Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dtMNrDF4tW4xPm_14DmNG9AWDDY.roa
File:                     dtMNrDF4tW4xPm_14DmNG9AWDDY.roa (raw, json)
Hash identifier:          ErSsAQ4C59aeWIZcVzd7mj5jzj02NAsc/KPbhFMGzss=
Subject key identifier:   76:D3:0D:AC:31:78:B5:6E:31:3E:6F:F5:E0:39:8D:1B:D0:16:0C:36
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dtMNrDF4tW4xPm_14DmNG9AWDDY.roa
Signing time:             Thu 15 Sep 2022 02:46:50 +0000
ROA not before:           Thu 15 Sep 2022 02:46:50 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131634
IP address blocks:        210.17.80.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:46:50 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=76D30DAC3178B56E313E6FF5E0398D1BD0160C36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:93:9b:3b:3a:3a:2e:b6:2c:3d:93:54:5e:ea:
                    72:e4:0b:cb:bf:3a:c1:fc:f4:d0:7b:e4:63:97:8b:
                    ba:6a:c4:87:5d:89:4c:b8:22:0b:b1:9d:a3:b8:6b:
                    f9:6e:37:93:3d:66:58:90:a7:50:55:a4:3b:13:f4:
                    a7:0c:52:8a:d3:7b:59:f4:70:6c:c3:c6:74:a7:c4:
                    80:1a:6b:09:03:5b:2c:56:62:fc:1f:31:e8:d7:74:
                    5a:9b:36:f4:e0:4a:30:e4:ec:99:90:6d:c8:5b:bb:
                    66:a3:ff:d1:b2:6a:80:c8:1e:96:d5:93:5a:24:ec:
                    67:e4:c8:3a:f9:b4:8a:c5:ca:3e:76:04:6e:d8:9e:
                    61:fc:28:bb:43:b7:fe:0d:34:d3:b7:5c:bd:3a:91:
                    c9:42:4c:83:7e:44:32:58:81:2b:95:4a:53:27:4c:
                    ad:32:97:74:19:69:bb:40:22:b3:b2:17:51:2c:e8:
                    b5:9c:51:60:12:33:44:4a:42:ca:9a:b9:4d:3b:a6:
                    82:84:6f:67:d0:32:33:4b:de:2a:09:fb:62:70:25:
                    2a:1b:be:b3:29:51:2c:73:53:cd:bb:dd:92:50:a4:
                    94:23:1b:5e:58:35:a6:3a:94:db:99:d4:aa:9c:d8:
                    77:35:7a:32:cb:4d:01:90:6d:6c:be:50:cb:a8:f3:
                    df:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D3:0D:AC:31:78:B5:6E:31:3E:6F:F5:E0:39:8D:1B:D0:16:0C:36
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dtMNrDF4tW4xPm_14DmNG9AWDDY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:55:29:aa:43:4e:d3:67:c4:e3:84:14:34:12:da:28:68:7c:
         8c:09:6a:35:82:2d:23:19:e6:ee:8d:50:a8:23:d3:10:da:bd:
         a7:2f:20:bc:50:6e:52:2a:34:5a:46:0b:ef:a5:b2:aa:ce:f1:
         fe:c5:79:0a:b9:ee:67:2f:73:92:74:15:b0:fa:12:70:2e:05:
         0a:4a:25:e1:6a:7d:dc:8e:1b:94:03:41:87:3e:89:8b:6d:c7:
         8f:ed:85:ad:79:56:88:19:23:da:a4:54:9d:e1:34:ff:e6:b2:
         d0:86:fa:c3:fd:90:0a:4b:90:97:c2:64:36:d5:27:b2:8c:21:
         6b:93:cd:df:3a:a2:1f:9f:51:88:9c:e5:50:d7:08:30:ce:03:
         f4:30:10:f3:bb:7c:5e:42:4f:c0:0f:7b:66:69:ef:3d:6c:22:
         9c:23:33:6c:41:9e:a2:f4:84:ef:02:9e:9e:0b:df:b6:73:bf:
         dc:5f:4c:3a:e4:07:91:d7:58:98:cd:e2:6d:7d:40:1b:55:fa:
         5d:09:5b:51:ba:33:7e:ba:5c:ed:60:c5:62:33:62:86:f6:df:
         91:a8:db:52:8a:67:42:4a:81:3c:cf:a4:5f:ed:b3:c7:c4:e5:
         dd:cd:69:42:2c:5e:62:36:3d:6b:db:f1:54:d2:d1:4e:d2:6b:
         f6:aa:e0:4c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ2NTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDc2RDMwREFDMzE3OEI1
NkUzMTNFNkZGNUUwMzk4RDFCRDAxNjBDMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyk5s7Ojoutiw9k1Re6nLkC8u/OsH89NB75GOXi7pqxIddiUy4
IguxnaO4a/luN5M9ZliQp1BVpDsT9KcMUorTe1n0cGzDxnSnxIAaawkDWyxWYvwf
MejXdFqbNvTgSjDk7JmQbchbu2aj/9GyaoDIHpbVk1ok7GfkyDr5tIrFyj52BG7Y
nmH8KLtDt/4NNNO3XL06kclCTIN+RDJYgSuVSlMnTK0yl3QZabtAIrOyF1Es6LWc
UWASM0RKQsqauU07poKEb2fQMjNL3ioJ+2JwJSobvrMpUSxzU8273ZJQpJQjG15Y
NaY6lNuZ1Kqc2Hc1ejLLTQGQbWy+UMuo898bAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdtMNrDF4tW4xPm/14DmNG9AWDDYwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvZHRNTnJERjR0VzR4UG1f
MTREbU5HOUFXRERZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRUDANBgkqhkiG9w0BAQsFAAOCAQEAAFUpqkNO02fE44QUNBLaKGh8jAlqNYIt
Ixnm7o1QqCPTENq9py8gvFBuUio0WkYL76Wyqs7x/sV5CrnuZy9zknQVsPoScC4F
Ckol4Wp93I4blANBhz6Ji23Hj+2FrXlWiBkj2qRUneE0/+ay0Ib6w/2QCkuQl8Jk
NtUnsowha5PN3zqiH59RiJzlUNcIMM4D9DAQ87t8XkJPwA97ZmnvPWwinCMzbEGe
ovSE7wKengvftnO/3F9MOuQHkddYmM3ibX1AG1X6XQlbUbozfrpc7WDFYjNihvbf
kajbUopnQkqBPM+kX+2zx8Tl3c1pQixeYjY9a9vxVNLRTtJr9qrgTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org