Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/M9B_1IXOeToNvU35G6jAUnZUybw.roa
File:                     M9B_1IXOeToNvU35G6jAUnZUybw.roa (raw, json)
Hash identifier:          QCD7vqJzoDTr66g6pOiPUWyiMUS2N0m/N2NWmVoXwkY=
Subject key identifier:   33:D0:7F:D4:85:CE:79:3A:0D:BD:4D:F9:1B:A8:C0:52:76:54:C9:BC
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0AD0
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/M9B_1IXOeToNvU35G6jAUnZUybw.roa
Signing time:             Sun 07 Feb 2021 11:40:32 +0000
ROA not before:           Sun 07 Feb 2021 11:40:32 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        203.77.36.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2768 (0xad0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Feb  7 11:40:32 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=33D07FD485CE793A0DBD4DF91BA8C0527654C9BC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c3:16:51:1f:06:fb:ea:91:4f:71:da:ac:cf:
                    7f:d9:cf:9e:24:b6:58:bb:73:a3:4c:18:df:46:79:
                    f5:a3:30:80:6c:77:97:ef:8a:b5:f7:8e:97:a6:b0:
                    53:bd:7f:52:dc:4d:3e:eb:14:43:d5:84:c7:a5:8f:
                    24:23:4f:d3:27:2b:ec:90:7a:80:4c:c0:6e:08:4e:
                    c0:a1:6a:16:eb:54:f4:e2:88:bd:91:c8:50:ac:f9:
                    a4:de:d4:fa:06:e4:d1:5e:5b:d0:c6:2a:21:10:2b:
                    79:ac:e5:67:c6:82:e7:12:cd:ad:d7:b2:13:98:2e:
                    b9:b8:05:12:34:4b:33:c2:7d:b2:09:6e:dc:66:f9:
                    e3:2d:7a:01:53:f9:bf:d0:cd:f0:31:92:02:b1:1c:
                    90:f9:4f:e0:d8:1e:a1:e2:cc:74:a4:e5:c5:da:c9:
                    83:8b:3e:55:49:78:ce:47:8a:8a:47:00:f8:39:c2:
                    b3:64:70:e4:a7:0b:67:f5:a4:60:00:85:26:8f:0f:
                    48:30:1b:0f:08:b7:c1:3e:77:60:e9:40:14:05:f3:
                    94:5a:d6:17:25:74:f6:8d:42:89:8e:7c:11:94:40:
                    d3:d6:28:a1:19:32:44:bd:6f:a4:2a:ba:72:b7:78:
                    37:64:70:8b:8e:62:2e:f9:81:f2:69:af:96:d7:dd:
                    13:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:D0:7F:D4:85:CE:79:3A:0D:BD:4D:F9:1B:A8:C0:52:76:54:C9:BC
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/M9B_1IXOeToNvU35G6jAUnZUybw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         66:16:98:c1:d9:6c:ac:58:d8:91:a1:62:62:a3:65:e0:d1:34:
         74:23:d1:5e:f1:4d:06:3d:c2:c7:74:4a:7d:71:be:87:b2:52:
         06:70:31:b7:fa:f9:7c:32:e1:cf:bd:9e:3b:9c:12:de:30:88:
         55:08:c7:b9:18:90:40:37:bb:9a:6d:4f:6b:0c:7c:c0:63:7b:
         e1:2c:72:6c:17:1c:70:fc:c2:c3:1e:e0:d6:f7:c5:5f:8a:e8:
         95:94:8f:7a:e9:c3:04:cd:dd:3f:b0:ce:ce:c0:e8:ee:63:13:
         52:4d:02:b4:90:85:6e:e9:ef:71:7a:05:94:b1:4b:17:b6:60:
         ba:66:1a:c3:b2:99:92:18:b9:22:e7:e5:24:a4:f0:28:82:58:
         88:8e:18:ad:d9:d4:3f:2e:b1:e8:36:8d:1b:79:9c:d1:4b:13:
         20:3f:40:77:65:76:b2:cd:62:55:48:a9:6a:68:78:9c:b8:1a:
         0e:35:14:0d:4d:35:3f:38:a1:27:6d:55:8d:c9:37:55:7b:14:
         67:21:be:35:62:16:9d:89:a4:b0:09:49:57:4a:1d:d8:a9:c9:
         a9:dc:5a:f8:1d:2e:74:6d:26:2a:c6:2e:77:05:43:d7:31:09:
         a6:ae:3b:e0:da:67:06:13:d3:86:83:3d:53:cd:12:cf:22:21:
         f7:22:59:bb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCtAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MTQwMzJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDMzRDA3RkQ0ODVDRTc5
M0EwREJENERGOTFCQThDMDUyNzY1NEM5QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZwxZRHwb76pFPcdqsz3/Zz54ktli7c6NMGN9GefWjMIBsd5fv
irX3jpemsFO9f1LcTT7rFEPVhMeljyQjT9MnK+yQeoBMwG4ITsChahbrVPTiiL2R
yFCs+aTe1PoG5NFeW9DGKiEQK3ms5WfGgucSza3XshOYLrm4BRI0SzPCfbIJbtxm
+eMtegFT+b/QzfAxkgKxHJD5T+DYHqHizHSk5cXayYOLPlVJeM5HiopHAPg5wrNk
cOSnC2f1pGAAhSaPD0gwGw8It8E+d2DpQBQF85Ra1hcldPaNQomOfBGUQNPWKKEZ
MkS9b6QqunK3eDdkcIuOYi75gfJpr5bX3RO9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUM9B/1IXOeToNvU35G6jAUnZUybwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvTTlCXzFJWE9lVG9OdlUz
NUc2akFVblpVeWJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ActNJDANBgkqhkiG9w0BAQsFAAOCAQEAZhaYwdlsrFjYkaFiYqNl4NE0dCPRXvFN
Bj3Cx3RKfXG+h7JSBnAxt/r5fDLhz72eO5wS3jCIVQjHuRiQQDe7mm1Pawx8wGN7
4SxybBcccPzCwx7g1vfFX4rolZSPeunDBM3dP7DOzsDo7mMTUk0CtJCFbunvcXoF
lLFLF7ZgumYaw7KZkhi5IuflJKTwKIJYiI4YrdnUPy6x6DaNG3mc0UsTID9Ad2V2
ss1iVUipamh4nLgaDjUUDU01PzihJ21Vjck3VXsUZyG+NWIWnYmksAlJV0od2KnJ
qdxa+B0udG0mKsYudwVD1zEJpq474NpnBhPThoM9U80SzyIh9yJZuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org