Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/JtEcYPAu7twA2dQuIjjiJS2Nid8.roa
File:                     JtEcYPAu7twA2dQuIjjiJS2Nid8.roa (raw, json)
Hash identifier:          3ZO0mSamujIhIQS2YyrEa460MnGammnM4KIZCUAVhDw=
Subject key identifier:   26:D1:1C:60:F0:2E:EE:DC:00:D9:D4:2E:22:38:E2:25:2D:8D:89:DF
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0D87
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/JtEcYPAu7twA2dQuIjjiJS2Nid8.roa
Signing time:             Wed 22 Jun 2022 02:20:32 +0000
ROA not before:           Wed 22 Jun 2022 02:20:32 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        203.77.38.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3463 (0xd87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Jun 22 02:20:32 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=26D11C60F02EEEDC00D9D42E2238E2252D8D89DF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:56:c7:e1:9f:75:71:a7:83:aa:28:e1:b5:00:
                    5b:fc:da:88:1f:7f:94:89:e7:a1:54:f6:6c:9f:6b:
                    20:a2:1e:ae:26:62:53:6a:a1:dd:97:97:1c:e4:60:
                    7e:d3:56:85:78:54:38:7f:77:37:fd:2f:ea:4a:fd:
                    f2:5a:6d:b8:59:2d:0c:f8:91:75:f0:73:03:41:d0:
                    03:33:c0:f0:fb:bf:79:6c:29:b6:f6:e6:ac:be:94:
                    89:fc:a4:4a:36:22:88:8b:83:3d:e1:20:65:29:67:
                    bb:52:60:87:c8:f8:d5:27:f9:b7:ae:22:46:58:ea:
                    5e:39:09:63:72:2e:e8:81:9f:62:2b:5e:15:d7:b0:
                    07:d2:a1:cd:ed:ab:74:bb:38:a6:00:7e:05:3b:3a:
                    ad:bd:a4:e4:b5:3c:46:bf:03:27:a6:70:80:74:82:
                    0c:0a:2e:23:ea:2f:12:24:d9:c0:6d:cf:1a:b9:cd:
                    06:21:6c:47:bd:99:e3:ec:a8:d8:fb:a7:9b:c0:2c:
                    2c:5e:b3:e2:3e:89:fe:6d:49:58:7e:37:22:c9:bd:
                    0b:9a:2a:05:ec:16:ff:26:72:9d:13:59:50:27:71:
                    12:07:59:27:85:6e:ee:71:47:8c:78:3f:c1:96:c7:
                    b7:2b:cc:f0:f9:9c:31:a7:c9:21:4b:e5:21:ca:40:
                    f7:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:D1:1C:60:F0:2E:EE:DC:00:D9:D4:2E:22:38:E2:25:2D:8D:89:DF
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/JtEcYPAu7twA2dQuIjjiJS2Nid8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.38.0/23

    Signature Algorithm: sha256WithRSAEncryption
         77:ae:83:89:6c:75:41:f3:f2:1f:da:1b:d9:df:b3:5f:bf:40:
         92:b8:81:40:f7:a9:18:23:56:b5:b1:de:c3:c9:22:ad:e5:7e:
         c8:11:9e:04:6f:22:da:31:5c:48:27:f0:65:a3:42:0c:2a:44:
         d8:d1:e1:01:47:65:53:ab:13:b9:a4:8b:de:7d:ee:5c:b4:57:
         e4:96:66:0e:93:cc:46:e3:82:e3:bf:37:cd:e5:22:51:ac:ad:
         b4:a1:da:3f:ce:d4:ef:2a:cf:9a:a0:91:d3:bc:bb:1e:35:45:
         8b:55:5b:1e:81:7d:9d:b9:ee:8f:0a:72:4c:ff:c9:e9:90:38:
         60:c3:08:35:4f:02:61:0f:ae:33:13:d2:d0:dd:4e:77:21:14:
         3b:98:a9:66:0d:d9:a5:b7:9e:f9:f4:69:3f:f6:36:10:32:ff:
         d2:65:fb:51:99:c4:49:7f:7f:89:c3:2e:f0:32:0d:9b:04:9f:
         34:0c:1e:4b:cd:11:7f:df:69:fc:1a:e3:ad:2f:d4:f9:d6:e0:
         15:1d:87:0f:1f:24:fb:0c:b8:e4:53:a0:ea:3d:bd:e7:8a:10:
         1b:1e:8c:85:8f:6e:99:83:c8:4c:5e:11:4f:42:ab:a6:e2:24:
         6e:9b:70:f4:38:0e:49:17:44:f5:73:a2:8c:d3:42:b8:7f:8a:
         42:64:13:d3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDYcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA2MjIw
MjIwMzJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI2RDExQzYwRjAyRUVF
REMwMEQ5RDQyRTIyMzhFMjI1MkQ4RDg5REYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsVsfhn3Vxp4OqKOG1AFv82ogff5SJ56FU9myfayCiHq4mYlNq
od2XlxzkYH7TVoV4VDh/dzf9L+pK/fJabbhZLQz4kXXwcwNB0AMzwPD7v3lsKbb2
5qy+lIn8pEo2IoiLgz3hIGUpZ7tSYIfI+NUn+beuIkZY6l45CWNyLuiBn2IrXhXX
sAfSoc3tq3S7OKYAfgU7Oq29pOS1PEa/AyemcIB0ggwKLiPqLxIk2cBtzxq5zQYh
bEe9mePsqNj7p5vALCxes+I+if5tSVh+NyLJvQuaKgXsFv8mcp0TWVAncRIHWSeF
bu5xR4x4P8GWx7crzPD5nDGnySFL5SHKQPfxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJtEcYPAu7twA2dQuIjjiJS2Nid8wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSnRFY1lQQXU3dHdBMmRR
dUlqamlKUzJOaWQ4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ActNJjANBgkqhkiG9w0BAQsFAAOCAQEAd66DiWx1QfPyH9ob2d+zX79AkriBQPep
GCNWtbHew8kireV+yBGeBG8i2jFcSCfwZaNCDCpE2NHhAUdlU6sTuaSL3n3uXLRX
5JZmDpPMRuOC4783zeUiUayttKHaP87U7yrPmqCR07y7HjVFi1VbHoF9nbnujwpy
TP/J6ZA4YMMINU8CYQ+uMxPS0N1OdyEUO5ipZg3Zpbee+fRpP/Y2EDL/0mX7UZnE
SX9/icMu8DINmwSfNAweS80Rf99p/BrjrS/U+dbgFR2HDx8k+wy45FOg6j2954oQ
Gx6MhY9umYPITF4RT0KrpuIkbptw9DgOSRdE9XOijNNCuH+KQmQT0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org