Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/S_-QA6dh5qXdWS6baZMp_3Ji1r4.roa
File:                     S_-QA6dh5qXdWS6baZMp_3Ji1r4.roa (raw, json)
Hash identifier:          Yb3RRr4C80qoF2UYA/liJhjFK8Y0D4/SwpFxESLkwc8=
Subject key identifier:   4B:FF:90:03:A7:61:E6:A5:DD:59:2E:9B:69:93:29:FF:72:62:D6:BE
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0A8A
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/S_-QA6dh5qXdWS6baZMp_3Ji1r4.roa
Signing time:             Sun 07 Feb 2021 11:36:33 +0000
ROA not before:           Sun 07 Feb 2021 11:36:33 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        203.105.224.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2698 (0xa8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Feb  7 11:36:33 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=4BFF9003A761E6A5DD592E9B699329FF7262D6BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:88:26:7d:4d:02:9b:fc:b1:8d:b6:59:14:b9:
                    95:b7:ed:32:e4:d0:81:80:59:e5:ad:44:c8:76:f7:
                    03:16:be:a8:85:8b:97:df:f4:b8:89:29:b9:1c:aa:
                    24:b2:47:8a:0c:20:0c:10:ad:0a:6e:bf:2c:9f:b4:
                    70:ca:da:4b:d1:07:b1:81:7b:19:de:b0:47:04:ea:
                    26:74:b2:b0:6d:1e:cc:97:87:f0:e4:e0:9e:11:1e:
                    17:32:4e:14:14:b8:d9:6e:92:60:2a:d6:36:48:af:
                    5c:c7:c7:af:0a:91:fd:6f:f7:fa:ba:61:04:57:ea:
                    38:1b:b3:97:2d:ea:ee:a1:a6:5c:c3:fe:bd:f7:5c:
                    fc:a5:ea:62:0b:b5:1d:85:9b:9b:90:70:10:de:5e:
                    88:46:6f:ca:2e:99:87:44:99:65:a5:3d:bf:4d:74:
                    07:52:4e:2d:a5:e0:9f:c6:0f:a4:44:2e:02:16:8f:
                    b2:43:6d:79:ea:a7:5f:3a:b2:63:33:82:43:27:50:
                    b7:a8:fe:af:fc:53:f4:dd:21:4f:22:96:ac:ba:c2:
                    a2:63:76:da:b0:6f:a3:63:78:9a:ab:78:77:42:63:
                    81:38:35:33:5f:e0:4e:04:b1:8f:f9:35:8d:ca:41:
                    c2:24:e6:65:a1:28:01:70:0c:45:fe:95:9b:05:53:
                    5d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:FF:90:03:A7:61:E6:A5:DD:59:2E:9B:69:93:29:FF:72:62:D6:BE
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/S_-QA6dh5qXdWS6baZMp_3Ji1r4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.105.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         0d:52:7b:c7:54:fd:cf:8c:3e:bf:77:32:4f:d3:2a:d1:c9:1e:
         f0:34:aa:05:9f:9a:3b:86:b4:81:df:7f:60:e3:3f:75:5e:78:
         37:35:ae:00:7d:cd:0b:b1:ee:33:29:31:1c:3f:3a:db:5f:80:
         5f:0b:24:77:97:f5:27:5d:11:42:ad:f1:ff:83:21:7b:6f:50:
         00:13:b9:a5:10:b7:12:b0:50:c6:c7:6b:5a:53:da:45:44:07:
         cf:30:5b:3c:d0:d4:78:96:56:c0:b1:b6:2d:47:f2:e9:86:42:
         41:dc:40:b4:74:1e:cb:10:31:15:c1:51:af:e9:cb:b5:f5:89:
         16:fd:11:0d:53:dd:22:78:d6:32:b3:8a:56:c3:39:fb:8d:d4:
         b7:c6:96:e6:cf:d5:50:bd:ba:45:62:cc:dd:8c:e7:0a:0b:bc:
         ab:38:93:82:10:19:d0:5a:3a:6a:e6:11:ec:38:cc:36:97:b2:
         be:96:e9:f6:ed:70:8a:02:8d:64:ed:bb:c6:29:c0:56:04:6f:
         f8:a0:0d:34:55:41:c8:7d:cc:98:2a:eb:5a:3d:30:77:3e:2b:
         31:cf:48:0a:65:43:c6:29:39:a7:bd:21:a0:b9:f8:d6:41:52:
         82:62:a8:b8:58:68:a5:fd:00:da:fc:25:1f:4d:ee:0d:8a:56:
         aa:57:42:b7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MTM2MzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDRCRkY5MDAzQTc2MUU2
QTVERDU5MkU5QjY5OTMyOUZGNzI2MkQ2QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNiCZ9TQKb/LGNtlkUuZW37TLk0IGAWeWtRMh29wMWvqiFi5ff
9LiJKbkcqiSyR4oMIAwQrQpuvyyftHDK2kvRB7GBexnesEcE6iZ0srBtHsyXh/Dk
4J4RHhcyThQUuNlukmAq1jZIr1zHx68Kkf1v9/q6YQRX6jgbs5ct6u6hplzD/r33
XPyl6mILtR2Fm5uQcBDeXohGb8oumYdEmWWlPb9NdAdSTi2l4J/GD6RELgIWj7JD
bXnqp186smMzgkMnULeo/q/8U/TdIU8ilqy6wqJjdtqwb6NjeJqreHdCY4E4NTNf
4E4EsY/5NY3KQcIk5mWhKAFwDEX+lZsFU12fAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUS/+QA6dh5qXdWS6baZMp/3Ji1r4wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvU18tUUE2ZGg1cVhkV1M2
YmFaTXBfM0ppMXI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Bctp4DANBgkqhkiG9w0BAQsFAAOCAQEADVJ7x1T9z4w+v3cyT9Mq0cke8DSqBZ+a
O4a0gd9/YOM/dV54NzWuAH3NC7HuMykxHD8621+AXwskd5f1J10RQq3x/4Mhe29Q
ABO5pRC3ErBQxsdrWlPaRUQHzzBbPNDUeJZWwLG2LUfy6YZCQdxAtHQeyxAxFcFR
r+nLtfWJFv0RDVPdInjWMrOKVsM5+43Ut8aW5s/VUL26RWLM3YznCgu8qziTghAZ
0Fo6auYR7DjMNpeyvpbp9u1wigKNZO27xinAVgRv+KANNFVByH3MmCrrWj0wdz4r
Mc9ICmVDxik5p70hoLn41kFSgmKouFhopf0A2vwlH03uDYpWqldCtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org