Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/DZuul82MPldWlA490q1ri6TT_j8.roa
File:                     DZuul82MPldWlA490q1ri6TT_j8.roa (raw, json)
Hash identifier:          vCaWo/QiWQFGgUMPGsw70p0nKfiW8pqBCm5g7nZcq6c=
Subject key identifier:   0D:9B:AE:97:CD:8C:3E:57:56:94:0E:3D:D2:AD:6B:8B:A4:D3:FE:3F
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0813
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/DZuul82MPldWlA490q1ri6TT_j8.roa
Signing time:             Tue 29 Sep 2020 09:57:44 +0000
ROA not before:           Tue 29 Sep 2020 09:57:44 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        103.224.132.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2067 (0x813)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 09:57:44 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=0D9BAE97CD8C3E5756940E3DD2AD6B8BA4D3FE3F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b2:7f:30:89:3b:32:39:8e:5e:a5:2c:53:08:
                    7a:af:26:a7:ac:af:ae:bb:fa:bb:df:29:21:32:67:
                    af:13:d0:46:ad:5b:6a:0b:b0:69:6c:47:bb:97:be:
                    74:bb:34:1a:2f:42:06:6d:1d:6c:00:c5:97:77:ea:
                    bc:1a:ac:fa:97:31:f2:38:6c:b1:ab:73:5c:38:ea:
                    fb:6a:4d:b2:8f:30:55:17:c8:26:db:23:9c:76:29:
                    91:07:52:9c:eb:90:26:df:79:49:08:f1:17:3c:a8:
                    7d:5e:78:62:65:7f:76:f9:3d:44:74:1c:f3:90:ea:
                    22:61:ec:c9:ed:44:fe:ea:19:9d:3d:f5:ec:39:c4:
                    ca:09:0a:c6:ff:e7:0f:d5:7b:5f:06:c3:d9:96:1b:
                    fb:59:ee:ab:35:a5:74:5a:bc:87:e1:6d:e8:f0:f7:
                    93:5a:c1:74:75:af:9b:e7:ff:8e:56:bc:ed:9a:60:
                    e6:25:ae:74:fb:37:e5:96:ba:7b:ef:9c:f9:71:e8:
                    de:ee:b4:77:12:1e:a2:84:50:c7:fd:54:90:d7:a1:
                    6c:3d:c9:24:29:5d:9d:65:71:4d:6f:75:57:31:aa:
                    38:84:80:4c:59:47:dd:c0:9f:56:59:66:46:98:3c:
                    9d:65:e4:b2:0e:c5:e1:60:07:63:25:74:92:1a:d2:
                    69:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:9B:AE:97:CD:8C:3E:57:56:94:0E:3D:D2:AD:6B:8B:A4:D3:FE:3F
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/DZuul82MPldWlA490q1ri6TT_j8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.224.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:30:f8:a6:7f:6c:5e:21:d1:4c:b8:11:6d:96:83:1b:72:74:
         69:ae:f7:3c:4c:26:a5:ed:99:f3:a2:e5:58:ce:c9:85:3c:e5:
         08:fc:02:31:2b:43:29:57:1b:94:e2:a2:aa:39:e3:92:37:1d:
         63:12:16:2c:90:7d:3c:3f:33:77:0d:db:05:38:d8:37:01:26:
         f2:bf:65:e7:b6:0f:df:a1:47:2f:bf:0c:37:55:ff:09:bc:59:
         1c:93:28:28:2c:5a:b3:03:ac:0b:8a:73:b5:da:5a:e2:b6:20:
         74:ff:6d:20:95:aa:f1:c7:69:f0:8a:b8:89:d0:96:7f:20:4f:
         4b:df:44:b7:9d:a8:89:dd:ff:7c:65:a4:01:b0:e3:e7:b6:8f:
         67:16:38:ca:c7:0b:0e:4b:9f:14:e4:54:7e:bc:07:de:d3:56:
         b7:fa:68:90:ba:07:e4:e7:18:91:ea:be:54:35:1e:9e:f0:0f:
         96:37:37:8a:78:75:69:5c:58:8f:6e:d2:67:23:3b:1d:4b:65:
         ec:1c:60:8c:6f:99:d2:27:62:53:b8:4c:7e:38:3c:97:f4:e8:
         a8:e7:29:f8:b7:fd:20:1d:61:57:65:4c:fa:c6:08:c0:07:50:
         28:34:c4:03:2e:fa:29:67:9f:d4:95:3e:b0:09:52:77:a0:13:
         3e:e1:d4:f5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCBMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDA5Mjkw
OTU3NDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBEOUJBRTk3Q0Q4QzNF
NTc1Njk0MEUzREQyQUQ2QjhCQTREM0ZFM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLsn8wiTsyOY5epSxTCHqvJqesr667+rvfKSEyZ68T0EatW2oL
sGlsR7uXvnS7NBovQgZtHWwAxZd36rwarPqXMfI4bLGrc1w46vtqTbKPMFUXyCbb
I5x2KZEHUpzrkCbfeUkI8Rc8qH1eeGJlf3b5PUR0HPOQ6iJh7MntRP7qGZ099ew5
xMoJCsb/5w/Ve18Gw9mWG/tZ7qs1pXRavIfhbejw95NawXR1r5vn/45WvO2aYOYl
rnT7N+WWunvvnPlx6N7utHcSHqKEUMf9VJDXoWw9ySQpXZ1lcU1vdVcxqjiEgExZ
R93An1ZZZkaYPJ1l5LIOxeFgB2MldJIa0mnRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDZuul82MPldWlA490q1ri6TT/j8wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvRFp1dWw4Mk1QbGRXbEE0
OTBxMXJpNlRUX2o4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AmfghDANBgkqhkiG9w0BAQsFAAOCAQEAdjD4pn9sXiHRTLgRbZaDG3J0aa73PEwm
pe2Z86LlWM7JhTzlCPwCMStDKVcblOKiqjnjkjcdYxIWLJB9PD8zdw3bBTjYNwEm
8r9l57YP36FHL78MN1X/CbxZHJMoKCxaswOsC4pztdpa4rYgdP9tIJWq8cdp8Iq4
idCWfyBPS99Et52oid3/fGWkAbDj57aPZxY4yscLDkufFORUfrwH3tNWt/pokLoH
5OcYkeq+VDUenvAPljc3inh1aVxYj27SZyM7HUtl7BxgjG+Z0idiU7hMfjg8l/To
qOcp+Lf9IB1hV2VM+sYIwAdQKDTEAy76KWef1JU+sAlSd6ATPuHU9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org