Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/C4HRnOCQu2p9G0vBnOo1liSLSME.roa
File:                     C4HRnOCQu2p9G0vBnOo1liSLSME.roa (raw, json)
Hash identifier:          TY8fYuBk1e2jFIOkAj+4ohywAS4wIIzRsy9OB+8p1Ds=
Subject key identifier:   0B:81:D1:9C:E0:90:BB:6A:7D:1B:4B:C1:9C:EA:35:96:24:8B:48:C1
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0A6C
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/C4HRnOCQu2p9G0vBnOo1liSLSME.roa
Signing time:             Sun 07 Feb 2021 11:36:13 +0000
ROA not before:           Sun 07 Feb 2021 11:36:13 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        61.31.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2668 (0xa6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Feb  7 11:36:13 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=0B81D19CE090BB6A7D1B4BC19CEA3596248B48C1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a4:85:ce:e0:af:a7:89:51:01:9e:be:68:e0:
                    3b:b9:8f:d5:28:a1:04:ed:9d:04:a1:b4:79:b8:6e:
                    11:e5:85:89:4d:86:17:6a:0d:c8:1e:14:79:d9:11:
                    3a:83:c7:7e:b9:a7:b0:b0:08:f9:aa:f1:78:31:aa:
                    b2:f6:84:3e:5b:c3:50:2e:8f:02:9a:1f:cf:c0:2b:
                    bc:d6:fa:d7:e6:7a:42:39:ad:67:fa:7b:b7:e2:d4:
                    cd:54:cd:cc:44:1c:3a:76:5f:c4:f1:8a:d6:b1:0d:
                    66:ae:f9:37:77:f8:17:40:f7:00:cf:9d:71:ce:88:
                    6c:8e:91:96:17:df:b9:92:46:05:5f:bc:66:c0:75:
                    f8:be:b7:ad:bd:f4:e3:94:57:98:a4:2e:5d:83:3d:
                    94:09:65:bd:f5:3f:b9:53:4e:c1:5c:30:83:36:a2:
                    6b:53:13:5f:a1:e6:64:21:11:65:90:46:79:89:9e:
                    a9:44:59:a7:13:c9:ac:36:29:56:1e:2d:2b:08:21:
                    a2:13:4c:47:e9:c5:ee:4e:c1:8b:bf:f6:75:17:31:
                    3c:57:8b:5e:b3:de:8a:c3:e7:87:68:fe:ba:a9:fc:
                    38:a2:db:67:c1:fb:e6:ce:00:4c:17:6c:bb:34:e5:
                    ad:8f:c3:01:5e:24:ff:67:c3:31:ab:9b:de:fb:ae:
                    7a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:81:D1:9C:E0:90:BB:6A:7D:1B:4B:C1:9C:EA:35:96:24:8B:48:C1
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/C4HRnOCQu2p9G0vBnOo1liSLSME.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.31.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         17:22:67:4e:6e:33:b2:76:a6:77:b0:89:86:ad:e7:5b:f5:cd:
         8b:70:f6:4e:ad:b5:b1:a1:83:e2:02:54:02:8c:41:18:2a:65:
         fa:68:77:67:e5:b6:3d:ce:eb:f4:8a:d0:6e:25:5d:00:71:53:
         69:4d:4c:8a:b0:79:b8:12:27:d5:70:3a:d2:45:1b:17:73:40:
         c1:6c:d0:80:16:da:91:d7:ea:ca:fb:5b:a4:c2:6e:68:cf:c7:
         3e:36:1f:ba:5d:b5:e4:61:96:b1:c1:a9:d8:bf:57:e0:db:6b:
         15:a7:4d:8a:8a:8a:30:51:48:a7:10:b5:aa:3d:ab:ee:03:ec:
         d6:15:58:52:43:88:fc:11:2f:67:96:0d:14:fc:71:f5:45:f6:
         a0:7b:b2:7d:58:d4:20:92:d3:e3:9d:fc:11:c1:fd:f3:13:1c:
         2f:e9:8e:5f:31:6b:aa:0d:50:fa:c4:4d:7e:3d:55:9b:e7:c4:
         4c:e5:89:11:77:4f:28:a7:95:b2:c9:28:f3:8c:ff:c1:f4:8f:
         15:da:d8:da:71:a7:5e:e4:cc:0e:88:f6:83:61:cc:da:38:31:
         e6:02:d9:1a:63:97:2c:3a:05:4a:99:69:95:03:b5:9a:fe:47:
         62:d5:be:39:70:e6:ac:fa:b1:bf:be:ba:62:c4:8d:5f:ac:56:
         fb:89:72:75
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICCmwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MTM2MTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBCODFEMTlDRTA5MEJC
NkE3RDFCNEJDMTlDRUEzNTk2MjQ4QjQ4QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/pIXO4K+niVEBnr5o4Du5j9UooQTtnQShtHm4bhHlhYlNhhdq
DcgeFHnZETqDx365p7CwCPmq8XgxqrL2hD5bw1AujwKaH8/AK7zW+tfmekI5rWf6
e7fi1M1UzcxEHDp2X8TxitaxDWau+Td3+BdA9wDPnXHOiGyOkZYX37mSRgVfvGbA
dfi+t6299OOUV5ikLl2DPZQJZb31P7lTTsFcMIM2omtTE1+h5mQhEWWQRnmJnqlE
WacTyaw2KVYeLSsIIaITTEfpxe5OwYu/9nUXMTxXi16z3orD54do/rqp/Dii22fB
++bOAEwXbLs05a2PwwFeJP9nwzGrm977rnpHAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUC4HRnOCQu2p9G0vBnOo1liSLSMEwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvQzRIUm5PQ1F1MnA5RzB2
Qm5PbzFsaVNMU01FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
AD0fMA0GCSqGSIb3DQEBCwUAA4IBAQAXImdObjOydqZ3sImGredb9c2LcPZOrbWx
oYPiAlQCjEEYKmX6aHdn5bY9zuv0itBuJV0AcVNpTUyKsHm4EifVcDrSRRsXc0DB
bNCAFtqR1+rK+1ukwm5oz8c+Nh+6XbXkYZaxwanYv1fg22sVp02KioowUUinELWq
PavuA+zWFVhSQ4j8ES9nlg0U/HH1Rfage7J9WNQgktPjnfwRwf3zExwv6Y5fMWuq
DVD6xE1+PVWb58RM5YkRd08op5WyySjzjP/B9I8V2tjacade5MwOiPaDYczaODHm
AtkaY5csOgVKmWmVA7Wa/kdi1b45cOas+rG/vrpixI1frFb7iXJ1
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:17 2024 by rpki-client on console-ams.rpki-client.org