Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/TU1zNLwJPrmLtvYX2Rd2dOCOi_g.roa
File:                     TU1zNLwJPrmLtvYX2Rd2dOCOi_g.roa (raw, json)
Hash identifier:          NZwGIjQKf5ugxTsSTA85UhAUidTFNMUBISzxI3dMJdo=
Subject key identifier:   4D:4D:73:34:BC:09:3E:B9:8B:B6:F6:17:D9:17:76:74:E0:8E:8B:F8
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/TU1zNLwJPrmLtvYX2Rd2dOCOi_g.roa
Signing time:             Thu 15 Sep 2022 02:46:49 +0000
ROA not before:           Thu 15 Sep 2022 02:46:49 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        60.199.134.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:46:49 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=4D4D7334BC093EB98BB6F617D9177674E08E8BF8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:05:46:a0:6f:1e:0b:f3:cb:d3:3f:e1:98:77:
                    a1:79:7e:66:64:09:7e:fb:8f:08:f4:81:4d:cf:71:
                    7c:c1:a5:d5:eb:54:2d:2c:a4:20:16:cd:d0:c5:1e:
                    2f:1b:56:e1:c9:92:0b:69:39:ce:75:0a:95:1c:7e:
                    1b:8d:81:98:da:2a:e8:58:88:4f:7d:49:f1:d6:1d:
                    5c:9c:0a:01:bd:f2:66:8b:6c:2e:cd:c8:32:0b:6d:
                    12:22:51:49:9c:8e:6c:43:b9:fc:b2:b3:85:ad:1c:
                    7e:d2:df:40:ca:e3:37:4d:b2:f2:98:e7:b2:55:8f:
                    d8:50:a7:48:e2:59:b1:f1:a0:e0:bc:af:78:fd:f9:
                    e9:bf:6c:09:3a:58:3f:17:a4:5a:94:3f:35:22:db:
                    aa:36:10:5f:ac:49:29:f9:a8:c8:d2:c3:e8:6a:78:
                    b1:da:e1:d4:c1:4b:ee:04:33:ce:a9:7f:71:79:39:
                    f9:12:a1:55:8b:29:1f:9b:c6:13:00:0f:f8:ac:34:
                    c5:8a:b4:87:55:d4:f7:ac:9c:52:e8:a6:1e:98:54:
                    52:2b:01:56:21:f6:d0:18:ea:75:5a:9b:84:50:9f:
                    3b:58:e3:c8:c6:e4:e3:c3:20:3e:6e:a8:bb:90:2d:
                    86:39:6a:aa:f6:71:e3:f0:18:76:93:b6:fd:2d:96:
                    12:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:4D:73:34:BC:09:3E:B9:8B:B6:F6:17:D9:17:76:74:E0:8E:8B:F8
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/TU1zNLwJPrmLtvYX2Rd2dOCOi_g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.199.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:01:f6:46:d6:c5:ad:1b:65:ab:ef:2d:c1:e4:cc:2d:37:6e:
         3e:e8:95:47:46:7c:4d:72:ea:e7:79:ac:a2:9e:4b:77:ab:aa:
         73:50:ca:70:d8:d2:2f:fc:38:47:b4:43:14:f2:c7:32:28:54:
         d8:1a:b8:f1:97:8c:4b:bd:7f:df:a6:eb:8d:4d:51:3b:e2:c1:
         cb:2c:bb:d9:11:22:df:7a:4a:60:75:4c:7c:02:24:6a:4f:fb:
         65:58:ae:ae:6d:5a:99:07:2a:34:4f:f8:ee:0f:f3:6c:92:bd:
         9b:8f:eb:49:cc:24:3e:7d:03:f2:12:2e:34:b5:69:58:9c:5d:
         60:b6:67:dd:40:f5:be:f0:eb:5f:8c:e9:e4:4c:8a:a9:7b:0e:
         90:67:c0:07:aa:ba:3f:21:8c:f8:05:df:61:db:e3:51:c8:c0:
         8f:07:6c:77:cf:3a:a4:82:4e:84:43:91:92:63:db:61:a5:0e:
         47:9f:94:9e:01:cf:ab:bf:aa:7b:2f:59:96:6a:a8:06:58:8a:
         3e:74:e4:2a:c8:68:d3:16:59:5f:d3:c4:0c:13:91:cd:d3:51:
         eb:6e:b1:bd:16:c4:32:4b:f5:2d:68:fe:77:c0:87:d8:e1:a6:
         bd:9e:f9:2f:bb:63:4f:18:8b:3d:3f:e2:da:87:10:de:a4:19:
         32:71:55:f8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ2NDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRENEQ3MzM0QkMwOTNF
Qjk4QkI2RjYxN0Q5MTc3Njc0RTA4RThCRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/BUagbx4L88vTP+GYd6F5fmZkCX77jwj0gU3PcXzBpdXrVC0s
pCAWzdDFHi8bVuHJkgtpOc51CpUcfhuNgZjaKuhYiE99SfHWHVycCgG98maLbC7N
yDILbRIiUUmcjmxDufyys4WtHH7S30DK4zdNsvKY57JVj9hQp0jiWbHxoOC8r3j9
+em/bAk6WD8XpFqUPzUi26o2EF+sSSn5qMjSw+hqeLHa4dTBS+4EM86pf3F5OfkS
oVWLKR+bxhMAD/isNMWKtIdV1PesnFLoph6YVFIrAVYh9tAY6nVam4RQnztY48jG
5OPDID5uqLuQLYY5aqr2cePwGHaTtv0tlhL9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTU1zNLwJPrmLtvYX2Rd2dOCOi/gwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvVFUxek5Md0pQcm1MdHZZ
WDJSZDJkT0NPaV9nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzHhjANBgkqhkiG9w0BAQsFAAOCAQEAeQH2RtbFrRtlq+8tweTMLTduPuiVR0Z8
TXLq53msop5Ld6uqc1DKcNjSL/w4R7RDFPLHMihU2Bq48ZeMS71/36brjU1RO+LB
yyy72REi33pKYHVMfAIkak/7ZViurm1amQcqNE/47g/zbJK9m4/rScwkPn0D8hIu
NLVpWJxdYLZn3UD1vvDrX4zp5EyKqXsOkGfAB6q6PyGM+AXfYdvjUcjAjwdsd886
pIJOhEORkmPbYaUOR5+UngHPq7+qey9ZlmqoBliKPnTkKsho0xZZX9PEDBORzdNR
626xvRbEMkv1LWj+d8CH2OGmvZ75L7tjTxiLPT/i2ocQ3qQZMnFV+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org