Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/fo7tcaD1gdFVgRAMFKPXvoVEAOA.roa
File:                     fo7tcaD1gdFVgRAMFKPXvoVEAOA.roa (raw, json)
Hash identifier:          dsHG9x6ysGrGneNO5rRiU10joTfLfWa1ynlr2Z0v3RA=
Subject key identifier:   7E:8E:ED:71:A0:F5:81:D1:55:81:10:0C:14:A3:D7:BE:85:44:00:E0
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/fo7tcaD1gdFVgRAMFKPXvoVEAOA.roa
Signing time:             Thu 15 Sep 2022 02:47:25 +0000
ROA not before:           Thu 15 Sep 2022 02:47:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        210.208.96.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:25 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=7E8EED71A0F581D15581100C14A3D7BE854400E0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:49:58:1e:d1:ef:fe:ec:08:f6:2f:7e:44:7f:
                    2f:86:5b:2f:ec:cb:db:ef:ad:49:e2:b7:33:7c:52:
                    3d:e4:20:7a:4f:45:21:ba:d6:f6:91:63:e1:1b:45:
                    cc:8a:8a:47:e7:fa:fa:b2:8b:cc:1b:eb:11:83:81:
                    c6:4e:ac:04:2c:82:77:e8:e2:6e:61:41:2e:44:8e:
                    fd:49:90:96:ed:f6:a7:5a:48:d6:33:bd:d3:5e:f8:
                    20:0d:39:10:ba:4f:3b:48:ff:e5:cb:3f:c5:2e:fe:
                    9d:f1:15:4e:d4:b5:f6:c9:95:13:b3:be:3b:cb:fe:
                    ec:da:04:e0:ee:0a:50:26:53:3f:d3:52:6e:77:21:
                    cf:ba:c4:e2:8f:39:85:0b:43:b4:7b:25:03:b5:22:
                    b4:c8:fc:10:07:0a:df:88:a8:87:b5:0b:b4:44:cd:
                    d8:ee:a1:7b:ec:3a:23:1b:ad:ff:d7:e4:db:9c:8e:
                    a7:b4:cc:1a:7a:03:39:ef:0a:91:2e:32:b5:29:b3:
                    2b:db:5d:17:62:bb:67:17:8d:f5:a4:06:60:fb:77:
                    66:ea:24:f7:97:db:16:03:a8:1f:79:1c:1f:15:6e:
                    b7:17:91:ad:ae:f4:f1:d5:b1:27:33:27:19:40:cf:
                    95:53:f9:e5:04:c1:c3:38:62:63:ff:cd:9d:02:81:
                    be:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:8E:ED:71:A0:F5:81:D1:55:81:10:0C:14:A3:D7:BE:85:44:00:E0
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/fo7tcaD1gdFVgRAMFKPXvoVEAOA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.208.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5f:8e:0e:b0:04:58:95:90:1f:dd:c6:11:ca:11:c2:b7:87:3c:
         fc:99:9b:37:30:a8:55:3c:6c:55:55:f8:0c:1f:55:40:a4:aa:
         77:c1:97:77:aa:20:e8:3c:b0:2c:1d:05:93:af:33:6e:b4:8a:
         9f:d5:a9:f3:d7:90:ee:8d:0c:22:c9:8a:39:c3:ac:6d:0c:6b:
         6d:ee:ba:89:ca:36:cb:31:32:13:00:43:71:4f:a1:43:08:27:
         4d:ea:ba:3e:eb:12:49:b9:86:0d:ff:e9:1a:3f:d9:9c:b6:6c:
         a4:f3:32:e3:e9:ed:16:68:14:1d:8d:38:d0:ba:4e:c8:1c:a3:
         f8:b6:1e:3f:51:98:76:ee:51:34:04:16:a3:0e:91:99:20:9d:
         09:a3:2c:67:e4:81:99:84:28:b6:11:f2:55:03:b6:77:8d:ca:
         d4:b0:74:44:6e:b2:3b:41:09:09:0c:9d:ee:bb:bf:3b:01:3d:
         a2:03:92:aa:81:7f:cc:53:f0:9c:db:3a:cb:e0:8a:f8:61:5e:
         67:b8:32:d1:d4:11:e3:5f:a6:c0:ff:a1:c0:49:f7:8a:ac:8e:
         db:27:72:34:97:09:46:18:77:8a:80:8e:36:49:23:47:5f:f1:
         19:c9:da:c4:ca:4d:9c:82:8d:de:3e:2a:b1:bb:c9:92:41:22:
         53:50:8c:cc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDdFOEVFRDcxQTBGNTgx
RDE1NTgxMTAwQzE0QTNEN0JFODU0NDAwRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrSVge0e/+7Aj2L35Efy+GWy/sy9vvrUnitzN8Uj3kIHpPRSG6
1vaRY+EbRcyKikfn+vqyi8wb6xGDgcZOrAQsgnfo4m5hQS5Ejv1JkJbt9qdaSNYz
vdNe+CANORC6TztI/+XLP8Uu/p3xFU7UtfbJlROzvjvL/uzaBODuClAmUz/TUm53
Ic+6xOKPOYULQ7R7JQO1IrTI/BAHCt+IqIe1C7REzdjuoXvsOiMbrf/X5Nucjqe0
zBp6AznvCpEuMrUpsyvbXRdiu2cXjfWkBmD7d2bqJPeX2xYDqB95HB8VbrcXka2u
9PHVsSczJxlAz5VT+eUEwcM4YmP/zZ0Cgb7DAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUfo7tcaD1gdFVgRAMFKPXvoVEAOAwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvZm83dGNhRDFnZEZWZ1JB
TUZLUFh2b1ZFQU9BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BdLQYDANBgkqhkiG9w0BAQsFAAOCAQEAX44OsARYlZAf3cYRyhHCt4c8/JmbNzCo
VTxsVVX4DB9VQKSqd8GXd6og6DywLB0Fk68zbrSKn9Wp89eQ7o0MIsmKOcOsbQxr
be66ico2yzEyEwBDcU+hQwgnTeq6PusSSbmGDf/pGj/ZnLZspPMy4+ntFmgUHY04
0LpOyByj+LYeP1GYdu5RNAQWow6RmSCdCaMsZ+SBmYQothHyVQO2d43K1LB0RG6y
O0EJCQyd7ru/OwE9ogOSqoF/zFPwnNs6y+CK+GFeZ7gy0dQR41+mwP+hwEn3iqyO
2ydyNJcJRhh3ioCONkkjR1/xGcnaxMpNnIKN3j4qsbvJkkEiU1CMzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org