Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/cnzmepm2IRd3i_BJnUbbawYbO_g.roa
File:                     cnzmepm2IRd3i_BJnUbbawYbO_g.roa (raw, json)
Hash identifier:          3/maN9/LqdEVgCHbclx+Uch1OhCHYBzeKsPGPaThq4w=
Subject key identifier:   72:7C:E6:7A:99:B6:21:17:77:8B:F0:49:9D:46:DB:6B:06:1B:3B:F8
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       07DF
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/cnzmepm2IRd3i_BJnUbbawYbO_g.roa
Signing time:             Tue 29 Sep 2020 09:57:29 +0000
ROA not before:           Tue 29 Sep 2020 09:57:29 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        60.198.40.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2015 (0x7df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 09:57:29 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=727CE67A99B62117778BF0499D46DB6B061B3BF8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:3f:8d:b2:94:78:66:88:27:9c:45:46:da:b1:
                    36:5f:5d:14:fa:08:f7:58:b1:31:46:ae:be:fb:b1:
                    61:a5:16:f4:77:ea:71:be:99:62:95:32:1a:d6:a4:
                    94:e8:4a:f0:c5:08:1b:45:78:10:10:6c:26:66:e4:
                    6f:ca:ed:5a:43:4e:14:d3:64:f3:de:02:c4:51:a4:
                    f7:4b:86:74:45:5c:0f:f2:a4:fb:c8:3f:a3:68:09:
                    13:6f:43:f3:41:25:61:22:9b:df:ad:f5:69:19:59:
                    01:79:b2:4a:35:17:26:65:ad:1c:bf:f4:fd:96:4a:
                    3f:1e:f8:c7:97:47:92:da:cb:41:0c:76:1c:59:87:
                    f2:00:70:f6:fc:20:68:6c:8b:28:4f:56:25:10:34:
                    3a:53:d5:92:89:c8:8a:5f:1e:a7:64:56:76:bc:be:
                    29:79:2e:97:dc:55:24:fd:1c:e6:89:fb:60:b3:39:
                    f3:15:44:66:bd:3f:c2:08:6b:fe:fa:28:e7:db:ea:
                    a6:c9:26:e7:0e:27:7e:e2:87:3e:7a:a1:13:80:76:
                    30:7e:e0:8c:28:3e:5c:d5:2e:ba:a4:cf:02:34:fd:
                    94:d3:97:f9:d5:92:be:0d:7a:3e:95:c6:47:28:fb:
                    b2:45:56:4f:c3:e6:3d:22:82:09:b3:06:60:53:af:
                    5c:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7C:E6:7A:99:B6:21:17:77:8B:F0:49:9D:46:DB:6B:06:1B:3B:F8
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/cnzmepm2IRd3i_BJnUbbawYbO_g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.198.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6a:6a:22:11:98:17:3d:dd:90:83:5f:48:28:53:cd:e3:75:be:
         ac:ee:34:73:3b:63:dc:f3:cf:d4:2a:6e:03:5e:96:b8:06:00:
         72:f8:fb:16:35:89:f0:5f:c1:eb:58:32:59:59:6c:1e:a3:3b:
         f7:44:91:7a:28:d4:68:c5:51:15:2c:88:87:cb:0b:ef:1f:8f:
         1e:c8:4b:a0:1c:42:66:3c:d3:58:30:80:a0:09:df:53:f8:a1:
         de:33:e6:6c:38:7c:10:8b:f5:92:11:b0:fe:11:a2:81:00:5f:
         13:91:fe:db:d8:51:8f:28:91:59:8e:00:b4:c6:a0:79:aa:10:
         c8:ed:f3:19:f5:4b:c3:84:ba:04:19:1c:9c:9f:6a:8e:2c:cd:
         dc:17:6d:52:ce:a5:ed:a5:17:04:d9:18:0c:79:1c:80:b0:c9:
         6e:dc:94:d6:f0:df:e1:41:80:60:fc:88:6e:6f:fa:32:a1:6f:
         5c:77:21:11:9d:9a:79:17:ef:52:98:f9:b6:3e:66:20:78:f9:
         ee:b1:86:da:f1:f1:9c:e1:99:65:02:4b:f5:e6:45:de:e7:70:
         96:cd:23:0f:93:47:d4:1a:7c:af:fd:e4:23:3e:7f:d5:65:07:
         7d:c4:d2:32:65:61:a3:30:17:8b:ae:c5:76:ef:f2:21:e2:a0:
         b3:26:b1:c1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICB98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDA5Mjkw
OTU3MjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDcyN0NFNjdBOTlCNjIx
MTc3NzhCRjA0OTlENDZEQjZCMDYxQjNCRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmP42ylHhmiCecRUbasTZfXRT6CPdYsTFGrr77sWGlFvR36nG+
mWKVMhrWpJToSvDFCBtFeBAQbCZm5G/K7VpDThTTZPPeAsRRpPdLhnRFXA/ypPvI
P6NoCRNvQ/NBJWEim9+t9WkZWQF5sko1FyZlrRy/9P2WSj8e+MeXR5Lay0EMdhxZ
h/IAcPb8IGhsiyhPViUQNDpT1ZKJyIpfHqdkVna8vil5LpfcVST9HOaJ+2CzOfMV
RGa9P8IIa/76KOfb6qbJJucOJ37ihz56oROAdjB+4IwoPlzVLrqkzwI0/ZTTl/nV
kr4Nej6Vxkco+7JFVk/D5j0iggmzBmBTr1ytAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUcnzmepm2IRd3i/BJnUbbawYbO/gwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvY256bWVwbTJJUmQzaV9C
Sm5VYmJhd1liT19nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AzzGKDANBgkqhkiG9w0BAQsFAAOCAQEAamoiEZgXPd2Qg19IKFPN43W+rO40cztj
3PPP1CpuA16WuAYAcvj7FjWJ8F/B61gyWVlsHqM790SReijUaMVRFSyIh8sL7x+P
HshLoBxCZjzTWDCAoAnfU/ih3jPmbDh8EIv1khGw/hGigQBfE5H+29hRjyiRWY4A
tMageaoQyO3zGfVLw4S6BBkcnJ9qjizN3BdtUs6l7aUXBNkYDHkcgLDJbtyU1vDf
4UGAYPyIbm/6MqFvXHchEZ2aeRfvUpj5tj5mIHj57rGG2vHxnOGZZQJL9eZF3udw
ls0jD5NH1Bp8r/3kIz5/1WUHfcTSMmVhozAXi67Fdu/yIeKgsyaxwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org