0:53:fd:fe:d4:e5:2a:2f:
         19:ce:68:db:13:7b:2b:a7:c4:70:ed:c6:ab:a4:f9:36:b9:ed:
         82:c8:d1:cd:0f:39:fc:c1:ef:8d:51:a2:83:0c:c3:b2:22:ea:
         f6:f2:6b:43:e9:0f:75:32:10:e8:01:6d:60:0b:1e:fd:f4:45:
         24:c3:d8:9b:b0:29:21:bd:26:c3:f6:d5:0b:ed:3d:73:84:f1:
         53:c4:08:2a:0f:80:fa:22:28:36:b4:48:09:08:14:4f:e8:18:
         c7:16:4a:f1:aa:88:d7:c1:e7:23:9a:35:65:c1:91:cf:40:10:
         38:b2:86:88:db:0b:af:29:49:87:76:01:97:cb:d4:94:c3:83:
         e2:35:a0:51:e6:69:c7:19:83:f8:35:69:9a:b5:04:d1:5b:36:
         9a:92:11:6d:f0:b1:2e:d7:2b:65:45:30:8f:3c:38:cc:52:4a:
         cb:97:c8:4b:ea:05:ac:d0:32:a3:30:85:2c:79:ef:f9:01:27:
         33:bf:13:7e:43:0c:41:75:8a:63:d3:1d:0a:bf:31:50:ee:1a:
         17:a2:59:c3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCbswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTYw
MzQzNTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY0OTgxODZFRTUxRjgw
MjlFNEYzODc4NTY2N0RFOTBDQkM4MzJGMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXCpPIIpKW9QhcHmI63Hh3+mxRxCul0r/YmvA22chg8qeGlQ6v
Wwry1zdF5d9Bvx3W7nn6yWDJug+0T76Glw+5pzM8565vdZShgARzFaiLXvgD41aZ
79Z5vQK33HxB7FwFcoJgfIMd7q/l4gAsWEX61kRy4VONwGjUJPHqGqw8ffPDb4Dt
eKizkvlvbKnA1hxANLfbGo24Pg/3oV1lMWrMfQ4uF/raWcsc1K3o4mqx/CHB4d0Y
SRyGC+LKkdIbVVZgkQ3Kdjtv9OE7c7Apc457HvQL+7BF1B5Hi3dAFR6c5bwe0q1o
xbLYkqD9LR3Q9rCEGTbt1cPQiis2VDCsH4kdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9JgYbuUfgCnk84eFZn3pDLyDLwYwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvOUpnWWJ1VWZnQ25rODRl
RlpuM3BETHlETHdZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BNIRcDANBgkqhkiG9w0BAQsFAAOCAQEAHdQpHJimQOJOKl41SK6HJ+0EavPVuZNf
Rw8NverEUdaeQ6pUrGm28N7ILHZheuBT/f7U5SovGc5o2xN7K6fEcO3Gq6T5Nrnt
gsjRzQ85/MHvjVGigwzDsiLq9vJrQ+kPdTIQ6AFtYAse/fRFJMPYm7ApIb0mw/bV
C+09c4TxU8QIKg+A+iIoNrRICQgUT+gYxxZK8aqI18HnI5o1ZcGRz0AQOLKGiNsL
rylJh3YBl8vUlMOD4jWgUeZpxxmD+DVpmrUE0Vs2mpIRbfCxLtcrZUUwjzw4zFJK
y5fIS+oFrNAyozCFLHnv+QEnM78TfkMMQXWKY9MdCr8xUO4aF6JZww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org