Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/BkV4PcWFUfbihvzEEVanNWWayPg.roa
File:                     BkV4PcWFUfbihvzEEVanNWWayPg.roa (raw, json)
Hash identifier:          N3mO1YLpSFU/RJA742l0meqDv1+R8QcRfRFuffzfAeE=
Subject key identifier:   06:45:78:3D:C5:85:51:F6:E2:86:FC:C4:11:56:A7:35:65:9A:C8:F8
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0AA4
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/BkV4PcWFUfbihvzEEVanNWWayPg.roa
Signing time:             Sun 07 Feb 2021 11:36:50 +0000
ROA not before:           Sun 07 Feb 2021 11:36:50 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        210.208.96.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2724 (0xaa4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Feb  7 11:36:50 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=0645783DC58551F6E286FCC41156A735659AC8F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:69:64:53:d0:e5:27:51:7b:4e:f7:89:77:fc:
                    c4:ae:d2:78:c6:22:1d:66:b9:02:8f:d4:02:4a:c9:
                    3d:87:d6:33:bc:33:a4:cf:4e:09:92:2d:49:b4:5c:
                    70:3e:38:7a:a6:e3:33:28:29:b6:20:64:e6:3a:a7:
                    80:0c:86:8e:62:a9:02:35:30:b3:24:f6:37:fc:1a:
                    ea:d2:b2:9b:21:46:0a:57:14:d7:45:d9:af:fa:70:
                    52:6c:5f:71:73:64:67:4c:14:d6:30:7b:64:8d:df:
                    46:78:b4:ea:5c:2f:cf:a3:e7:2f:13:60:8d:87:68:
                    84:7d:a8:7b:07:c6:b6:3e:5c:71:74:22:79:11:67:
                    b7:ea:47:f5:16:3b:03:28:18:3f:9a:64:8e:29:c9:
                    c2:9c:a9:f0:13:72:57:a3:b7:53:52:6a:35:ad:8e:
                    a7:50:f9:af:7c:96:ad:09:a0:cf:7b:94:d0:94:a1:
                    42:c6:ef:bf:30:32:6b:35:51:9a:f9:27:16:cf:1b:
                    8e:de:00:98:72:62:dd:20:bc:9f:38:ca:8b:ad:b9:
                    62:2b:80:93:45:03:1b:1b:75:90:02:17:30:c0:bd:
                    97:28:31:99:87:5e:42:45:6e:ed:43:24:41:3b:88:
                    ed:c1:7d:7a:96:a0:22:47:89:af:28:39:ed:82:af:
                    4e:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:45:78:3D:C5:85:51:F6:E2:86:FC:C4:11:56:A7:35:65:9A:C8:F8
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/BkV4PcWFUfbihvzEEVanNWWayPg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.208.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         35:a2:65:e6:1d:43:07:b0:2a:28:b7:43:51:5c:17:57:16:65:
         2c:31:56:9f:0d:1c:fd:ca:cb:28:21:1d:51:17:b4:75:ea:49:
         c7:0c:a9:18:2b:0b:d9:ae:50:7e:cc:94:3b:88:dc:17:2b:7d:
         30:8b:71:d1:31:4e:95:b9:2b:fb:6b:10:ed:fd:f1:c5:cd:08:
         a4:38:f2:5b:0f:f0:54:bc:90:8e:98:51:af:0d:1a:99:e7:00:
         54:e1:10:47:b3:d7:37:fe:2b:e6:d5:f6:e6:55:9e:2b:f7:06:
         e0:b6:59:cd:1b:3f:62:e8:1a:5b:e2:61:28:1a:a4:4e:99:96:
         0b:29:ef:c4:53:af:b1:c1:09:60:df:ec:1d:d6:eb:12:67:6c:
         ad:3f:39:f8:40:6f:7b:7c:f5:3e:ad:82:e5:dd:12:11:73:8f:
         86:b8:97:59:cb:d1:ee:42:29:7c:02:3e:1a:41:8e:87:b4:01:
         08:d8:70:1b:6f:52:7c:1b:fa:19:42:af:dd:06:4f:a5:3c:d1:
         f8:1a:bd:1f:3a:7c:51:ba:5b:63:5d:e0:49:76:68:13:1a:e1:
         52:9e:61:ae:cc:db:3e:41:f6:00:d1:08:8a:2d:b7:9e:18:6c:
         98:98:da:14:f7:18:52:cc:c6:9a:df:af:39:aa:68:de:1c:49:
         60:a6:6d:35
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCqQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MTM2NTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA2NDU3ODNEQzU4NTUx
RjZFMjg2RkNDNDExNTZBNzM1NjU5QUM4RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtaWRT0OUnUXtO94l3/MSu0njGIh1muQKP1AJKyT2H1jO8M6TP
TgmSLUm0XHA+OHqm4zMoKbYgZOY6p4AMho5iqQI1MLMk9jf8GurSspshRgpXFNdF
2a/6cFJsX3FzZGdMFNYwe2SN30Z4tOpcL8+j5y8TYI2HaIR9qHsHxrY+XHF0InkR
Z7fqR/UWOwMoGD+aZI4pycKcqfATclejt1NSajWtjqdQ+a98lq0JoM97lNCUoULG
778wMms1UZr5JxbPG47eAJhyYt0gvJ84youtuWIrgJNFAxsbdZACFzDAvZcoMZmH
XkJFbu1DJEE7iO3BfXqWoCJHia8oOe2Cr04fAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBkV4PcWFUfbihvzEEVanNWWayPgwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvQmtWNFBjV0ZVZmJpaHZ6
RUVWYW5OV1dheVBnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BdLQYDANBgkqhkiG9w0BAQsFAAOCAQEANaJl5h1DB7AqKLdDUVwXVxZlLDFWnw0c
/crLKCEdURe0depJxwypGCsL2a5QfsyUO4jcFyt9MItx0TFOlbkr+2sQ7f3xxc0I
pDjyWw/wVLyQjphRrw0amecAVOEQR7PXN/4r5tX25lWeK/cG4LZZzRs/YugaW+Jh
KBqkTpmWCynvxFOvscEJYN/sHdbrEmdsrT85+EBve3z1Pq2C5d0SEXOPhriXWcvR
7kIpfAI+GkGOh7QBCNhwG29SfBv6GUKv3QZPpTzR+Bq9Hzp8UbpbY13gSXZoExrh
Up5hrszbPkH2ANEIii23nhhsmJjaFPcYUszGmt+vOapo3hxJYKZtNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org