Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/NtAS8Tt-wePZ-8JgsGc2cXH1aIw.roa
File:                     NtAS8Tt-wePZ-8JgsGc2cXH1aIw.roa (raw, json)
Hash identifier:          IEUdgzJqIKGgLM6KnqrLKjhx6LUioiwTU35aPdoYDmk=
Subject key identifier:   36:D0:12:F1:3B:7E:C1:E3:D9:FB:C2:60:B0:67:36:71:71:F5:68:8C
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0808
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/NtAS8Tt-wePZ-8JgsGc2cXH1aIw.roa
Signing time:             Tue 29 Sep 2020 09:57:41 +0000
ROA not before:           Tue 29 Sep 2020 09:57:41 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        60.198.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2056 (0x808)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 09:57:41 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=36D012F13B7EC1E3D9FBC260B067367171F5688C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:16:19:c8:6d:4d:ef:0e:f7:68:99:ea:d1:d7:
                    8d:31:b3:10:cd:13:69:f9:f0:43:1c:1e:b6:42:49:
                    af:a6:44:8c:8b:f9:3c:86:71:3b:1a:e4:0c:9e:ca:
                    ea:bf:f8:75:ef:aa:31:2a:47:db:49:fd:51:bb:e3:
                    6c:a1:79:a7:f2:fa:c9:e3:8c:c8:48:ff:2e:72:49:
                    19:94:e8:30:e7:11:e9:d4:70:2f:48:9a:3c:85:5b:
                    31:38:8e:96:f5:90:a9:94:40:66:bb:df:2f:ec:cf:
                    20:b3:62:38:5a:78:c9:fa:56:d0:2d:6b:ad:cd:9a:
                    e6:39:38:9a:f9:c3:aa:89:58:8d:60:18:36:73:dd:
                    35:c7:86:c5:0f:00:55:33:c0:32:9c:2c:82:49:ee:
                    54:d2:dd:5f:fa:26:81:c1:74:86:82:c8:d1:1a:07:
                    4b:b9:f2:f7:36:98:59:64:ff:ee:2f:9f:c1:45:37:
                    2a:79:ca:f0:9e:be:b5:e2:de:03:b0:44:a6:c5:74:
                    f6:a8:db:d7:a5:1c:9e:9d:f6:c3:6e:64:34:09:9a:
                    ac:1d:e9:66:84:92:f8:53:5d:f8:73:22:f5:8a:bb:
                    ed:45:d0:c7:80:63:b4:a7:12:ab:bd:d5:6e:f8:b5:
                    f9:b3:24:32:04:50:61:c2:26:95:7b:9e:ff:65:bf:
                    63:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D0:12:F1:3B:7E:C1:E3:D9:FB:C2:60:B0:67:36:71:71:F5:68:8C
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/NtAS8Tt-wePZ-8JgsGc2cXH1aIw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.198.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         31:a6:f6:1e:47:06:e0:58:0d:e8:6a:f4:1d:ee:6f:1c:2e:c7:
         b9:86:ab:28:e8:e8:f2:10:73:07:64:c6:00:62:f5:f7:69:4d:
         a9:29:43:89:bb:2e:7e:32:f2:93:67:28:6b:da:ff:08:a8:83:
         94:36:11:8c:1e:79:d5:ec:5d:10:24:4f:45:ca:80:82:ea:6d:
         8a:9e:91:73:09:f9:3b:e9:56:04:10:66:f5:c6:3e:9f:3d:41:
         dd:d5:b7:0b:ee:f6:1c:e4:a8:94:c4:50:da:5e:f2:e1:35:a3:
         06:20:98:4c:44:f2:c8:e8:c6:8c:67:b5:bb:57:c9:f9:d6:e8:
         56:33:ba:6e:21:72:7c:a2:1e:f7:d9:59:03:94:38:22:ef:c4:
         41:37:62:c8:e3:71:2b:2c:c9:3f:a0:ae:cc:43:66:4b:f2:20:
         b2:0b:7b:81:7e:20:f6:fd:40:c7:a2:e8:09:6c:e2:ba:18:9f:
         87:e2:2e:aa:1b:96:90:ca:eb:a0:6b:1b:e7:6f:98:eb:21:85:
         f1:22:0a:d0:12:ea:65:2b:fe:f8:ca:14:88:70:45:1c:51:ee:
         d9:bd:45:41:93:1f:64:89:6a:1c:75:71:fb:34:e6:81:3f:7d:
         49:24:e0:90:1a:3c:fc:a9:ea:91:ff:85:8e:5d:26:fc:a0:13:
         67:a3:de:5a
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICCAgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDA5Mjkw
OTU3NDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM2RDAxMkYxM0I3RUMx
RTNEOUZCQzI2MEIwNjczNjcxNzFGNTY4OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/FhnIbU3vDvdomerR140xsxDNE2n58EMcHrZCSa+mRIyL+TyG
cTsa5Ayeyuq/+HXvqjEqR9tJ/VG742yheafy+snjjMhI/y5ySRmU6DDnEenUcC9I
mjyFWzE4jpb1kKmUQGa73y/szyCzYjhaeMn6VtAta63NmuY5OJr5w6qJWI1gGDZz
3TXHhsUPAFUzwDKcLIJJ7lTS3V/6JoHBdIaCyNEaB0u58vc2mFlk/+4vn8FFNyp5
yvCevrXi3gOwRKbFdPao29elHJ6d9sNuZDQJmqwd6WaEkvhTXfhzIvWKu+1F0MeA
Y7SnEqu91W74tfmzJDIEUGHCJpV7nv9lv2M5AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUNtAS8Tt+wePZ+8JgsGc2cXH1aIwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvTnRBUzhUdC13ZVBaLThK
Z3NHYzJjWEgxYUl3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
ADzGMA0GCSqGSIb3DQEBCwUAA4IBAQAxpvYeRwbgWA3oavQd7m8cLse5hqso6Ojy
EHMHZMYAYvX3aU2pKUOJuy5+MvKTZyhr2v8IqIOUNhGMHnnV7F0QJE9FyoCC6m2K
npFzCfk76VYEEGb1xj6fPUHd1bcL7vYc5KiUxFDaXvLhNaMGIJhMRPLI6MaMZ7W7
V8n51uhWM7puIXJ8oh732VkDlDgi78RBN2LI43ErLMk/oK7MQ2ZL8iCyC3uBfiD2
/UDHougJbOK6GJ+H4i6qG5aQyuugaxvnb5jrIYXxIgrQEuplK/74yhSIcEUcUe7Z
vUVBkx9kiWocdXH7NOaBP31JJOCQGjz8qeqR/4WOXSb8oBNno95a
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org