Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Ja8dJalf4A-aRA8A6JGjmOlulZI.roa
File:                     Ja8dJalf4A-aRA8A6JGjmOlulZI.roa (raw, json)
Hash identifier:          MWh2WTWc+I8ovSc1YkLxtXQuK+a4uqPxNTlut/TZCSQ=
Subject key identifier:   25:AF:1D:25:A9:5F:E0:0F:9A:44:0F:00:E8:91:A3:98:E9:6E:95:92
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0CCE
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Ja8dJalf4A-aRA8A6JGjmOlulZI.roa
Signing time:             Wed 29 Sep 2021 02:50:17 +0000
ROA not before:           Wed 29 Sep 2021 02:50:17 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9924
IP address blocks:        60.199.107.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3278 (0xcce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:50:17 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=25AF1D25A95FE00F9A440F00E891A398E96E9592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d6:4f:45:1a:7a:07:10:b2:77:52:71:1b:8c:
                    59:0c:c9:9a:37:58:22:d7:e7:8c:4c:4e:95:b4:20:
                    ad:ac:a2:83:92:94:13:f8:76:5e:f8:f4:db:a5:1d:
                    0a:5c:64:5d:35:c3:d4:d8:a0:0a:36:91:96:a8:a9:
                    d3:15:01:8e:ea:88:fc:60:03:34:d7:01:08:49:0e:
                    fc:bf:b3:4f:4c:f5:0f:d3:d7:2f:31:00:16:22:cd:
                    2e:e6:f1:1c:7f:a9:13:21:39:46:da:b3:68:5e:6b:
                    e4:92:46:7c:d2:3b:b5:76:ff:58:de:e3:33:f3:cd:
                    91:c3:bf:b7:3d:a8:60:d2:79:8d:0c:1f:b3:77:7c:
                    ad:99:02:51:f7:c8:43:08:0c:d3:f4:24:84:47:2b:
                    61:ab:1d:07:c1:b6:38:68:a7:16:a8:7e:96:38:cc:
                    95:a8:57:7d:6a:32:a8:ec:14:8c:b7:dc:00:08:f4:
                    3e:e8:c7:fd:4c:3d:15:fa:ad:a7:91:d0:fc:87:e9:
                    bd:33:2d:20:83:81:41:4e:45:ab:e7:93:26:9a:87:
                    87:22:f0:4c:55:db:3c:51:ea:8f:55:e9:f4:5a:e5:
                    f5:87:2b:4c:c6:02:a2:25:a1:9a:5b:20:61:37:f6:
                    5b:da:ac:4e:bb:f5:90:c0:9e:69:9f:ff:0a:6f:db:
                    b5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:AF:1D:25:A9:5F:E0:0F:9A:44:0F:00:E8:91:A3:98:E9:6E:95:92
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Ja8dJalf4A-aRA8A6JGjmOlulZI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.199.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:03:fe:a2:1b:14:cc:2e:15:cf:fb:df:77:9a:cd:b4:c3:89:
         a5:9b:54:15:c3:5c:1b:6d:2b:53:0e:86:a1:4b:92:d0:1e:80:
         0d:2b:49:44:a5:8f:c9:17:42:56:73:5d:90:3c:b4:cb:20:8a:
         23:26:c1:d7:c1:8a:d2:d0:85:64:eb:f0:06:c3:49:55:58:85:
         ec:52:39:61:fc:3c:df:19:79:60:55:dc:40:be:d2:b6:96:df:
         62:d1:d8:83:d9:66:e1:d8:f8:95:95:a8:4f:02:25:4d:9b:ba:
         9a:37:9b:49:bf:75:6e:db:29:f9:3f:a0:9a:7b:ad:53:4d:67:
         fa:a5:52:79:76:ad:fc:6d:d8:97:9d:55:d5:d2:e4:80:e9:bd:
         d8:d9:bd:23:e0:ff:bc:7d:aa:0e:eb:cd:d2:67:04:86:ae:6d:
         ff:4e:26:6d:be:16:4c:91:48:9f:0f:68:ca:f4:1f:24:28:d3:
         88:7b:4b:fe:64:25:08:6c:92:08:ef:52:71:34:52:e1:40:d0:
         34:6a:6b:75:90:d0:1f:ec:b5:e6:52:24:d2:74:05:f1:d0:8c:
         cb:76:42:23:6f:3e:9c:b0:72:ae:af:a2:4b:31:62:33:af:d0:
         dc:9b:42:bd:10:c1:0b:df:e8:64:6a:4f:11:5e:7c:19:84:7e:
         b5:c9:9c:62
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDM4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjUwMTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI1QUYxRDI1QTk1RkUw
MEY5QTQ0MEYwMEU4OTFBMzk4RTk2RTk1OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC11k9FGnoHELJ3UnEbjFkMyZo3WCLX54xMTpW0IK2sooOSlBP4
dl749NulHQpcZF01w9TYoAo2kZaoqdMVAY7qiPxgAzTXAQhJDvy/s09M9Q/T1y8x
ABYizS7m8Rx/qRMhOUbas2hea+SSRnzSO7V2/1je4zPzzZHDv7c9qGDSeY0MH7N3
fK2ZAlH3yEMIDNP0JIRHK2GrHQfBtjhopxaofpY4zJWoV31qMqjsFIy33AAI9D7o
x/1MPRX6raeR0PyH6b0zLSCDgUFORavnkyaah4ci8ExV2zxR6o9V6fRa5fWHK0zG
AqIloZpbIGE39lvarE679ZDAnmmf/wpv27VfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJa8dJalf4A+aRA8A6JGjmOlulZIwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSmE4ZEphbGY0QS1hUkE4
QTZKR2ptT2x1bFpJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzHazANBgkqhkiG9w0BAQsFAAOCAQEAmAP+ohsUzC4Vz/vfd5rNtMOJpZtUFcNc
G20rUw6GoUuS0B6ADStJRKWPyRdCVnNdkDy0yyCKIybB18GK0tCFZOvwBsNJVViF
7FI5Yfw83xl5YFXcQL7StpbfYtHYg9lm4dj4lZWoTwIlTZu6mjebSb91btsp+T+g
mnutU01n+qVSeXat/G3Yl51V1dLkgOm92Nm9I+D/vH2qDuvN0mcEhq5t/04mbb4W
TJFInw9oyvQfJCjTiHtL/mQlCGySCO9ScTRS4UDQNGprdZDQH+y15lIk0nQF8dCM
y3ZCI28+nLByrq+iSzFiM6/Q3JtCvRDBC9/oZGpPEV58GYR+tcmcYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org