Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/UZ2L_zKWt-hOg9zeAje1WFhgGfc.roa
File:                     UZ2L_zKWt-hOg9zeAje1WFhgGfc.roa (raw, json)
Hash identifier:          JDVtSeDQkh5Bg2uI/Qs0wPdtvrDMs7IvSzMQefB7u0k=
Subject key identifier:   51:9D:8B:FF:32:96:B7:E8:4E:83:DC:DE:02:37:B5:58:58:60:19:F7
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0C87
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/UZ2L_zKWt-hOg9zeAje1WFhgGfc.roa
Signing time:             Wed 29 Sep 2021 02:49:56 +0000
ROA not before:           Wed 29 Sep 2021 02:49:56 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24164
IP address blocks:        203.77.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3207 (0xc87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:49:56 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=519D8BFF3296B7E84E83DCDE0237B558586019F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:12:47:16:11:74:83:92:13:5a:29:c0:7e:dc:
                    73:56:8b:1e:3b:22:6c:51:28:0f:43:9c:f8:16:f3:
                    2c:40:9e:63:c1:79:c9:be:87:ec:aa:b3:77:e0:8a:
                    87:07:66:7a:4c:80:48:ad:f5:ac:82:68:1c:1f:6d:
                    19:89:41:c1:2b:a5:5b:15:da:6f:4f:1e:91:02:d8:
                    27:d2:1d:8e:c3:22:13:98:87:88:97:d0:2a:75:12:
                    91:3f:8b:ce:32:46:83:a9:13:8b:33:9c:6c:f6:30:
                    35:8f:71:88:cd:a1:1a:47:6f:08:0e:76:8a:2d:3a:
                    ef:1a:9d:4c:01:b8:7f:4c:84:a3:a4:bb:3c:d1:1f:
                    e2:a0:47:12:80:96:e1:c5:2b:c1:99:75:2a:10:67:
                    aa:44:1b:50:45:7d:fd:17:29:e5:af:a1:c6:65:12:
                    b4:e1:4e:f0:ef:0e:ba:b0:e8:4f:92:ef:d1:b3:1a:
                    2a:a5:6e:b2:1c:0b:24:6a:c6:e2:3e:70:c2:66:d6:
                    60:b4:06:15:90:ca:fc:2a:d0:24:8c:e1:d5:31:b1:
                    cc:18:b8:92:4f:18:dd:88:7e:5f:7a:ff:3e:7d:6c:
                    5d:0a:6b:00:40:0d:03:85:df:ea:08:23:86:ae:a0:
                    a2:04:7f:e8:8c:2f:72:91:f9:7d:4b:1e:e5:a3:37:
                    aa:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:9D:8B:FF:32:96:B7:E8:4E:83:DC:DE:02:37:B5:58:58:60:19:F7
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/UZ2L_zKWt-hOg9zeAje1WFhgGfc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:90:c6:88:fb:6d:cf:91:e4:26:42:08:99:80:68:8b:68:38:
         36:40:db:85:c5:ff:76:ce:46:b7:43:5c:f5:e2:28:1a:37:ed:
         a2:8b:fc:32:df:10:f4:d4:0f:28:ed:02:a2:ad:07:1e:cf:01:
         e7:5e:5c:cd:42:3b:64:d9:11:d3:cb:d4:b3:de:bc:85:7b:4c:
         8a:29:fd:35:d2:c0:ea:88:c6:73:ed:10:47:5c:4d:97:f0:67:
         b4:0b:50:9d:cb:c3:58:d8:c8:36:0f:42:94:e9:b8:a0:e7:7e:
         37:ec:2f:92:2f:b6:26:a6:a4:47:63:bc:51:2e:11:b5:58:75:
         07:d3:48:3e:94:52:39:ee:6c:9e:9a:c1:e9:6f:bd:33:b8:3b:
         44:8f:63:a0:29:c6:f3:78:8f:4a:97:f4:7e:00:82:8a:3a:a0:
         fc:99:1b:cc:4b:2c:85:96:62:cf:c9:8d:f8:5d:ff:48:18:f1:
         9b:46:c6:6b:e7:be:d1:c5:79:e8:45:98:de:ce:5f:f4:52:bd:
         ab:89:50:e7:df:e5:68:95:d0:c4:9c:d6:06:39:d2:71:94:0d:
         f2:84:8c:29:13:de:89:dd:6b:50:24:ad:32:42:bf:4f:bb:57:
         8a:e0:79:0f:6d:57:20:3d:49:d9:d5:09:d1:fa:99:9d:81:79:
         5e:d9:bb:cb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjQ5NTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDUxOUQ4QkZGMzI5NkI3
RTg0RTgzRENERTAyMzdCNTU4NTg2MDE5RjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZEkcWEXSDkhNaKcB+3HNWix47ImxRKA9DnPgW8yxAnmPBecm+
h+yqs3fgiocHZnpMgEit9ayCaBwfbRmJQcErpVsV2m9PHpEC2CfSHY7DIhOYh4iX
0Cp1EpE/i84yRoOpE4sznGz2MDWPcYjNoRpHbwgOdootOu8anUwBuH9MhKOkuzzR
H+KgRxKAluHFK8GZdSoQZ6pEG1BFff0XKeWvocZlErThTvDvDrqw6E+S79GzGiql
brIcCyRqxuI+cMJm1mC0BhWQyvwq0CSM4dUxscwYuJJPGN2Ifl96/z59bF0KawBA
DQOF3+oII4auoKIEf+iML3KR+X1LHuWjN6qDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUZ2L/zKWt+hOg9zeAje1WFhgGfcwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvVVoyTF96S1d0LWhPZzl6
ZUFqZTFXRmhnR2ZjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMtNNDANBgkqhkiG9w0BAQsFAAOCAQEAWZDGiPttz5HkJkIImYBoi2g4NkDbhcX/
ds5Gt0Nc9eIoGjftoov8Mt8Q9NQPKO0Coq0HHs8B515czUI7ZNkR08vUs968hXtM
iin9NdLA6ojGc+0QR1xNl/BntAtQncvDWNjINg9ClOm4oOd+N+wvki+2JqakR2O8
US4RtVh1B9NIPpRSOe5snprB6W+9M7g7RI9joCnG83iPSpf0fgCCijqg/JkbzEss
hZZiz8mN+F3/SBjxm0bGa+e+0cV56EWY3s5f9FK9q4lQ59/laJXQxJzWBjnScZQN
8oSMKRPeid1rUCStMkK/T7tXiuB5D21XID1J2dUJ0fqZnYF5Xtm7yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org