Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/HvhRcpL0zbX_y7YNmerAzCE5_iA.roa
File:                     HvhRcpL0zbX_y7YNmerAzCE5_iA.roa (raw, json)
Hash identifier:          JOhuP/gAnPQ1Zkv5bH4qEP2kFDo6WGmbVvPAVEB9UJ4=
Subject key identifier:   1E:F8:51:72:92:F4:CD:B5:FF:CB:B6:0D:99:EA:C0:CC:21:39:FE:20
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       09A2
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/HvhRcpL0zbX_y7YNmerAzCE5_iA.roa
Signing time:             Wed 16 Dec 2020 02:41:30 +0000
ROA not before:           Wed 16 Dec 2020 02:41:30 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        210.17.80.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2466 (0x9a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Dec 16 02:41:30 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=1EF8517292F4CDB5FFCBB60D99EAC0CC2139FE20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ba:94:73:7f:4c:90:1b:3f:fb:44:8f:97:28:
                    39:0b:5a:13:08:f6:9b:b6:d0:f9:cb:5d:b4:0c:54:
                    5b:ce:1d:b4:68:70:85:11:51:72:87:42:f6:51:d4:
                    bc:65:6f:bc:16:74:6b:11:54:f6:f2:97:00:88:8d:
                    0a:86:19:cf:d3:3f:d6:4c:8e:aa:af:4d:72:a0:a1:
                    ba:a7:36:81:85:f2:ab:dd:d0:f8:2a:75:58:bf:eb:
                    36:5f:af:3f:94:9e:84:56:5a:6c:f6:86:1d:b6:c8:
                    f9:0a:84:c5:eb:7f:3e:41:8b:03:4d:77:bf:cf:99:
                    5a:b2:bf:fc:38:53:02:38:1a:3e:06:bb:6d:2c:2a:
                    fe:8b:7d:3c:e2:b6:d6:51:ee:3e:f3:60:41:c4:a5:
                    d5:13:d1:49:12:bf:33:94:41:ea:f1:66:10:f7:bb:
                    37:ce:a3:0b:8d:5e:af:34:67:3a:75:7d:27:7b:b6:
                    0d:3e:95:d7:3e:90:0e:8a:f0:ac:5f:d5:05:54:cc:
                    4a:d5:9f:86:1e:0a:1c:fe:c8:34:50:ad:1f:28:3b:
                    f5:13:7e:c2:0b:18:9d:f8:aa:ae:8c:61:98:3f:2c:
                    25:23:3c:14:c2:72:a6:8b:6a:d1:7a:b3:31:bb:bc:
                    dd:b5:af:9c:5b:30:39:7a:95:5f:18:c6:46:ad:f6:
                    96:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:F8:51:72:92:F4:CD:B5:FF:CB:B6:0D:99:EA:C0:CC:21:39:FE:20
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/HvhRcpL0zbX_y7YNmerAzCE5_iA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:a4:08:71:b6:b9:d5:c9:4f:43:24:8d:84:39:78:67:7a:2c:
         45:6c:0a:f3:a9:e9:9c:6e:07:d1:90:ed:6e:7b:01:78:c5:8e:
         ba:92:6a:44:3f:07:9b:99:88:d9:15:88:9a:15:46:00:a8:9b:
         53:83:cc:51:f5:91:10:d0:3f:50:59:ad:a5:27:1b:43:bf:1d:
         39:e5:38:c2:19:2a:bc:d3:f0:de:43:23:c7:4a:9c:0d:d2:45:
         c8:ec:f8:29:b6:eb:40:50:54:42:f0:8b:f5:ba:0a:f4:16:36:
         6c:bf:c4:ea:25:0c:48:4a:b0:00:18:20:57:05:fb:b2:56:ce:
         10:c5:7f:89:83:22:95:93:e3:8b:88:08:29:0d:fc:18:4f:18:
         34:b9:ba:68:d7:a8:5d:03:f5:f9:80:8c:03:54:3f:e8:c1:2b:
         d6:c6:9d:f3:cc:3c:b2:fa:c8:33:3f:9d:6d:05:2f:2b:3b:ba:
         5b:9f:01:e6:42:d7:1f:b6:67:d2:91:f1:2d:b1:a8:8c:20:e7:
         cf:e3:77:c2:a1:a3:64:45:22:9e:69:45:96:1a:ff:c2:6f:28:
         a4:a6:3c:e1:b0:96:ba:6a:72:bb:b0:7d:d6:94:d0:82:76:05:
         be:13:5a:ee:d4:ad:80:0f:28:db:ab:76:41:ba:ad:68:6b:54:
         27:17:8f:d2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTYw
MjQxMzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFFRjg1MTcyOTJGNENE
QjVGRkNCQjYwRDk5RUFDMENDMjEzOUZFMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMupRzf0yQGz/7RI+XKDkLWhMI9pu20PnLXbQMVFvOHbRocIUR
UXKHQvZR1Lxlb7wWdGsRVPbylwCIjQqGGc/TP9ZMjqqvTXKgobqnNoGF8qvd0Pgq
dVi/6zZfrz+UnoRWWmz2hh22yPkKhMXrfz5BiwNNd7/PmVqyv/w4UwI4Gj4Gu20s
Kv6LfTzittZR7j7zYEHEpdUT0UkSvzOUQerxZhD3uzfOowuNXq80Zzp1fSd7tg0+
ldc+kA6K8Kxf1QVUzErVn4YeChz+yDRQrR8oO/UTfsILGJ34qq6MYZg/LCUjPBTC
cqaLatF6szG7vN21r5xbMDl6lV8Yxkat9patAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHvhRcpL0zbX/y7YNmerAzCE5/iAwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSHZoUmNwTDB6YlhfeTdZ
Tm1lckF6Q0U1X2lBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRUDANBgkqhkiG9w0BAQsFAAOCAQEAN6QIcba51clPQySNhDl4Z3osRWwK86np
nG4H0ZDtbnsBeMWOupJqRD8Hm5mI2RWImhVGAKibU4PMUfWRENA/UFmtpScbQ78d
OeU4whkqvNPw3kMjx0qcDdJFyOz4KbbrQFBUQvCL9boK9BY2bL/E6iUMSEqwABgg
VwX7slbOEMV/iYMilZPji4gIKQ38GE8YNLm6aNeoXQP1+YCMA1Q/6MEr1sad88w8
svrIMz+dbQUvKzu6W58B5kLXH7Zn0pHxLbGojCDnz+N3wqGjZEUinmlFlhr/wm8o
pKY84bCWumpyu7B91pTQgnYFvhNa7tStgA8o26t2QbqtaGtUJxeP0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org