Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/gV6QNPGcKwqF0c4xBHxqaGBEqHQ.roa
File:                     gV6QNPGcKwqF0c4xBHxqaGBEqHQ.roa (raw, json)
Hash identifier:          xKKtc0QxAVaMmHw5IPdYzbjOFPiGDi5CtjMfDYTeIyQ=
Subject key identifier:   81:5E:90:34:F1:9C:2B:0A:85:D1:CE:31:04:7C:6A:68:60:44:A8:74
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0C9A
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/gV6QNPGcKwqF0c4xBHxqaGBEqHQ.roa
Signing time:             Wed 29 Sep 2021 02:50:02 +0000
ROA not before:           Wed 29 Sep 2021 02:50:02 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131628
IP address blocks:        175.97.192.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3226 (0xc9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:50:02 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=815E9034F19C2B0A85D1CE31047C6A686044A874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7e:7d:5a:ef:a4:0c:97:1d:36:36:d7:4e:dd:
                    70:f7:bc:1c:e6:93:0c:5c:02:29:18:06:5c:45:03:
                    18:d2:02:7f:44:e8:b6:63:1e:6f:9e:4f:38:53:dd:
                    6f:f1:ad:16:e5:24:cb:d6:2d:f3:88:36:6d:1d:09:
                    e9:96:90:f3:81:44:97:54:3f:97:e7:2e:59:8a:bb:
                    29:c1:2b:3e:b7:85:2a:b1:08:84:03:70:1b:11:df:
                    31:56:0c:e4:95:0e:85:54:37:5d:a3:5d:a3:8c:c8:
                    d0:b5:f9:df:b2:4f:42:3f:b7:3c:43:d0:f6:50:7e:
                    ad:fc:f4:4c:dc:9b:38:26:a4:b5:31:28:a3:89:d2:
                    fb:e8:c9:9b:ae:4b:13:9e:ed:88:89:99:5d:a0:08:
                    c6:4d:e8:c3:5a:06:e6:af:61:37:aa:f0:ea:1b:e3:
                    c9:29:b5:83:e4:ca:c3:b0:68:6f:f8:0c:e1:47:af:
                    6b:f9:95:62:13:24:01:7b:cb:9f:59:fd:9e:2b:f4:
                    33:46:32:4f:dd:ee:6a:fd:ff:6e:23:5b:e4:8a:7a:
                    62:d6:4c:88:93:67:a0:fc:68:6f:cf:31:07:78:9e:
                    5d:74:fe:ad:ff:f3:6f:47:e2:4d:39:a6:ad:9f:28:
                    4e:00:ee:45:6e:f7:60:78:3b:8d:ef:76:e8:da:5e:
                    a4:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:5E:90:34:F1:9C:2B:0A:85:D1:CE:31:04:7C:6A:68:60:44:A8:74
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/gV6QNPGcKwqF0c4xBHxqaGBEqHQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.97.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         99:e0:73:74:ff:2a:39:ed:b5:2d:56:63:0d:c8:8e:33:1d:31:
         a4:c3:56:39:f1:83:8a:d8:6b:71:f3:0d:da:b7:57:8f:02:a4:
         fa:75:8a:d6:a9:e8:f0:b8:4f:1a:e5:65:05:e0:d2:4d:de:74:
         55:51:53:74:a5:5d:16:eb:94:b4:9b:9b:dd:2b:2a:be:c3:94:
         71:10:dc:fa:58:e4:af:21:e0:50:5f:0f:1a:8d:55:11:2e:f3:
         38:b8:a9:08:dc:3a:bb:d0:dd:2a:d6:89:1c:55:b4:a0:cd:10:
         03:60:9c:90:1d:89:20:a9:86:fe:90:db:18:a3:4d:e6:ea:71:
         e1:09:00:fe:a5:ae:f6:7d:7a:d8:54:2d:7c:f5:af:e4:91:55:
         b9:a9:ad:b6:04:d7:51:1f:7d:46:56:ca:78:9d:77:66:26:7d:
         9d:23:3f:d2:95:1a:b0:bf:22:53:1c:56:b3:d7:1c:65:57:44:
         ee:81:37:97:34:e2:c1:4e:6b:65:92:99:ba:d1:61:78:cf:75:
         b1:90:b7:e1:1d:b4:18:16:48:65:5b:dc:78:2c:b4:ef:47:e2:
         d5:8c:f4:8b:82:9a:a8:9a:8f:91:67:22:05:3d:9c:25:53:61:
         16:87:ca:58:e6:ce:06:81:9d:52:40:d0:40:98:26:0e:2e:c9:
         9f:ec:1d:29
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjUwMDJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDgxNUU5MDM0RjE5QzJC
MEE4NUQxQ0UzMTA0N0M2QTY4NjA0NEE4NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLfn1a76QMlx02NtdO3XD3vBzmkwxcAikYBlxFAxjSAn9E6LZj
Hm+eTzhT3W/xrRblJMvWLfOINm0dCemWkPOBRJdUP5fnLlmKuynBKz63hSqxCIQD
cBsR3zFWDOSVDoVUN12jXaOMyNC1+d+yT0I/tzxD0PZQfq389EzcmzgmpLUxKKOJ
0vvoyZuuSxOe7YiJmV2gCMZN6MNaBuavYTeq8Oob48kptYPkysOwaG/4DOFHr2v5
lWITJAF7y59Z/Z4r9DNGMk/d7mr9/24jW+SKemLWTIiTZ6D8aG/PMQd4nl10/q3/
829H4k05pq2fKE4A7kVu92B4O43vdujaXqSJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUgV6QNPGcKwqF0c4xBHxqaGBEqHQwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvZ1Y2UU5QR2NLd3FGMGM0
eEJIeHFhR0JFcUhRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BK9hwDANBgkqhkiG9w0BAQsFAAOCAQEAmeBzdP8qOe21LVZjDciOMx0xpMNWOfGD
ithrcfMN2rdXjwKk+nWK1qno8LhPGuVlBeDSTd50VVFTdKVdFuuUtJub3SsqvsOU
cRDc+ljkryHgUF8PGo1VES7zOLipCNw6u9DdKtaJHFW0oM0QA2CckB2JIKmG/pDb
GKNN5upx4QkA/qWu9n162FQtfPWv5JFVuamttgTXUR99RlbKeJ13ZiZ9nSM/0pUa
sL8iUxxWs9ccZVdE7oE3lzTiwU5rZZKZutFheM91sZC34R20GBZIZVvceCy070fi
1Yz0i4KaqJqPkWciBT2cJVNhFofKWObOBoGdUkDQQJgmDi7Jn+wdKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org