Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/kjopWZ63jeo7_3oT1iEkLth4vSw.roa
File:                     kjopWZ63jeo7_3oT1iEkLth4vSw.roa (raw, json)
Hash identifier:          QXxMK6O0DhQtjx3dN6l4m8Eg9ii248yQXEJsOJlE2ZU=
Subject key identifier:   92:3A:29:59:9E:B7:8D:EA:3B:FF:7A:13:D6:21:24:2E:D8:78:BD:2C
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/kjopWZ63jeo7_3oT1iEkLth4vSw.roa
Signing time:             Thu 15 Sep 2022 02:46:59 +0000
ROA not before:           Thu 15 Sep 2022 02:46:59 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        203.77.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:46:59 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=923A29599EB78DEA3BFF7A13D621242ED878BD2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:8a:94:a0:98:8a:bf:85:f3:ca:a2:be:f8:81:
                    5a:34:41:c7:94:e7:29:64:05:77:ff:8a:77:ab:dc:
                    33:22:bc:9c:ef:b4:08:96:13:06:fe:d7:06:7f:87:
                    b9:08:d9:59:87:a8:c4:e6:12:ff:ba:84:8c:ad:47:
                    81:82:5f:fd:12:17:68:e4:5c:d0:ed:bc:f0:8a:a2:
                    62:2f:0b:2e:e8:42:c3:88:d9:69:2c:4d:54:48:08:
                    a9:6e:86:82:ba:bb:66:d1:1b:77:ca:70:8b:50:e8:
                    69:60:57:43:64:e4:41:48:72:a6:f8:17:af:b9:36:
                    01:eb:8b:95:d6:06:56:81:6e:4a:cf:76:98:36:41:
                    5d:10:fe:8f:08:5b:94:0b:f2:83:79:2e:cc:bd:ad:
                    d7:83:7c:34:ce:2b:8a:dc:11:c7:16:c6:ae:f0:ed:
                    6a:cc:f2:5b:3e:38:b7:7c:93:cf:b6:38:e4:b9:e0:
                    86:94:ff:23:d3:61:c9:0e:4c:13:db:0f:b3:85:ce:
                    5d:0e:b7:20:0f:90:56:9f:46:2a:5f:25:de:86:94:
                    6f:94:ca:8f:5a:be:3d:1a:fc:5e:e8:4e:20:41:d3:
                    b4:06:fc:56:91:d6:31:12:bc:4c:fb:b8:fd:9b:16:
                    60:5b:91:19:b5:b4:1b:81:f2:81:0c:56:66:bb:f8:
                    db:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:3A:29:59:9E:B7:8D:EA:3B:FF:7A:13:D6:21:24:2E:D8:78:BD:2C
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/kjopWZ63jeo7_3oT1iEkLth4vSw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:7d:c5:fe:cf:69:fc:e3:2e:af:22:ac:18:76:68:04:6e:41:
         65:c0:a1:21:7c:f4:3b:1d:1b:5a:4b:f4:28:75:29:c4:fb:a5:
         de:e4:fb:c4:47:29:a6:c5:8c:87:bc:a5:ed:33:6b:69:11:ab:
         68:27:d3:8f:1b:f0:2a:a2:c8:8d:d6:9d:91:d0:67:df:9c:83:
         2d:cc:ab:4c:c7:0c:5b:41:95:fd:6e:be:3b:fe:b3:42:f0:dd:
         87:0e:84:91:ea:35:7d:91:90:03:d1:30:fc:ea:03:81:00:b0:
         ec:f2:4d:84:52:41:0d:87:47:da:43:98:d2:32:74:a9:39:9f:
         87:25:07:1f:88:a5:83:25:62:3d:4b:e6:14:05:6f:69:4c:59:
         0a:02:b8:eb:4a:68:c3:9f:94:55:14:6c:cf:ce:13:dd:87:67:
         77:17:30:97:65:81:52:40:a7:82:11:fc:17:fb:48:17:e1:50:
         51:e1:ac:fa:85:98:4c:2d:b8:21:92:96:11:46:bc:8b:9f:2f:
         3c:d6:23:05:d7:f7:b6:e7:b9:96:40:e2:43:bc:2b:13:ab:e7:
         56:1a:9d:06:74:39:06:40:c2:4c:c8:63:c6:cc:17:6e:47:e8:
         ad:4d:28:59:8c:45:79:bb:18:24:75:2f:47:0b:90:fd:aa:08:
         55:4a:c0:f5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ2NTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDkyM0EyOTU5OUVCNzhE
RUEzQkZGN0ExM0Q2MjEyNDJFRDg3OEJEMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpipSgmIq/hfPKor74gVo0QceU5ylkBXf/iner3DMivJzvtAiW
Ewb+1wZ/h7kI2VmHqMTmEv+6hIytR4GCX/0SF2jkXNDtvPCKomIvCy7oQsOI2Wks
TVRICKluhoK6u2bRG3fKcItQ6GlgV0Nk5EFIcqb4F6+5NgHri5XWBlaBbkrPdpg2
QV0Q/o8IW5QL8oN5Lsy9rdeDfDTOK4rcEccWxq7w7WrM8ls+OLd8k8+2OOS54IaU
/yPTYckOTBPbD7OFzl0OtyAPkFafRipfJd6GlG+Uyo9avj0a/F7oTiBB07QG/FaR
1jESvEz7uP2bFmBbkRm1tBuB8oEMVma7+NunAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkjopWZ63jeo7/3oT1iEkLth4vSwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQva2pvcFdaNjNqZW83XzNv
VDFpRWtMdGg0dlN3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMtNMzANBgkqhkiG9w0BAQsFAAOCAQEAiH3F/s9p/OMuryKsGHZoBG5BZcChIXz0
Ox0bWkv0KHUpxPul3uT7xEcppsWMh7yl7TNraRGraCfTjxvwKqLIjdadkdBn35yD
LcyrTMcMW0GV/W6+O/6zQvDdhw6Ekeo1fZGQA9Ew/OoDgQCw7PJNhFJBDYdH2kOY
0jJ0qTmfhyUHH4ilgyViPUvmFAVvaUxZCgK460pow5+UVRRsz84T3Ydndxcwl2WB
UkCnghH8F/tIF+FQUeGs+oWYTC24IZKWEUa8i58vPNYjBdf3tue5lkDiQ7wrE6vn
VhqdBnQ5BkDCTMhjxswXbkforU0oWYxFebsYJHUvRwuQ/aoIVUrA9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org