Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dnDC_FWDYvvHXVIYhebn6Rl7aiE.roa
File:                     dnDC_FWDYvvHXVIYhebn6Rl7aiE.roa (raw, json)
Hash identifier:          m8l2WJ3nY4/A7d4CvsHCd7CQL12o+9p7GpCuh1brijM=
Subject key identifier:   76:70:C2:FC:55:83:62:FB:C7:5D:52:18:85:E6:E7:E9:19:7B:6A:21
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0C57
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dnDC_FWDYvvHXVIYhebn6Rl7aiE.roa
Signing time:             Wed 29 Sep 2021 02:49:42 +0000
ROA not before:           Wed 29 Sep 2021 02:49:42 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9924
IP address blocks:        203.77.32.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3159 (0xc57)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:49:42 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=7670C2FC558362FBC75D521885E6E7E9197B6A21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:46:98:ce:5b:34:aa:02:8d:da:51:00:38:88:
                    56:3a:9e:5b:a5:b2:04:01:cb:c2:d2:4a:48:23:ef:
                    36:40:8f:2c:28:8e:22:25:fd:26:f4:a2:b1:7f:49:
                    bf:bc:c5:26:ff:f1:d0:25:20:af:cd:0b:0c:ff:f7:
                    4d:55:76:ae:1d:20:00:77:54:57:be:26:f2:42:51:
                    9a:59:56:e7:d6:6c:d2:13:ae:cf:9e:76:d4:f5:e2:
                    ac:06:84:70:3d:75:8b:a7:4e:7d:c3:9b:d6:de:cb:
                    dc:70:c3:cc:11:98:17:6c:56:59:6e:5d:d6:40:f1:
                    16:6c:c1:b1:f8:e3:09:50:83:7c:8d:17:e3:44:fd:
                    a9:11:50:54:4a:1a:09:70:1d:2f:a6:0f:75:a8:2f:
                    90:13:58:30:97:ba:0e:f9:8b:f5:da:0b:2a:5d:fb:
                    ce:6a:6e:5c:79:24:36:75:5a:0e:dc:85:2f:5a:cb:
                    11:3f:45:f7:36:72:5b:5c:de:23:b8:94:3d:db:08:
                    33:bb:a1:89:4d:93:37:32:b8:d1:46:19:31:54:be:
                    03:6f:30:e0:8f:99:10:06:6c:db:8c:62:3d:16:ff:
                    6b:fd:33:a0:85:88:02:bf:d8:a7:a9:ba:39:ea:9a:
                    87:01:22:84:43:3f:a7:47:0b:ff:d2:e8:6c:80:a3:
                    6f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:70:C2:FC:55:83:62:FB:C7:5D:52:18:85:E6:E7:E9:19:7B:6A:21
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dnDC_FWDYvvHXVIYhebn6Rl7aiE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         68:49:e4:38:56:6c:fa:6f:4a:b7:61:fc:16:ef:33:75:3a:31:
         2a:01:47:99:f6:60:ff:80:6b:2b:97:89:db:aa:06:16:c7:c4:
         6a:01:20:c4:4a:7a:7d:32:7a:9f:53:6c:3b:f1:0e:8c:90:a2:
         6c:41:f2:6e:18:a7:64:11:d7:36:22:49:a1:0d:88:a3:9b:51:
         e2:25:58:ae:8a:9f:79:19:6f:6a:86:40:98:20:91:13:32:b3:
         c2:83:3d:88:ea:9c:4e:ab:5a:e9:3f:a6:8d:2d:00:29:fe:24:
         e0:cd:4b:2c:dc:cb:28:3a:d3:0c:f5:1f:a2:78:e7:ea:5a:c4:
         83:d4:d6:89:fe:5f:6a:ae:93:d8:cb:7f:d5:0a:d5:7a:d0:b4:
         7d:21:13:b4:41:fd:82:6d:e2:9f:ba:e0:4b:ad:c6:2a:13:5c:
         e0:5d:d7:c8:8e:4d:f1:b7:82:ae:bd:74:1b:62:01:67:ba:a8:
         17:5f:fc:bb:41:8c:a3:08:3c:e4:38:46:cd:86:39:a9:eb:54:
         b7:b0:4b:d6:ab:18:51:77:43:cc:3b:0f:bd:82:48:77:47:37:
         ef:7b:cd:80:10:11:02:a3:d3:f0:3e:4d:f6:16:58:09:5c:cd:
         26:60:be:63:80:aa:eb:bd:15:f5:b5:47:6e:1c:a4:c1:d0:97:
         ee:02:c7:88
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjQ5NDJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDc2NzBDMkZDNTU4MzYy
RkJDNzVENTIxODg1RTZFN0U5MTk3QjZBMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQRpjOWzSqAo3aUQA4iFY6nlulsgQBy8LSSkgj7zZAjywojiIl
/Sb0orF/Sb+8xSb/8dAlIK/NCwz/901Vdq4dIAB3VFe+JvJCUZpZVufWbNITrs+e
dtT14qwGhHA9dYunTn3Dm9bey9xww8wRmBdsVlluXdZA8RZswbH44wlQg3yNF+NE
/akRUFRKGglwHS+mD3WoL5ATWDCXug75i/XaCypd+85qblx5JDZ1Wg7chS9ayxE/
Rfc2cltc3iO4lD3bCDO7oYlNkzcyuNFGGTFUvgNvMOCPmRAGbNuMYj0W/2v9M6CF
iAK/2KepujnqmocBIoRDP6dHC//S6GyAo2/zAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdnDC/FWDYvvHXVIYhebn6Rl7aiEwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvZG5EQ19GV0RZdnZIWFZJ
WWhlYm42Umw3YWlFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BctNIDANBgkqhkiG9w0BAQsFAAOCAQEAaEnkOFZs+m9Kt2H8Fu8zdToxKgFHmfZg
/4BrK5eJ26oGFsfEagEgxEp6fTJ6n1NsO/EOjJCibEHybhinZBHXNiJJoQ2Io5tR
4iVYroqfeRlvaoZAmCCREzKzwoM9iOqcTqta6T+mjS0AKf4k4M1LLNzLKDrTDPUf
onjn6lrEg9TWif5faq6T2Mt/1QrVetC0fSETtEH9gm3in7rgS63GKhNc4F3XyI5N
8beCrr10G2IBZ7qoF1/8u0GMowg85DhGzYY5qetUt7BL1qsYUXdDzDsPvYJId0c3
73vNgBARAqPT8D5N9hZYCVzNJmC+Y4Cq670V9bVHbhykwdCX7gLHiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org