Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/JVG6oWbElI3A7un6zVERP8Klnns.roa
File:                     JVG6oWbElI3A7un6zVERP8Klnns.roa (raw, json)
Hash identifier:          iolFjF+8pcb/Tkk3OnLfluPHy8yb1m15/GDPybzkq7M=
Subject key identifier:   25:51:BA:A1:66:C4:94:8D:C0:EE:E9:FA:CD:51:11:3F:C2:A5:9E:7B
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0ADA
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/JVG6oWbElI3A7un6zVERP8Klnns.roa
Signing time:             Sun 07 Feb 2021 11:40:40 +0000
ROA not before:           Sun 07 Feb 2021 11:40:40 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        203.77.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2778 (0xada)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Feb  7 11:40:40 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=2551BAA166C4948DC0EEE9FACD51113FC2A59E7B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:13:9d:50:7f:98:e3:99:74:1a:32:d7:9e:ef:
                    b9:ed:6c:08:24:94:53:b6:f8:2c:00:51:42:42:fd:
                    ea:da:e4:99:8d:2a:a6:53:8d:d3:cc:ce:bf:86:39:
                    27:50:ae:49:19:1a:5a:46:c3:36:50:ac:6d:ec:da:
                    28:f0:8a:0b:42:08:94:db:d8:08:68:09:a4:19:a0:
                    bf:0a:43:20:52:ae:13:c7:cd:9f:91:d4:64:f6:94:
                    f1:fb:1e:3e:ab:ae:ad:7e:04:b5:9c:03:4b:24:b3:
                    4c:a7:54:2a:5b:09:29:79:8e:0d:8f:54:46:e6:13:
                    6e:25:78:cb:73:8d:e6:45:bb:93:aa:7e:cf:df:f3:
                    7e:d5:04:5c:6c:b5:dd:21:78:d6:a7:3d:a2:77:2c:
                    52:a3:3f:5d:a1:36:b2:69:88:69:28:33:23:f9:87:
                    8f:56:e6:01:cd:33:b0:ad:56:52:d2:ac:de:30:11:
                    21:66:7c:a0:88:d0:f1:52:8b:59:27:fc:59:b8:ee:
                    fa:3a:62:bd:08:5e:4b:28:81:d2:24:88:ff:74:65:
                    9c:84:e2:61:50:74:61:ab:92:46:bb:e3:cf:df:48:
                    c1:0c:27:e3:dc:f2:38:c2:32:a8:0e:7d:77:08:6c:
                    5d:62:ca:18:2e:6d:0a:09:62:1a:2d:f1:cb:b1:d1:
                    71:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:51:BA:A1:66:C4:94:8D:C0:EE:E9:FA:CD:51:11:3F:C2:A5:9E:7B
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/JVG6oWbElI3A7un6zVERP8Klnns.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:5a:55:30:4b:02:71:07:00:14:26:d5:76:d4:81:7b:d7:a9:
         03:7c:02:a0:5d:bd:e8:72:b1:de:c4:c8:3a:d8:fb:57:f8:a1:
         2a:1e:21:fb:29:4f:d5:eb:65:27:ca:ed:40:9e:e9:08:03:52:
         b7:0d:d9:dd:bd:3b:47:ae:11:5a:2f:29:1d:bf:ab:ec:b6:43:
         66:b9:80:0a:af:6b:49:e0:bb:dc:d7:28:82:d1:43:85:77:89:
         3f:84:bc:09:b4:13:a0:f2:92:e1:c8:3a:dd:49:4b:62:de:c3:
         d3:d5:0d:80:07:1c:c6:20:b4:33:55:b0:f6:ef:3f:39:f6:fe:
         35:5e:c2:d8:21:af:a9:0d:57:0a:14:54:81:73:64:02:6a:4e:
         d7:34:25:8c:23:ee:dd:5f:03:45:1e:52:e0:54:75:ea:4e:ae:
         8c:f9:0c:13:dc:b5:d2:8b:52:0c:e9:5f:84:5c:d6:f3:30:16:
         83:be:29:61:89:75:d7:00:41:86:30:88:ed:de:56:45:da:ef:
         a2:93:ee:62:94:e4:fe:6e:25:86:6e:a9:4c:e0:9b:11:dd:82:
         aa:44:cf:e1:98:e9:d5:fc:03:1e:3c:de:b2:17:71:bc:bf:ce:
         35:2e:34:24:a0:01:40:de:85:3c:28:d4:f7:15:49:c9:78:91:
         91:06:d3:2d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCtowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MTQwNDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI1NTFCQUExNjZDNDk0
OERDMEVFRTlGQUNENTExMTNGQzJBNTlFN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyE51Qf5jjmXQaMtee77ntbAgklFO2+CwAUUJC/era5JmNKqZT
jdPMzr+GOSdQrkkZGlpGwzZQrG3s2ijwigtCCJTb2AhoCaQZoL8KQyBSrhPHzZ+R
1GT2lPH7Hj6rrq1+BLWcA0sks0ynVCpbCSl5jg2PVEbmE24leMtzjeZFu5Oqfs/f
837VBFxstd0heNanPaJ3LFKjP12hNrJpiGkoMyP5h49W5gHNM7CtVlLSrN4wESFm
fKCI0PFSi1kn/Fm47vo6Yr0IXksogdIkiP90ZZyE4mFQdGGrkka748/fSMEMJ+Pc
8jjCMqgOfXcIbF1iyhgubQoJYhot8cux0XERAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJVG6oWbElI3A7un6zVERP8KlnnswHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSlZHNm9XYkVsSTNBN3Vu
NnpWRVJQOEtsbm5zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMtNNTANBgkqhkiG9w0BAQsFAAOCAQEAQVpVMEsCcQcAFCbVdtSBe9epA3wCoF29
6HKx3sTIOtj7V/ihKh4h+ylP1etlJ8rtQJ7pCANStw3Z3b07R64RWi8pHb+r7LZD
ZrmACq9rSeC73NcogtFDhXeJP4S8CbQToPKS4cg63UlLYt7D09UNgAccxiC0M1Ww
9u8/Ofb+NV7C2CGvqQ1XChRUgXNkAmpO1zQljCPu3V8DRR5S4FR16k6ujPkME9y1
0otSDOlfhFzW8zAWg74pYYl11wBBhjCI7d5WRdrvopPuYpTk/m4lhm6pTOCbEd2C
qkTP4Zjp1fwDHjzeshdxvL/ONS40JKABQN6FPCjU9xVJyXiRkQbTLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org