Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dBySZkMKl7xGpPZBWq28uSx1p90.roa
File:                     dBySZkMKl7xGpPZBWq28uSx1p90.roa (raw, json)
Hash identifier:          qkWn5F/38AFJ5lQUkuMmMUY+/Vc93ZZnmTrAWUfC8SA=
Subject key identifier:   74:1C:92:66:43:0A:97:BC:46:A4:F6:41:5A:AD:BC:B9:2C:75:A7:DD
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0CA4
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dBySZkMKl7xGpPZBWq28uSx1p90.roa
Signing time:             Wed 29 Sep 2021 02:50:05 +0000
ROA not before:           Wed 29 Sep 2021 02:50:05 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131634
IP address blocks:        124.108.191.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3236 (0xca4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:50:05 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=741C9266430A97BC46A4F6415AADBCB92C75A7DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f6:2a:8d:92:5c:78:75:73:4e:14:f9:e3:7a:
                    0f:07:3c:7b:08:8d:20:0a:5a:6a:3d:15:57:7c:e4:
                    5a:20:5e:da:8b:51:8e:bc:bd:e2:2e:41:e4:51:33:
                    fc:80:65:c4:63:7c:19:f0:e1:e9:50:74:c2:7e:dc:
                    d8:e8:8a:92:66:5f:1a:9f:4f:d2:67:63:e4:d2:36:
                    4c:3c:b1:bb:17:81:0f:76:fa:a2:30:3b:28:76:5b:
                    15:d1:9d:42:71:09:d8:fc:0c:fa:d6:6a:9b:04:1c:
                    26:b6:95:9e:ce:04:54:0d:51:39:8b:5c:ab:38:19:
                    a0:79:05:7c:dc:f5:3e:bc:55:00:8b:e4:15:e4:3a:
                    e5:8b:b7:c1:23:11:82:f6:66:9d:92:c1:4e:34:fa:
                    06:1e:1b:b2:f4:bb:64:ed:29:a8:d4:c3:d6:58:2a:
                    af:0b:22:91:3b:ba:36:4e:0f:6f:c3:10:a8:49:7f:
                    f1:2c:4c:db:c3:e4:79:0a:70:10:73:e9:a0:42:37:
                    a9:ec:7c:fc:31:63:c9:5e:6c:07:49:7d:f4:b7:16:
                    a1:a2:2e:84:25:df:de:7b:80:89:a7:cc:e6:b2:bc:
                    21:80:da:74:eb:48:20:45:d6:ff:f8:4a:d0:0b:b9:
                    88:1f:44:87:21:63:90:73:fb:c9:f6:1e:d4:81:26:
                    09:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:1C:92:66:43:0A:97:BC:46:A4:F6:41:5A:AD:BC:B9:2C:75:A7:DD
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dBySZkMKl7xGpPZBWq28uSx1p90.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.108.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:7a:f5:37:0c:49:db:99:f4:28:1f:94:42:c7:18:f7:c1:bf:
         0c:fc:73:a0:aa:b8:80:94:82:b4:f5:02:42:cc:1c:aa:d5:09:
         1f:7f:0c:42:61:8d:30:b1:9b:ea:00:80:62:57:c3:26:c3:d2:
         24:23:6a:c7:47:6f:60:63:66:af:b0:a7:15:4a:6a:0b:1c:4b:
         15:e2:9d:e9:dd:8f:42:d7:02:14:b6:4d:a7:dd:80:45:b9:28:
         74:81:8b:72:a1:a7:1c:30:ff:9d:9e:81:2c:1e:5d:9d:02:a4:
         66:41:d2:03:44:51:05:0e:56:b8:e5:03:57:c8:23:e6:da:5a:
         a3:0c:57:7d:19:b5:76:91:e6:f3:0f:c6:79:9f:13:27:7c:52:
         1d:47:20:eb:a7:00:2d:66:c3:e4:47:84:b9:71:18:82:ef:bb:
         89:a5:ba:e7:fe:96:21:db:17:00:60:ea:49:ac:12:2a:ea:26:
         b0:bc:6d:7e:4c:27:8c:3e:65:87:f9:42:98:7c:94:70:be:3f:
         94:05:5c:4c:54:14:e7:6a:5d:6b:a5:6e:27:48:6f:4d:85:40:
         d0:4e:56:9a:60:a2:f3:b7:1c:c7:b2:82:02:5a:23:10:a6:b5:
         d6:6c:2b:6c:48:02:e3:b8:f0:b3:3a:63:c2:ba:7e:60:78:77:
         35:77:e4:f1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDKQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjUwMDVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDc0MUM5MjY2NDMwQTk3
QkM0NkE0RjY0MTVBQURCQ0I5MkM3NUE3REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/9iqNklx4dXNOFPnjeg8HPHsIjSAKWmo9FVd85FogXtqLUY68
veIuQeRRM/yAZcRjfBnw4elQdMJ+3NjoipJmXxqfT9JnY+TSNkw8sbsXgQ92+qIw
Oyh2WxXRnUJxCdj8DPrWapsEHCa2lZ7OBFQNUTmLXKs4GaB5BXzc9T68VQCL5BXk
OuWLt8EjEYL2Zp2SwU40+gYeG7L0u2TtKajUw9ZYKq8LIpE7ujZOD2/DEKhJf/Es
TNvD5HkKcBBz6aBCN6nsfPwxY8lebAdJffS3FqGiLoQl3957gImnzOayvCGA2nTr
SCBF1v/4StALuYgfRIchY5Bz+8n2HtSBJglNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdBySZkMKl7xGpPZBWq28uSx1p90wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvZEJ5U1prTUtsN3hHcFBa
QldxMjh1U3gxcDkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AHxsvzANBgkqhkiG9w0BAQsFAAOCAQEAYnr1NwxJ25n0KB+UQscY98G/DPxzoKq4
gJSCtPUCQswcqtUJH38MQmGNMLGb6gCAYlfDJsPSJCNqx0dvYGNmr7CnFUpqCxxL
FeKd6d2PQtcCFLZNp92ARbkodIGLcqGnHDD/nZ6BLB5dnQKkZkHSA0RRBQ5WuOUD
V8gj5tpaowxXfRm1dpHm8w/GeZ8TJ3xSHUcg66cALWbD5EeEuXEYgu+7iaW65/6W
IdsXAGDqSawSKuomsLxtfkwnjD5lh/lCmHyUcL4/lAVcTFQU52pda6VuJ0hvTYVA
0E5WmmCi87ccx7KCAlojEKa11mwrbEgC47jwszpjwrp+YHh3NXfk8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org