Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/eTfymhCn9GcqvFPyKB2qcglG7Vw.roa
File:                     eTfymhCn9GcqvFPyKB2qcglG7Vw.roa (raw, json)
Hash identifier:          3jj3IseC8nJE9ZcNMQRAD19jpacaLMFkClDEzYIVpDk=
Subject key identifier:   79:37:F2:9A:10:A7:F4:67:2A:BC:53:F2:28:1D:AA:72:09:46:ED:5C
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       081E
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/eTfymhCn9GcqvFPyKB2qcglG7Vw.roa
Signing time:             Tue 29 Sep 2020 09:57:47 +0000
ROA not before:           Tue 29 Sep 2020 09:57:47 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131628
IP address blocks:        175.99.0.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2078 (0x81e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 09:57:47 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=7937F29A10A7F4672ABC53F2281DAA720946ED5C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:43:d2:24:c8:ba:5e:ea:7b:e1:40:de:64:5d:
                    66:3e:61:b5:23:b1:67:81:75:8d:93:5c:c4:aa:3c:
                    1a:46:43:56:6f:ae:50:ae:68:7b:de:1d:5d:f4:3f:
                    92:5a:be:b1:4c:67:a5:76:89:bd:b0:28:cf:4e:09:
                    01:37:2e:41:4f:87:4a:48:23:69:10:f2:fd:16:47:
                    6a:9b:08:6d:07:03:39:c4:1e:25:86:fa:64:5f:db:
                    ff:48:79:74:e4:4e:e5:3f:0e:79:8f:d5:82:43:00:
                    0c:44:bf:aa:dd:03:d4:fa:5e:9f:3d:07:73:c4:79:
                    5e:69:09:85:b6:d4:72:02:4b:1f:48:64:7e:f1:35:
                    f8:87:02:1e:c2:3f:6d:9c:4d:bd:bb:28:4e:6c:05:
                    82:a6:86:3d:35:46:30:dc:ce:c5:24:62:5b:9a:de:
                    69:14:7d:50:41:fd:2f:9d:95:be:6b:7f:13:d3:b2:
                    8c:62:70:03:53:d5:25:e8:a7:b4:6e:18:fb:2b:4d:
                    2a:57:dc:38:0d:93:e2:45:c3:b2:64:50:0a:24:18:
                    e0:30:a2:65:21:cb:40:4e:fb:23:ac:09:1e:fb:87:
                    e9:7d:71:70:fb:8b:1d:d0:8a:0e:fd:ff:c3:fa:67:
                    76:57:f3:64:8e:96:02:40:1d:f6:3d:40:c0:a4:2b:
                    ec:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:37:F2:9A:10:A7:F4:67:2A:BC:53:F2:28:1D:AA:72:09:46:ED:5C
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/eTfymhCn9GcqvFPyKB2qcglG7Vw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.99.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         99:f1:97:9a:76:14:61:e9:26:a2:58:af:c1:1a:03:56:c4:d3:
         11:8f:34:a4:a7:13:ee:97:a7:1d:5d:00:4e:a8:ac:92:09:5a:
         f6:ca:37:83:aa:d5:e2:14:bf:10:5a:38:fe:62:fc:69:95:b8:
         ff:b7:96:c8:27:66:0a:6f:5c:27:52:b0:38:92:2c:86:c2:4b:
         7c:ee:ab:1c:17:32:2f:36:3d:df:7c:d9:8c:0b:dd:1a:48:22:
         8e:ac:05:3f:d1:c5:52:85:68:6f:3c:a7:30:24:33:1d:48:e6:
         00:09:ff:39:bd:9d:3c:a9:23:e6:fd:67:3f:58:95:2b:8d:f5:
         cf:e8:eb:c6:c1:3b:79:c3:30:6a:a6:7a:38:1b:c9:bc:90:18:
         50:16:f0:6c:18:f7:aa:4d:84:07:c0:02:48:4a:63:9e:59:dd:
         e3:6c:7f:99:e9:eb:19:ca:da:b0:0a:1f:33:9b:8b:eb:1b:df:
         33:6d:00:2b:8f:a4:64:a5:1f:3f:f3:a8:4a:ba:50:7e:f9:f0:
         ca:a5:4e:c5:d2:42:fd:7f:2a:3e:78:3c:4e:f0:da:89:0a:b6:
         a9:13:b5:9d:08:75:d7:19:89:1d:76:0a:7c:d6:57:2d:84:f4:
         93:c3:dd:ac:80:90:4b:e9:3a:3e:81:32:46:1f:5e:7d:fe:5e:
         1e:4c:8d:8d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCB4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDA5Mjkw
OTU3NDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDc5MzdGMjlBMTBBN0Y0
NjcyQUJDNTNGMjI4MURBQTcyMDk0NkVENUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuQ9IkyLpe6nvhQN5kXWY+YbUjsWeBdY2TXMSqPBpGQ1ZvrlCu
aHveHV30P5JavrFMZ6V2ib2wKM9OCQE3LkFPh0pII2kQ8v0WR2qbCG0HAznEHiWG
+mRf2/9IeXTkTuU/DnmP1YJDAAxEv6rdA9T6Xp89B3PEeV5pCYW21HICSx9IZH7x
NfiHAh7CP22cTb27KE5sBYKmhj01RjDczsUkYlua3mkUfVBB/S+dlb5rfxPTsoxi
cANT1SXop7RuGPsrTSpX3DgNk+JFw7JkUAokGOAwomUhy0BO+yOsCR77h+l9cXD7
ix3Qig79/8P6Z3ZX82SOlgJAHfY9QMCkK+znAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUeTfymhCn9GcqvFPyKB2qcglG7VwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvZVRmeW1oQ245R2NxdkZQ
eUtCMnFjZ2xHN1Z3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Ba9jADANBgkqhkiG9w0BAQsFAAOCAQEAmfGXmnYUYekmolivwRoDVsTTEY80pKcT
7penHV0ATqiskgla9so3g6rV4hS/EFo4/mL8aZW4/7eWyCdmCm9cJ1KwOJIshsJL
fO6rHBcyLzY933zZjAvdGkgijqwFP9HFUoVobzynMCQzHUjmAAn/Ob2dPKkj5v1n
P1iVK431z+jrxsE7ecMwaqZ6OBvJvJAYUBbwbBj3qk2EB8ACSEpjnlnd42x/menr
GcrasAofM5uL6xvfM20AK4+kZKUfP/OoSrpQfvnwyqVOxdJC/X8qPng8TvDaiQq2
qRO1nQh11xmJHXYKfNZXLYT0k8PdrICQS+k6PoEyRh9eff5eHkyNjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org