Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Ois90Bpo-lkqhYs13G-oq1I8h4Q.roa
File:                     Ois90Bpo-lkqhYs13G-oq1I8h4Q.roa (raw, json)
Hash identifier:          RmN6iOBkjrvoiCgLp/O3nIhgDQmDXEP2xb4Ss4smzc0=
Subject key identifier:   3A:2B:3D:D0:1A:68:FA:59:2A:85:8B:35:DC:6F:A8:AB:52:3C:87:84
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0C89
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Ois90Bpo-lkqhYs13G-oq1I8h4Q.roa
Signing time:             Wed 29 Sep 2021 02:49:57 +0000
ROA not before:           Wed 29 Sep 2021 02:49:57 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     4662
IP address blocks:        203.77.64.0/18 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3209 (0xc89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:49:57 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=3A2B3DD01A68FA592A858B35DC6FA8AB523C8784
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:36:3b:72:38:2e:79:86:6b:b2:da:33:cb:e7:
                    f8:a8:4b:01:90:8b:89:c5:7f:a2:42:b6:bb:0b:c6:
                    51:cf:2a:bb:8b:e5:a6:87:4c:1f:d4:76:ac:b7:85:
                    4a:c1:d3:07:7d:1c:6e:c4:2f:4b:7e:d1:b5:0f:91:
                    14:aa:9a:52:17:76:1d:5f:cd:fd:9b:11:94:42:57:
                    f1:eb:70:4f:cf:20:ca:42:8f:66:ee:67:8d:8a:30:
                    cb:8a:5e:42:07:a9:6d:f4:ff:24:10:c9:0c:1a:de:
                    ef:ff:15:d3:6e:b0:a1:1e:62:a0:1b:01:c6:97:95:
                    4d:33:aa:8c:7f:49:d7:fe:08:d1:1f:f0:e4:53:bb:
                    41:56:c3:db:e5:ed:ba:13:bf:b4:c5:de:37:b3:06:
                    55:84:76:36:ad:d6:7b:ad:a1:94:1f:3d:b2:f1:ed:
                    0e:8b:ed:68:c8:c9:fc:63:d2:eb:89:66:3a:25:b5:
                    4e:41:d2:1c:12:fa:c3:30:8d:47:9a:d2:84:4c:e5:
                    0a:e0:d1:1f:27:8e:c5:ac:39:87:84:ad:53:9b:2b:
                    e7:8b:86:dc:c5:b3:56:7b:9b:1c:44:8d:ff:fa:ae:
                    58:74:24:f8:d4:16:26:ed:9d:69:f7:58:99:34:83:
                    72:8b:97:df:2b:84:91:74:71:7b:30:20:a9:a5:19:
                    2f:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:2B:3D:D0:1A:68:FA:59:2A:85:8B:35:DC:6F:A8:AB:52:3C:87:84
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Ois90Bpo-lkqhYs13G-oq1I8h4Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         69:05:34:99:2a:55:55:22:1d:c4:8b:7d:00:33:06:08:23:fa:
         80:90:3d:4e:df:44:f8:a3:fc:5f:31:5d:45:e3:14:65:29:9b:
         4c:11:bc:74:5c:4d:15:49:ca:2e:9f:8a:7c:08:bd:d6:29:81:
         2d:09:4a:16:d0:38:af:e5:90:17:12:94:40:a5:21:61:cb:34:
         70:23:95:c5:3b:0f:7f:c8:0e:57:54:32:7a:a8:7f:05:91:32:
         8e:72:ba:78:41:ef:4a:bb:46:54:ff:d6:b7:95:7c:b1:c2:94:
         2d:47:cc:da:ec:1f:b2:1d:ba:b9:2a:26:1a:68:65:ca:c3:51:
         90:53:5e:70:f6:ff:ff:a6:2a:ed:8d:d8:15:f4:d1:b1:1e:f4:
         58:10:eb:28:3e:c4:27:11:3b:9d:ed:94:eb:5b:2e:a8:fd:2c:
         9f:0b:cb:8e:22:53:3f:c5:3b:71:9b:d0:cf:17:57:b0:ec:d3:
         01:b0:d0:75:39:94:21:72:93:c8:17:80:22:6f:41:44:d5:ee:
         c0:8e:4c:c4:fc:89:45:e6:84:30:f7:23:13:08:f0:0c:e2:75:
         3a:2f:a1:53:6e:0e:00:04:25:0e:a9:c4:88:7e:53:dc:60:00:
         61:ee:08:7b:d3:54:75:ce:64:87:98:08:82:3a:08:75:3d:51:
         b1:a5:ff:b2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjQ5NTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDNBMkIzREQwMUE2OEZB
NTkyQTg1OEIzNURDNkZBOEFCNTIzQzg3ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9NjtyOC55hmuy2jPL5/ioSwGQi4nFf6JCtrsLxlHPKruL5aaH
TB/Udqy3hUrB0wd9HG7EL0t+0bUPkRSqmlIXdh1fzf2bEZRCV/HrcE/PIMpCj2bu
Z42KMMuKXkIHqW30/yQQyQwa3u//FdNusKEeYqAbAcaXlU0zqox/Sdf+CNEf8ORT
u0FWw9vl7boTv7TF3jezBlWEdjat1nutoZQfPbLx7Q6L7WjIyfxj0uuJZjoltU5B
0hwS+sMwjUea0oRM5Qrg0R8njsWsOYeErVObK+eLhtzFs1Z7mxxEjf/6rlh0JPjU
FibtnWn3WJk0g3KLl98rhJF0cXswIKmlGS+NAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOis90Bpo+lkqhYs13G+oq1I8h4QwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvT2lzOTBCcG8tbGtxaFlz
MTNHLW9xMUk4aDRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BstNQDANBgkqhkiG9w0BAQsFAAOCAQEAaQU0mSpVVSIdxIt9ADMGCCP6gJA9Tt9E
+KP8XzFdReMUZSmbTBG8dFxNFUnKLp+KfAi91imBLQlKFtA4r+WQFxKUQKUhYcs0
cCOVxTsPf8gOV1Qyeqh/BZEyjnK6eEHvSrtGVP/Wt5V8scKULUfM2uwfsh26uSom
GmhlysNRkFNecPb//6Yq7Y3YFfTRsR70WBDrKD7EJxE7ne2U61suqP0snwvLjiJT
P8U7cZvQzxdXsOzTAbDQdTmUIXKTyBeAIm9BRNXuwI5MxPyJReaEMPcjEwjwDOJ1
Oi+hU24OAAQlDqnEiH5T3GAAYe4Ie9NUdc5kh5gIgjoIdT1RsaX/sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org