Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/eUPvt0cQCy6z7Q3B3D9_25E_mN8.roa
File:                     eUPvt0cQCy6z7Q3B3D9_25E_mN8.roa (raw, json)
Hash identifier:          ceJN3vtJLHnUkGxH1pBv5URV7OIPk7HdR9972ffb/AM=
Subject key identifier:   79:43:EF:B7:47:10:0B:2E:B3:ED:0D:C1:DC:3F:7F:DB:91:3F:98:DF
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0E36
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/eUPvt0cQCy6z7Q3B3D9_25E_mN8.roa
Signing time:             Mon 13 Feb 2023 13:48:21 +0000
ROA not before:           Mon 13 Feb 2023 13:48:21 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     3911
IP address blocks:        219.86.93.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3638 (0xe36)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Feb 13 13:48:21 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=7943EFB747100B2EB3ED0DC1DC3F7FDB913F98DF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:42:9c:ac:bd:db:fb:7e:32:cd:09:99:5a:78:
                    e2:38:e0:0c:47:68:c7:4e:96:cc:77:89:31:5d:ba:
                    d4:1e:96:c4:04:94:a1:56:81:08:69:a4:2c:67:b8:
                    56:ac:33:1f:1c:d6:84:5d:2c:f9:71:b2:54:21:dc:
                    41:05:7a:82:92:dd:bd:73:44:89:e1:07:90:ca:9d:
                    24:52:66:eb:0c:2a:30:a6:be:af:9a:ef:5c:44:15:
                    a3:dd:45:2b:50:18:cf:7c:04:f4:b3:ac:90:4d:55:
                    51:72:1b:a8:98:79:a8:f0:fd:6e:c6:8e:74:e9:6e:
                    23:2f:98:c3:ed:84:44:81:36:aa:17:40:36:38:df:
                    36:97:57:e1:72:04:46:44:05:56:24:a9:de:95:3b:
                    c5:21:80:c3:7b:be:e0:8f:6a:07:fa:43:50:b0:0e:
                    4c:1f:a8:43:11:99:79:96:18:80:5c:4b:9d:f2:f3:
                    23:0d:9a:ca:d3:e7:59:58:c0:20:54:1a:ff:71:86:
                    33:49:7a:83:18:1a:7d:0f:aa:1c:fd:bf:b0:69:fa:
                    13:ab:51:a1:ed:45:5c:e5:e7:fb:41:ad:42:f8:71:
                    a0:af:ed:3c:1d:a5:43:b9:eb:c4:48:d0:d8:15:5e:
                    33:2b:3f:6d:a0:62:7f:f4:6d:af:42:fe:c6:6f:fc:
                    43:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:43:EF:B7:47:10:0B:2E:B3:ED:0D:C1:DC:3F:7F:DB:91:3F:98:DF
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/eUPvt0cQCy6z7Q3B3D9_25E_mN8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.86.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:8e:1a:14:af:9e:a8:cd:c5:59:2b:f8:1b:2b:01:89:cc:b0:
         6e:06:99:f4:81:cb:4d:06:12:5e:f9:08:5e:e2:78:eb:27:dc:
         dd:e9:b9:a7:08:ec:3b:8a:90:a0:46:bd:c2:65:04:38:a1:fa:
         2b:aa:e1:e9:ed:a8:cb:27:f0:07:35:50:60:d3:2e:2e:84:6c:
         90:1f:6a:e7:77:f8:66:01:76:17:3f:06:b7:13:30:49:ea:77:
         be:0d:de:d1:25:77:a4:98:5c:5f:69:58:8a:66:49:5b:1e:9a:
         e4:98:2a:ba:f3:5d:92:27:20:dc:1f:c3:04:91:f4:76:e2:ef:
         22:db:d1:cd:f8:a7:55:3e:1e:0b:e2:21:e9:cf:39:e9:9d:b2:
         3a:19:04:9f:3c:b8:fb:6f:5c:79:3d:a8:ab:88:1a:4b:02:5b:
         e8:64:6f:07:47:41:8e:79:4c:3d:bc:47:4b:ab:f9:0c:d9:6d:
         b4:83:8d:89:09:4f:c3:2f:7e:cf:c8:49:ea:e3:d6:c2:3c:05:
         38:54:86:c2:b8:8f:d6:4c:92:c1:60:5e:72:f9:3f:73:02:fe:
         52:8f:9f:2b:5d:47:51:73:1b:3f:78:c9:44:c9:c6:a5:8d:04:
         d4:a3:f5:90:1f:fa:b5:ac:3d:a3:41:e6:72:74:f0:a2:f0:d4:
         71:4c:8f:72
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDjYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzAyMTMx
MzQ4MjFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDc5NDNFRkI3NDcxMDBC
MkVCM0VEMERDMURDM0Y3RkRCOTEzRjk4REYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiQpysvdv7fjLNCZlaeOI44AxHaMdOlsx3iTFdutQelsQElKFW
gQhppCxnuFasMx8c1oRdLPlxslQh3EEFeoKS3b1zRInhB5DKnSRSZusMKjCmvq+a
71xEFaPdRStQGM98BPSzrJBNVVFyG6iYeajw/W7GjnTpbiMvmMPthESBNqoXQDY4
3zaXV+FyBEZEBVYkqd6VO8UhgMN7vuCPagf6Q1CwDkwfqEMRmXmWGIBcS53y8yMN
msrT51lYwCBUGv9xhjNJeoMYGn0Pqhz9v7Bp+hOrUaHtRVzl5/tBrUL4caCv7Twd
pUO568RI0NgVXjMrP22gYn/0ba9C/sZv/ENfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUeUPvt0cQCy6z7Q3B3D9/25E/mN8wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvZVVQdnQwY1FDeTZ6N1Ez
QjNEOV8yNUVfbU44LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANtWXTANBgkqhkiG9w0BAQsFAAOCAQEAI44aFK+eqM3FWSv4GysBicywbgaZ9IHL
TQYSXvkIXuJ46yfc3em5pwjsO4qQoEa9wmUEOKH6K6rh6e2oyyfwBzVQYNMuLoRs
kB9q53f4ZgF2Fz8GtxMwSep3vg3e0SV3pJhcX2lYimZJWx6a5JgquvNdkicg3B/D
BJH0duLvItvRzfinVT4eC+Ih6c856Z2yOhkEnzy4+29ceT2oq4gaSwJb6GRvB0dB
jnlMPbxHS6v5DNlttIONiQlPwy9+z8hJ6uPWwjwFOFSGwriP1kySwWBecvk/cwL+
Uo+fK11HUXMbP3jJRMnGpY0E1KP1kB/6taw9o0HmcnTwovDUcUyPcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org