Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/cCtSGGOg5rDr6mjPA0EpW_AttgA.roa
File:                     cCtSGGOg5rDr6mjPA0EpW_AttgA.roa (raw, json)
Hash identifier:          9ocbhaRPD6nn+QioUcpD2owC+Qt5GcV0RRask0e8rQE=
Subject key identifier:   70:2B:52:18:63:A0:E6:B0:EB:EA:68:CF:03:41:29:5B:F0:2D:B6:00
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/cCtSGGOg5rDr6mjPA0EpW_AttgA.roa
Signing time:             Thu 15 Sep 2022 02:47:32 +0000
ROA not before:           Thu 15 Sep 2022 02:47:32 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17213
IP address blocks:        60.198.154.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:32 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=702B521863A0E6B0EBEA68CF0341295BF02DB600
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a2:ce:82:68:48:fc:c3:81:80:f8:71:3c:f1:
                    7f:51:04:e1:80:d2:bc:0e:2e:cc:32:ae:eb:be:3d:
                    aa:29:5b:33:a8:ed:69:b9:9f:b2:94:94:c1:66:28:
                    83:25:af:32:5d:b7:6d:ae:51:b4:1b:1a:de:06:cd:
                    88:fd:a5:16:f9:1f:e4:32:0e:5d:97:b2:cf:ce:ec:
                    09:59:62:fc:05:87:c3:ce:b0:09:91:c1:c3:ac:11:
                    ca:6a:a5:c5:8f:b0:c9:00:70:1f:bb:77:75:a7:b5:
                    bf:ed:48:5f:1e:a8:56:49:2b:27:83:e7:38:e2:1c:
                    75:0a:d6:d4:96:5f:1f:20:b3:d6:e9:96:bd:4f:52:
                    e1:fa:99:7d:d8:21:e3:b3:f1:c0:5a:e0:e5:0d:ff:
                    c1:85:97:93:a9:74:33:dc:51:04:b5:95:cc:2b:d5:
                    07:b7:bd:14:4c:37:58:90:81:7f:53:9c:4c:a7:23:
                    ae:5c:15:b4:49:17:1e:5f:05:c7:8f:ad:0a:9e:69:
                    50:a4:58:32:ae:97:b2:22:cf:c7:b9:9e:a8:93:b4:
                    c3:56:b3:af:78:65:16:63:92:7f:42:47:8f:3b:e3:
                    ca:a0:99:0d:58:b9:c7:82:78:76:fa:65:5b:78:b1:
                    6d:32:42:c5:b1:13:71:54:74:be:c2:47:d2:2c:9f:
                    b4:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:2B:52:18:63:A0:E6:B0:EB:EA:68:CF:03:41:29:5B:F0:2D:B6:00
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/cCtSGGOg5rDr6mjPA0EpW_AttgA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.198.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:22:c2:fe:c2:a7:c7:43:ed:8c:d1:a7:da:73:b1:c4:3d:c8:
         f8:3f:d8:f5:e3:0d:5e:56:d5:74:d6:ea:46:c3:f1:1b:c5:88:
         9c:26:b8:2b:ab:86:c2:82:de:da:db:75:b5:57:97:43:ec:08:
         e9:58:e5:d9:4d:01:91:5d:ca:d7:86:5b:e2:de:aa:4f:20:c0:
         77:1d:70:6d:bf:11:95:ac:bf:ea:b9:01:4b:0e:f1:40:d6:54:
         15:f3:a9:f5:92:24:eb:f8:fb:6c:75:fa:97:2f:44:bd:b4:94:
         7b:1d:f2:5b:50:4b:fe:e6:55:4b:7d:1b:aa:c7:4a:43:ab:3d:
         f7:5a:b6:d7:c2:fc:34:1e:71:11:89:7b:9b:0b:1a:cc:92:b7:
         d2:e0:dd:96:2a:f9:13:53:a6:b8:43:89:7b:11:0f:71:1b:57:
         f6:ae:84:a5:69:e2:5f:f1:39:57:ac:f4:66:5a:e4:25:91:4f:
         79:ee:9c:19:17:ff:46:79:8d:b5:a9:e4:64:b9:9d:02:51:b0:
         09:81:bc:cc:93:b9:1e:f1:e3:16:86:60:ff:5f:0a:08:0c:9c:
         e8:b7:29:19:03:05:9e:53:7f:fb:a4:83:98:b4:cd:01:96:d0:
         75:9f:d0:e9:b2:e6:b6:92:79:07:2c:bc:7f:74:4b:14:b0:40:
         cd:29:3f:17
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDcwMkI1MjE4NjNBMEU2
QjBFQkVBNjhDRjAzNDEyOTVCRjAyREI2MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPos6CaEj8w4GA+HE88X9RBOGA0rwOLswyruu+PaopWzOo7Wm5
n7KUlMFmKIMlrzJdt22uUbQbGt4GzYj9pRb5H+QyDl2Xss/O7AlZYvwFh8POsAmR
wcOsEcpqpcWPsMkAcB+7d3Wntb/tSF8eqFZJKyeD5zjiHHUK1tSWXx8gs9bplr1P
UuH6mX3YIeOz8cBa4OUN/8GFl5OpdDPcUQS1lcwr1Qe3vRRMN1iQgX9TnEynI65c
FbRJFx5fBcePrQqeaVCkWDKul7Iiz8e5nqiTtMNWs694ZRZjkn9CR48748qgmQ1Y
uceCeHb6ZVt4sW0yQsWxE3FUdL7CR9Isn7RZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUcCtSGGOg5rDr6mjPA0EpW/AttgAwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvY0N0U0dHT2c1ckRyNm1q
UEEwRXBXX0F0dGdBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzGmjANBgkqhkiG9w0BAQsFAAOCAQEAFSLC/sKnx0PtjNGn2nOxxD3I+D/Y9eMN
XlbVdNbqRsPxG8WInCa4K6uGwoLe2tt1tVeXQ+wI6Vjl2U0BkV3K14Zb4t6qTyDA
dx1wbb8Rlay/6rkBSw7xQNZUFfOp9ZIk6/j7bHX6ly9EvbSUex3yW1BL/uZVS30b
qsdKQ6s991q218L8NB5xEYl7mwsazJK30uDdlir5E1OmuEOJexEPcRtX9q6EpWni
X/E5V6z0ZlrkJZFPee6cGRf/RnmNtankZLmdAlGwCYG8zJO5HvHjFoZg/18KCAyc
6LcpGQMFnlN/+6SDmLTNAZbQdZ/Q6bLmtpJ5Byy8f3RLFLBAzSk/Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org