Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ZOFSC-_s3Nd1K57rf0_CdgYFLok.roa
File:                     ZOFSC-_s3Nd1K57rf0_CdgYFLok.roa (raw, json)
Hash identifier:          hoV7V6nk8zMR3E6VoBAku831m0pePhVUIRXg/vFvtoQ=
Subject key identifier:   64:E1:52:0B:EF:EC:DC:D7:75:2B:9E:EB:7F:4F:C2:76:06:05:2E:89
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ZOFSC-_s3Nd1K57rf0_CdgYFLok.roa
Signing time:             Thu 15 Sep 2022 02:47:01 +0000
ROA not before:           Thu 15 Sep 2022 02:47:01 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        210.17.7.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:01 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=64E1520BEFECDCD7752B9EEB7F4FC27606052E89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f0:fb:80:01:65:a3:82:ac:6f:75:a6:83:eb:
                    72:65:9c:bf:49:d3:8d:d4:6a:2a:77:b6:a0:38:23:
                    e1:b6:4b:c3:ea:f1:4b:ad:45:d8:de:19:37:b9:9a:
                    75:ca:4a:11:d5:2c:2a:89:3d:d7:5d:cc:2a:d0:2b:
                    dd:7c:a8:1a:5e:0f:1f:fc:3b:d3:65:16:d3:76:3e:
                    bf:68:74:1d:42:68:84:16:85:ce:91:30:7d:90:4a:
                    f2:a1:0b:90:8e:54:75:8f:c3:fd:27:9f:4a:2a:ed:
                    d5:aa:a3:d6:00:ef:4a:c6:c3:42:4e:b5:21:ec:5b:
                    32:fa:14:43:95:92:f8:44:bb:a9:24:d4:13:06:63:
                    32:10:e6:fb:15:96:6d:8a:97:07:26:d0:b9:85:b0:
                    df:0b:a1:34:16:22:f0:cb:11:af:52:e5:8d:ca:fc:
                    82:23:21:ba:ba:1f:f6:b6:b6:a4:d3:18:44:b6:5f:
                    64:9f:45:e1:b1:47:1f:3b:75:90:ea:2e:88:71:af:
                    5a:e1:af:f3:ed:ac:b8:03:d0:7c:1b:77:5d:85:d2:
                    6b:a7:91:f2:0d:38:b2:72:2f:25:e4:f0:de:3f:d0:
                    08:a9:50:f4:49:83:74:73:62:ad:e4:17:49:b0:ea:
                    a8:b5:aa:97:de:57:dd:f8:78:a7:5e:91:d7:3d:e4:
                    47:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:E1:52:0B:EF:EC:DC:D7:75:2B:9E:EB:7F:4F:C2:76:06:05:2E:89
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ZOFSC-_s3Nd1K57rf0_CdgYFLok.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:ee:a8:e5:63:4a:59:ca:75:7c:34:d4:66:77:d3:51:f2:2a:
         7c:30:df:40:b6:ec:ed:25:6d:6a:53:4b:69:a2:3e:e2:c6:e9:
         7d:57:09:58:93:23:77:33:b2:ea:39:dc:86:f8:b1:c3:ce:1f:
         5a:7a:64:f7:e2:b6:f8:86:28:41:6e:eb:8c:f5:bc:2a:d9:f5:
         23:2d:ee:cb:6b:a3:04:4a:06:88:3d:48:c0:07:bf:2e:86:44:
         c6:ca:7f:63:22:48:ad:32:86:8f:f6:35:7c:d9:bb:99:15:9f:
         c8:a8:5c:5a:c4:6c:45:d9:e7:1c:3a:fe:83:4f:97:9f:91:fe:
         66:66:ea:53:bd:95:2a:44:4d:1b:f6:1e:8c:38:b6:ad:4c:9e:
         a0:f1:03:94:b4:06:30:0a:ab:27:7b:c7:13:42:3e:3e:50:bd:
         93:01:2e:ba:48:6f:84:5b:76:22:3f:8b:80:01:38:01:59:3e:
         c3:05:ff:fa:c7:0d:1b:91:98:99:0d:88:49:7b:24:ce:08:68:
         e6:5b:87:1e:d9:26:10:1a:59:01:61:a7:c1:1e:0f:09:1f:59:
         74:05:16:9b:9c:33:4f:81:0e:09:c6:f4:7a:68:c7:26:0d:a7:
         01:c6:7b:d9:d6:3d:a6:64:63:76:7e:7c:4b:b5:84:e8:9c:8f:
         d6:fb:f9:88
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY0RTE1MjBCRUZFQ0RD
RDc3NTJCOUVFQjdGNEZDMjc2MDYwNTJFODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDO8PuAAWWjgqxvdaaD63JlnL9J043Uaip3tqA4I+G2S8Pq8Uut
RdjeGTe5mnXKShHVLCqJPdddzCrQK918qBpeDx/8O9NlFtN2Pr9odB1CaIQWhc6R
MH2QSvKhC5COVHWPw/0nn0oq7dWqo9YA70rGw0JOtSHsWzL6FEOVkvhEu6kk1BMG
YzIQ5vsVlm2Klwcm0LmFsN8LoTQWIvDLEa9S5Y3K/IIjIbq6H/a2tqTTGES2X2Sf
ReGxRx87dZDqLohxr1rhr/PtrLgD0Hwbd12F0munkfINOLJyLyXk8N4/0AipUPRJ
g3RzYq3kF0mw6qi1qpfeV934eKdekdc95EcFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZOFSC+/s3Nd1K57rf0/CdgYFLokwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvWk9GU0MtX3MzTmQxSzU3
cmYwX0NkZ1lGTG9rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRBzANBgkqhkiG9w0BAQsFAAOCAQEAE+6o5WNKWcp1fDTUZnfTUfIqfDDfQLbs
7SVtalNLaaI+4sbpfVcJWJMjdzOy6jnchvixw84fWnpk9+K2+IYoQW7rjPW8Ktn1
Iy3uy2ujBEoGiD1IwAe/LoZExsp/YyJIrTKGj/Y1fNm7mRWfyKhcWsRsRdnnHDr+
g0+Xn5H+ZmbqU72VKkRNG/YejDi2rUyeoPEDlLQGMAqrJ3vHE0I+PlC9kwEuukhv
hFt2Ij+LgAE4AVk+wwX/+scNG5GYmQ2ISXskzgho5luHHtkmEBpZAWGnwR4PCR9Z
dAUWm5wzT4EOCcb0emjHJg2nAcZ72dY9pmRjdn58S7WE6JyP1vv5iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org