Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/H905b9YU8iNIygCmzbQPba4akC0.roa
File:                     H905b9YU8iNIygCmzbQPba4akC0.roa (raw, json)
Hash identifier:          0h7Y00vZicm6CFvNF945NJNmj/zCNosirlZqC9IObkw=
Subject key identifier:   1F:DD:39:6F:D6:14:F2:23:48:CA:00:A6:CD:B4:0F:6D:AE:1A:90:2D
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0B48
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/H905b9YU8iNIygCmzbQPba4akC0.roa
Signing time:             Sun 07 Feb 2021 13:12:46 +0000
ROA not before:           Sun 07 Feb 2021 13:12:46 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        60.199.140.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2888 (0xb48)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Feb  7 13:12:46 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=1FDD396FD614F22348CA00A6CDB40F6DAE1A902D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:99:8b:b7:22:96:a7:20:ae:46:a9:86:30:8b:
                    88:56:79:21:c0:f1:12:58:83:48:b5:c8:3e:ec:ad:
                    49:83:67:d4:0e:23:8b:8b:ff:6a:37:44:c3:bf:7b:
                    82:2c:a1:25:e6:5d:d9:8c:22:91:86:02:08:a7:89:
                    14:92:8a:56:2f:72:db:7a:7b:a7:bf:69:4d:ac:55:
                    3e:c7:9e:72:42:ab:0c:70:ae:74:18:9a:2c:90:1f:
                    df:2e:e9:ca:dd:2e:e2:04:28:48:23:c2:18:15:d2:
                    0c:7e:02:c5:c8:97:57:15:39:2b:17:df:d3:7a:64:
                    1c:42:84:06:c8:d6:2e:2b:e1:c6:e5:68:44:e7:6f:
                    ea:2a:cb:47:0d:73:25:ac:3f:39:2b:9e:2e:fb:c4:
                    d8:4f:b5:91:69:55:7a:f0:77:25:70:a3:e0:85:d8:
                    20:ca:2f:00:25:11:eb:dd:c1:1c:08:d2:a0:c0:0c:
                    e7:3a:7b:bc:79:d8:c2:e9:e9:85:be:cb:f8:1a:02:
                    2f:c6:e4:ce:86:f6:ce:7f:cf:77:00:72:40:52:b7:
                    2f:52:7c:77:22:25:e0:9b:d1:84:82:31:18:17:db:
                    3f:2a:c3:70:87:42:97:62:35:b5:2d:8b:c4:4e:6b:
                    ce:fe:f7:45:72:91:f2:6a:40:b3:b4:43:e0:89:8e:
                    13:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:DD:39:6F:D6:14:F2:23:48:CA:00:A6:CD:B4:0F:6D:AE:1A:90:2D
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/H905b9YU8iNIygCmzbQPba4akC0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.199.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:b1:97:27:c7:2c:aa:bc:0f:47:ba:5c:65:d7:74:bc:02:20:
         6b:1f:91:39:d2:1f:8a:42:ac:72:bc:7d:64:cd:4f:ee:1d:64:
         02:c5:14:a7:34:09:3e:02:df:73:c0:21:e7:44:2c:24:34:30:
         45:13:02:df:36:7a:73:29:72:9c:28:e0:6c:30:e9:87:d2:3b:
         ca:45:0a:e9:21:de:73:2b:68:9d:4c:08:5a:7d:56:f0:c9:f6:
         5d:0e:9f:5d:59:7a:cc:98:66:bc:17:3f:05:5f:fc:65:42:30:
         4d:43:f9:b6:0f:81:75:a3:15:c7:f4:85:c0:36:53:48:43:43:
         21:43:80:ab:12:05:26:93:f3:60:ba:7a:c2:62:9b:cd:32:e1:
         0c:5a:7f:a1:ce:77:a6:be:b5:77:53:c3:8f:e6:9f:d0:9a:57:
         e1:04:64:f4:b7:4e:ad:60:be:4d:2b:d6:30:4f:c3:2d:81:33:
         28:d7:cf:72:ac:70:8d:46:56:90:fd:cb:78:02:2c:f8:20:1a:
         c5:79:50:5f:36:05:78:21:fb:89:40:65:65:07:64:fa:32:5e:
         86:20:fc:3a:04:ec:e2:56:85:a7:70:fa:e0:bf:a5:06:38:a8:
         02:ab:f8:cc:39:1a:5b:7f:9a:6f:94:12:86:21:41:cd:22:f0:
         35:1f:d2:dc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICC0gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MzEyNDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFGREQzOTZGRDYxNEYy
MjM0OENBMDBBNkNEQjQwRjZEQUUxQTkwMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVmYu3IpanIK5GqYYwi4hWeSHA8RJYg0i1yD7srUmDZ9QOI4uL
/2o3RMO/e4IsoSXmXdmMIpGGAginiRSSilYvctt6e6e/aU2sVT7HnnJCqwxwrnQY
miyQH98u6crdLuIEKEgjwhgV0gx+AsXIl1cVOSsX39N6ZBxChAbI1i4r4cblaETn
b+oqy0cNcyWsPzkrni77xNhPtZFpVXrwdyVwo+CF2CDKLwAlEevdwRwI0qDADOc6
e7x52MLp6YW+y/gaAi/G5M6G9s5/z3cAckBSty9SfHciJeCb0YSCMRgX2z8qw3CH
QpdiNbUti8ROa87+90VykfJqQLO0Q+CJjhNrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUH905b9YU8iNIygCmzbQPba4akC0wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSDkwNWI5WVU4aU5JeWdD
bXpiUVBiYTRha0MwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzHjDANBgkqhkiG9w0BAQsFAAOCAQEAHbGXJ8csqrwPR7pcZdd0vAIgax+ROdIf
ikKscrx9ZM1P7h1kAsUUpzQJPgLfc8Ah50QsJDQwRRMC3zZ6cylynCjgbDDph9I7
ykUK6SHecytonUwIWn1W8Mn2XQ6fXVl6zJhmvBc/BV/8ZUIwTUP5tg+BdaMVx/SF
wDZTSENDIUOAqxIFJpPzYLp6wmKbzTLhDFp/oc53pr61d1PDj+af0JpX4QRk9LdO
rWC+TSvWME/DLYEzKNfPcqxwjUZWkP3LeAIs+CAaxXlQXzYFeCH7iUBlZQdk+jJe
hiD8OgTs4laFp3D64L+lBjioAqv4zDkaW3+ab5QShiFBzSLwNR/S3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org