Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/IPKLdDwx9qNTxp80nZLh7M04OQw.roa
File:                     IPKLdDwx9qNTxp80nZLh7M04OQw.roa (raw, json)
Hash identifier:          ZB0Bh8a/EKDx81N8c61WrOwzuPAqpZQV5mmN6Xw6Y5E=
Subject key identifier:   20:F2:8B:74:3C:31:F6:A3:53:C6:9F:34:9D:92:E1:EC:CD:38:39:0C
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0998
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/IPKLdDwx9qNTxp80nZLh7M04OQw.roa
Signing time:             Wed 16 Dec 2020 02:35:09 +0000
ROA not before:           Wed 16 Dec 2020 02:35:09 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        175.99.72.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2456 (0x998)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Dec 16 02:35:09 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=20F28B743C31F6A353C69F349D92E1ECCD38390C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d8:01:36:f8:04:6b:3a:b6:03:63:37:aa:f8:
                    b6:08:32:1c:26:ba:bf:13:4f:96:38:06:95:d0:41:
                    62:0f:07:34:cc:5e:7e:23:ab:e4:81:32:dc:73:00:
                    b0:ad:16:1f:00:96:25:8f:e2:76:66:e2:f7:a8:4c:
                    30:cb:f5:23:2c:ce:54:4a:c8:09:8d:b1:c0:36:c5:
                    8c:6b:2d:bb:76:17:c2:1d:68:f5:20:99:74:57:4d:
                    b5:04:17:cb:89:04:a1:e9:94:f9:29:89:e5:a7:6e:
                    bd:1a:f0:0d:38:f1:9d:75:5e:8e:e9:c5:da:ed:07:
                    90:fb:af:a0:6f:ef:54:7a:69:e1:90:76:53:bc:92:
                    1b:22:a3:5c:15:a1:b8:f3:66:5e:14:05:ea:1f:6b:
                    0f:82:3b:7e:36:9f:57:fb:72:b3:07:8b:5d:a5:4e:
                    36:e8:f1:9b:6a:13:23:3f:35:31:cc:55:65:47:51:
                    2b:ad:76:71:5e:de:89:e3:b8:7a:45:5f:34:fd:2f:
                    5b:4a:fa:54:3d:50:54:a5:bc:a8:16:ae:cf:50:6a:
                    0a:f5:40:20:f4:31:1b:db:2e:82:a2:92:3b:d3:c8:
                    d5:30:91:6f:0d:69:b8:09:4e:44:03:0b:b0:e6:26:
                    89:83:40:72:59:a9:b0:38:ba:dd:b4:bd:1f:f8:d0:
                    64:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F2:8B:74:3C:31:F6:A3:53:C6:9F:34:9D:92:E1:EC:CD:38:39:0C
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/IPKLdDwx9qNTxp80nZLh7M04OQw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.99.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:b7:7a:29:a6:29:4e:e5:03:0b:07:e3:f4:5f:ad:c4:97:cf:
         21:32:98:d8:e9:df:61:53:3f:33:8f:aa:ba:97:15:49:05:5b:
         78:e3:9e:11:08:e1:7d:6c:71:05:f7:e8:13:d4:62:ea:3f:45:
         2d:74:68:8a:d6:61:fc:2f:fc:c6:1c:9b:d5:d2:c8:06:b0:d1:
         c3:97:4b:ae:6d:ae:d6:0f:a8:41:c4:ff:df:c0:2a:c5:1b:cf:
         d8:2a:9b:df:d8:29:83:65:72:55:0b:fb:ec:be:25:78:65:9a:
         e4:03:39:7b:f4:0e:8d:72:13:cb:f6:7d:71:ab:90:ef:bb:0c:
         22:2a:7f:7b:9f:5e:b3:e5:64:e2:1f:2f:70:c0:59:3a:30:00:
         6a:76:d8:35:5c:ff:0e:44:57:09:23:e1:ee:9e:b1:93:59:09:
         ab:73:d5:c6:f0:c3:62:63:c6:f6:c1:d0:0d:3b:12:0d:a4:83:
         28:af:af:aa:75:0e:7f:14:ec:9f:a3:f6:e1:66:d7:bb:f9:cb:
         0f:2b:49:77:3f:f5:fb:b4:c9:c0:a6:f0:de:23:62:3c:22:b8:
         78:bc:2a:1a:08:9c:92:e7:29:61:86:88:a4:97:db:16:d3:6d:
         32:95:bd:90:7c:0f:fe:27:a3:19:56:4d:32:76:c3:43:31:5f:
         42:79:ab:db
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCZgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTYw
MjM1MDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDIwRjI4Qjc0M0MzMUY2
QTM1M0M2OUYzNDlEOTJFMUVDQ0QzODM5MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU2AE2+ARrOrYDYzeq+LYIMhwmur8TT5Y4BpXQQWIPBzTMXn4j
q+SBMtxzALCtFh8AliWP4nZm4veoTDDL9SMszlRKyAmNscA2xYxrLbt2F8IdaPUg
mXRXTbUEF8uJBKHplPkpieWnbr0a8A048Z11Xo7pxdrtB5D7r6Bv71R6aeGQdlO8
khsio1wVobjzZl4UBeofaw+CO342n1f7crMHi12lTjbo8ZtqEyM/NTHMVWVHUSut
dnFe3onjuHpFXzT9L1tK+lQ9UFSlvKgWrs9Qagr1QCD0MRvbLoKikjvTyNUwkW8N
abgJTkQDC7DmJomDQHJZqbA4ut20vR/40GQLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIPKLdDwx9qNTxp80nZLh7M04OQwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSVBLTGREd3g5cU5UeHA4
MG5aTGg3TTA0T1F3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AK9jSDANBgkqhkiG9w0BAQsFAAOCAQEAC7d6KaYpTuUDCwfj9F+txJfPITKY2Onf
YVM/M4+qupcVSQVbeOOeEQjhfWxxBffoE9Ri6j9FLXRoitZh/C/8xhyb1dLIBrDR
w5dLrm2u1g+oQcT/38AqxRvP2Cqb39gpg2VyVQv77L4leGWa5AM5e/QOjXITy/Z9
cauQ77sMIip/e59es+Vk4h8vcMBZOjAAanbYNVz/DkRXCSPh7p6xk1kJq3PVxvDD
YmPG9sHQDTsSDaSDKK+vqnUOfxTsn6P24WbXu/nLDytJdz/1+7TJwKbw3iNiPCK4
eLwqGgickucpYYaIpJfbFtNtMpW9kHwP/iejGVZNMnbDQzFfQnmr2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org