Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/H2hpZUmAxj6KQDfl3yl_m8irh1k.roa
File:                     H2hpZUmAxj6KQDfl3yl_m8irh1k.roa (raw, json)
Hash identifier:          hmcsn6Dgf3CrgjqZPlr2CcMBxN11YwszcJVUh2o+O6Q=
Subject key identifier:   1F:68:69:65:49:80:C6:3E:8A:40:37:E5:DF:29:7F:9B:C8:AB:87:59
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/H2hpZUmAxj6KQDfl3yl_m8irh1k.roa
Signing time:             Thu 15 Sep 2022 02:47:10 +0000
ROA not before:           Thu 15 Sep 2022 02:47:10 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        203.65.174.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:10 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=1F6869654980C63E8A4037E5DF297F9BC8AB8759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:0b:48:28:65:63:14:17:c3:dc:a2:63:6f:c9:
                    f0:cc:92:98:34:9a:8f:15:7e:2a:ea:92:32:b6:ac:
                    82:15:33:6d:92:80:0f:a7:0c:70:68:0e:87:87:44:
                    fb:32:df:4f:2e:82:ac:39:31:be:fc:a9:8e:3b:b6:
                    4d:6a:77:8f:b3:92:63:93:54:9f:45:82:33:fd:af:
                    01:e7:eb:46:f7:85:b1:63:24:00:ea:09:44:4d:6c:
                    26:cd:47:4e:7a:6a:1b:50:5e:e7:4f:d6:8f:8f:58:
                    1f:dd:fc:86:78:44:77:f8:45:dd:55:71:15:03:9e:
                    92:a6:02:d0:5a:09:61:63:ca:f4:0e:3d:40:dc:4f:
                    e0:86:32:7e:e1:24:d1:eb:f3:57:34:7b:80:65:b2:
                    45:d9:0f:25:bf:83:0c:8f:b3:44:1c:71:f9:de:28:
                    22:fc:ac:6f:69:31:67:8f:8e:b6:ca:6b:7e:80:f3:
                    dd:8c:21:3d:de:7e:29:be:4b:c3:02:43:e5:8e:6b:
                    58:19:98:a5:bc:cb:e0:f1:5e:e7:2b:83:ff:7d:5e:
                    29:bd:70:02:54:b7:22:ae:04:95:b8:fd:00:c6:3d:
                    d2:bc:14:be:15:0a:08:db:b8:19:b2:1f:bb:3a:79:
                    3b:d6:80:df:19:3c:ba:96:3f:cd:05:74:10:62:09:
                    3b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:68:69:65:49:80:C6:3E:8A:40:37:E5:DF:29:7F:9B:C8:AB:87:59
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/H2hpZUmAxj6KQDfl3yl_m8irh1k.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.65.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:f1:7a:ac:97:90:a4:27:8e:bd:f8:71:4d:b8:1f:c4:f4:01:
         0a:98:c0:45:b1:33:8b:3a:44:5c:31:16:d3:ce:18:2b:e0:5a:
         db:26:06:40:be:b9:90:0e:62:d4:5f:f1:29:fe:5e:ca:b2:74:
         0d:ca:1e:b2:b4:68:5e:93:ef:4b:47:8a:25:47:34:c6:6a:ec:
         2a:52:cb:9f:f8:d8:9f:f7:ae:f0:7e:57:1f:26:87:e0:d7:cd:
         da:7f:a4:71:e0:a7:25:9a:80:1f:4f:de:56:a9:af:89:6c:09:
         f1:05:f6:8f:ed:24:56:6a:78:0c:fa:e7:32:a7:1d:a3:f0:9b:
         ac:ff:51:60:54:a7:d8:07:a1:28:4a:b5:f6:1c:f0:b7:41:94:
         13:f4:3d:67:ae:36:52:13:a8:d0:58:93:a0:a0:c7:c6:f4:f5:
         11:97:f7:73:c3:f0:7c:5c:d2:cc:4b:48:4e:d3:c6:1a:5c:6e:
         b3:c5:88:4e:e0:dc:50:83:8e:e6:9b:1e:8d:50:67:e4:5b:17:
         27:c7:20:1d:22:b7:df:39:db:82:53:bc:19:b3:92:66:bc:23:
         4d:69:ca:b6:93:c2:ac:41:df:59:9c:29:50:a4:70:50:ab:a1:
         d8:a2:c2:17:14:d3:73:1f:de:d2:26:b3:ba:31:82:e4:34:eb:
         54:47:2f:d5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFGNjg2OTY1NDk4MEM2
M0U4QTQwMzdFNURGMjk3RjlCQzhBQjg3NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQC0goZWMUF8PcomNvyfDMkpg0mo8VfirqkjK2rIIVM22SgA+n
DHBoDoeHRPsy308ugqw5Mb78qY47tk1qd4+zkmOTVJ9FgjP9rwHn60b3hbFjJADq
CURNbCbNR056ahtQXudP1o+PWB/d/IZ4RHf4Rd1VcRUDnpKmAtBaCWFjyvQOPUDc
T+CGMn7hJNHr81c0e4BlskXZDyW/gwyPs0QccfneKCL8rG9pMWePjrbKa36A892M
IT3efim+S8MCQ+WOa1gZmKW8y+DxXucrg/99Xim9cAJUtyKuBJW4/QDGPdK8FL4V
CgjbuBmyH7s6eTvWgN8ZPLqWP80FdBBiCTsLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUH2hpZUmAxj6KQDfl3yl/m8irh1kwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSDJocFpVbUF4ajZLUURm
bDN5bF9tOGlyaDFrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMtBrjANBgkqhkiG9w0BAQsFAAOCAQEAYfF6rJeQpCeOvfhxTbgfxPQBCpjARbEz
izpEXDEW084YK+Ba2yYGQL65kA5i1F/xKf5eyrJ0DcoesrRoXpPvS0eKJUc0xmrs
KlLLn/jYn/eu8H5XHyaH4NfN2n+kceCnJZqAH0/eVqmviWwJ8QX2j+0kVmp4DPrn
Mqcdo/CbrP9RYFSn2AehKEq19hzwt0GUE/Q9Z642UhOo0FiToKDHxvT1EZf3c8Pw
fFzSzEtITtPGGlxus8WITuDcUIOO5psejVBn5FsXJ8cgHSK33znbglO8GbOSZrwj
TWnKtpPCrEHfWZwpUKRwUKuh2KLCFxTTcx/e0iazujGC5DTrVEcv1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org