Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/MK5lV7Xy2nTUGsK6gKrqG1NlPYw.roa
File:                     MK5lV7Xy2nTUGsK6gKrqG1NlPYw.roa (raw, json)
Hash identifier:          Bj3n5TKXZfJEM2nBlCcKysqzxzagP3RgF7zegrJl3OE=
Subject key identifier:   30:AE:65:57:B5:F2:DA:74:D4:1A:C2:BA:80:AA:EA:1B:53:65:3D:8C
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/MK5lV7Xy2nTUGsK6gKrqG1NlPYw.roa
Signing time:             Thu 15 Sep 2022 02:46:52 +0000
ROA not before:           Thu 15 Sep 2022 02:46:52 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        61.31.197.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:46:52 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=30AE6557B5F2DA74D41AC2BA80AAEA1B53653D8C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fc:17:d1:6e:21:53:69:74:27:92:21:9b:81:
                    fc:a1:cf:74:a6:78:81:8f:79:b5:35:62:23:cf:78:
                    d7:c9:c0:58:bc:52:5c:88:41:e5:0b:06:17:60:06:
                    17:be:62:de:d6:14:ae:c3:c7:06:9f:e7:17:3e:ef:
                    1f:8b:40:7f:b6:a5:ce:a8:c1:10:af:ba:f9:c5:4c:
                    d1:4b:a0:f7:02:dc:00:0c:4c:f3:40:46:65:57:8a:
                    93:e8:5d:87:b3:5d:59:b6:b6:bc:5f:8c:30:d8:3d:
                    b6:6f:79:f9:81:7e:76:f4:82:27:5a:69:1c:ce:6b:
                    be:6c:e9:38:f0:07:f7:c7:69:28:1d:16:45:93:e8:
                    e4:8b:7f:43:d5:63:2b:83:e4:44:5e:41:42:e5:e0:
                    1a:55:84:b3:a9:96:20:9a:39:92:4d:34:9a:8e:cf:
                    41:b2:7b:0e:12:d7:51:14:34:3a:ed:b0:79:87:75:
                    92:be:df:ea:c1:5f:85:3e:f2:53:ff:b5:3f:fe:a3:
                    ae:85:81:47:c6:8d:a4:87:0a:5c:a0:27:3d:c3:29:
                    c1:4e:03:46:74:38:a7:1a:63:2c:06:d4:69:20:c2:
                    62:ca:31:cb:96:3d:a8:6f:d6:e9:42:e2:69:55:cb:
                    c8:ec:89:76:a2:32:e1:89:d1:b9:66:ac:e1:b8:6e:
                    55:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:AE:65:57:B5:F2:DA:74:D4:1A:C2:BA:80:AA:EA:1B:53:65:3D:8C
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/MK5lV7Xy2nTUGsK6gKrqG1NlPYw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.31.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:dd:66:ba:75:36:6c:18:94:1c:95:c6:a9:d6:fc:ac:ba:58:
         dd:58:de:12:f3:89:b3:bf:20:0b:17:26:e0:4a:5d:0d:07:67:
         07:6a:74:e4:50:fb:89:fb:22:ae:d5:4f:ab:0e:34:41:71:be:
         26:9e:e4:45:33:76:0e:0c:5f:f2:d8:e6:89:12:2f:ff:20:b7:
         a8:96:ad:62:3a:39:d3:3a:65:a9:3f:3e:7d:00:78:2e:11:96:
         85:62:06:4a:6e:5e:43:d6:71:85:d0:06:b3:ac:f1:e9:9d:bb:
         78:4d:5e:a6:f6:46:44:58:38:cf:d6:97:ca:c7:ca:b2:79:56:
         88:cb:76:9f:3d:8f:65:2c:72:2f:78:59:d2:36:42:83:db:ff:
         d7:82:d8:a9:9f:4c:91:6f:a8:d1:f9:f9:7e:8d:b7:4b:10:b8:
         07:0f:e5:2d:48:aa:2a:75:d3:14:48:d9:6d:be:a9:a9:62:1f:
         18:46:8a:dc:f9:3e:73:7d:58:fa:f2:2a:59:c9:ac:ca:a2:83:
         d8:d5:93:8d:da:0b:5c:c8:74:12:c4:ec:5e:61:e6:17:21:a2:
         b4:03:a9:9a:a5:f9:66:fe:4c:e6:46:57:db:65:1a:ba:94:e6:
         b3:59:2e:fc:27:8a:a0:df:f2:bc:b9:f3:aa:42:7c:b8:00:59:
         5c:24:ad:0c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ2NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMwQUU2NTU3QjVGMkRB
NzRENDFBQzJCQTgwQUFFQTFCNTM2NTNEOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7/BfRbiFTaXQnkiGbgfyhz3SmeIGPebU1YiPPeNfJwFi8UlyI
QeULBhdgBhe+Yt7WFK7Dxwaf5xc+7x+LQH+2pc6owRCvuvnFTNFLoPcC3AAMTPNA
RmVXipPoXYezXVm2trxfjDDYPbZvefmBfnb0gidaaRzOa75s6TjwB/fHaSgdFkWT
6OSLf0PVYyuD5EReQULl4BpVhLOpliCaOZJNNJqOz0Gyew4S11EUNDrtsHmHdZK+
3+rBX4U+8lP/tT/+o66FgUfGjaSHClygJz3DKcFOA0Z0OKcaYywG1GkgwmLKMcuW
Pahv1ulC4mlVy8jsiXaiMuGJ0blmrOG4blWZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMK5lV7Xy2nTUGsK6gKrqG1NlPYwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvTUs1bFY3WHkyblRVR3NL
NmdLcnFHMU5sUFl3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AD0fxTANBgkqhkiG9w0BAQsFAAOCAQEAb91munU2bBiUHJXGqdb8rLpY3VjeEvOJ
s78gCxcm4EpdDQdnB2p05FD7ifsirtVPqw40QXG+Jp7kRTN2Dgxf8tjmiRIv/yC3
qJatYjo50zplqT8+fQB4LhGWhWIGSm5eQ9ZxhdAGs6zx6Z27eE1epvZGRFg4z9aX
ysfKsnlWiMt2nz2PZSxyL3hZ0jZCg9v/14LYqZ9MkW+o0fn5fo23SxC4Bw/lLUiq
KnXTFEjZbb6pqWIfGEaK3Pk+c31Y+vIqWcmsyqKD2NWTjdoLXMh0EsTsXmHmFyGi
tAOpmqX5Zv5M5kZX22UaupTms1ku/CeKoN/yvLnzqkJ8uABZXCStDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org