Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/lEp4vJwDwZtOX__0hSw1LtsudeE.roa
File:                     lEp4vJwDwZtOX__0hSw1LtsudeE.roa (raw, json)
Hash identifier:          dqCuKXHaFAoDzluhT7i5Ub7FbWvNGHf6l5j7ZiI7OAI=
Subject key identifier:   94:4A:78:BC:9C:03:C1:9B:4E:5F:FF:F4:85:2C:35:2E:DB:2E:75:E1
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       07E1
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/lEp4vJwDwZtOX__0hSw1LtsudeE.roa
Signing time:             Tue 29 Sep 2020 09:57:30 +0000
ROA not before:           Tue 29 Sep 2020 09:57:30 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        2001:4540::/27 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2017 (0x7e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 09:57:30 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=944A78BC9C03C19B4E5FFFF4852C352EDB2E75E1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:12:9a:1a:b6:5f:3c:8d:aa:84:8c:a2:1a:f8:
                    6e:f1:ff:7f:02:c4:0f:cc:14:9a:67:0b:17:bf:08:
                    cc:53:68:9e:17:92:82:f0:5c:9c:34:3f:75:cb:2a:
                    6f:e6:2c:4d:ef:f2:14:3d:7d:c7:c4:9c:dc:8c:6b:
                    2e:a0:ed:86:49:ed:65:04:ad:bb:ee:f9:5d:6b:15:
                    fb:88:cb:13:cf:71:e7:a0:40:44:b4:f0:af:b0:b7:
                    78:76:22:38:2c:d7:97:1c:47:2f:4f:c0:a4:f3:0e:
                    41:5d:6d:94:a0:76:7c:85:03:d6:92:39:16:39:2c:
                    0e:ec:b1:54:9e:4f:ad:8a:24:e1:8c:4e:bf:6d:01:
                    a7:23:2f:ef:18:6b:eb:ea:ae:84:fd:43:31:77:fe:
                    a5:6c:9e:b0:34:23:89:68:6d:c8:9f:43:af:b2:01:
                    fa:c7:60:ac:9e:81:bb:0d:0b:48:7c:58:32:2b:dc:
                    0c:7c:d6:27:ef:e9:2e:01:da:c5:e8:c8:26:80:ed:
                    26:f2:e2:3f:c8:3f:8c:63:dc:2b:e7:c6:2a:1c:13:
                    df:8c:28:18:84:e3:1e:70:04:db:2f:b5:a8:89:9b:
                    1d:26:3e:09:59:91:17:0e:d3:1e:05:f8:68:dc:9f:
                    3a:9b:e4:71:6c:05:18:5b:76:48:d6:9d:a5:64:fb:
                    ad:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:4A:78:BC:9C:03:C1:9B:4E:5F:FF:F4:85:2C:35:2E:DB:2E:75:E1
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/lEp4vJwDwZtOX__0hSw1LtsudeE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4540::/27

    Signature Algorithm: sha256WithRSAEncryption
         6f:df:ac:d3:7f:e4:2f:f8:30:f0:99:d5:be:64:a4:67:b7:de:
         91:70:42:f1:22:06:10:56:9c:13:65:50:d4:b7:b0:b3:7c:b7:
         ee:e7:e0:a0:00:d8:79:1f:7c:ce:ad:1b:18:e4:6e:3a:ac:55:
         7a:2f:9d:cb:48:d6:0a:46:ca:26:92:cc:52:80:86:78:84:50:
         f1:67:90:5a:3a:95:16:4f:f6:84:4c:3d:9c:92:aa:f3:b5:a6:
         61:c7:84:a1:8c:09:45:c7:0e:e3:f9:73:7e:ee:8f:e9:4b:31:
         d8:7e:5d:c3:a2:0b:fe:73:e3:4f:a9:93:5e:ef:8c:83:d8:9f:
         a0:7b:a1:93:ba:7c:29:07:96:89:98:27:7d:e4:d7:9e:e4:26:
         5b:0e:eb:04:84:38:5c:82:e9:e8:d4:3a:50:6e:c3:ef:c2:40:
         03:6d:8d:54:d4:b2:f8:71:0a:d1:68:a5:5e:8b:1e:d7:c7:b6:
         82:ff:05:bb:eb:56:4a:a4:b1:97:78:44:19:fa:4b:6d:1c:9f:
         f5:cf:ac:fa:3c:69:29:64:82:22:2f:46:bd:b2:d8:49:2e:9d:
         e8:2a:02:7f:03:42:36:c3:73:fa:5b:db:52:a7:57:01:b7:32:
         64:28:28:27:86:9f:f9:e2:71:2e:b5:3a:27:94:f3:ce:89:85:
         e8:e5:07:d0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICB+EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDA5Mjkw
OTU3MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDk0NEE3OEJDOUMwM0Mx
OUI0RTVGRkZGNDg1MkMzNTJFREIyRTc1RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIEpoatl88jaqEjKIa+G7x/38CxA/MFJpnCxe/CMxTaJ4XkoLw
XJw0P3XLKm/mLE3v8hQ9fcfEnNyMay6g7YZJ7WUErbvu+V1rFfuIyxPPceegQES0
8K+wt3h2Ijgs15ccRy9PwKTzDkFdbZSgdnyFA9aSORY5LA7ssVSeT62KJOGMTr9t
AacjL+8Ya+vqroT9QzF3/qVsnrA0I4lobcifQ6+yAfrHYKyegbsNC0h8WDIr3Ax8
1ifv6S4B2sXoyCaA7Sby4j/IP4xj3CvnxiocE9+MKBiE4x5wBNsvtaiJmx0mPglZ
kRcO0x4F+Gjcnzqb5HFsBRhbdkjWnaVk+63PAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlEp4vJwDwZtOX//0hSw1LtsudeEwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvbEVwNHZKd0R3WnRPWF9f
MGhTdzFMdHN1ZGVFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
BSABRUAwDQYJKoZIhvcNAQELBQADggEBAG/frNN/5C/4MPCZ1b5kpGe33pFwQvEi
BhBWnBNlUNS3sLN8t+7n4KAA2HkffM6tGxjkbjqsVXovnctI1gpGyiaSzFKAhniE
UPFnkFo6lRZP9oRMPZySqvO1pmHHhKGMCUXHDuP5c37uj+lLMdh+XcOiC/5z40+p
k17vjIPYn6B7oZO6fCkHlomYJ33k157kJlsO6wSEOFyC6ejUOlBuw+/CQANtjVTU
svhxCtFopV6LHtfHtoL/BbvrVkqksZd4RBn6S20cn/XPrPo8aSlkgiIvRr2y2Eku
negqAn8DQjbDc/pb21KnVwG3MmQoKCeGn/nicS61OieU886JhejlB9A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org