Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/lr1EXJBsznklVFDfiSNhOrmg3nM.roa
File:                     lr1EXJBsznklVFDfiSNhOrmg3nM.roa (raw, json)
Hash identifier:          aNXpvFQeYxjk8MAMCYYgoOH4+ibKmayVZ1xFN7L45b0=
Subject key identifier:   96:BD:44:5C:90:6C:CE:79:25:54:50:DF:89:23:61:3A:B9:A0:DE:73
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/lr1EXJBsznklVFDfiSNhOrmg3nM.roa
Signing time:             Thu 15 Sep 2022 02:47:26 +0000
ROA not before:           Thu 15 Sep 2022 02:47:26 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        124.108.128.0/18 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:26 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=96BD445C906CCE79255450DF8923613AB9A0DE73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:40:41:fe:50:5c:f9:6c:08:a3:a6:10:5c:83:
                    5e:22:37:bb:a3:a4:1b:32:ab:df:42:fd:09:b0:1d:
                    f2:c3:b4:73:86:93:e6:9b:aa:7c:91:80:1d:6e:52:
                    06:3a:0e:d7:61:ed:c9:f7:42:0d:9b:3a:7a:d6:e6:
                    f1:09:6b:4f:60:f9:0f:44:2b:19:af:ca:ca:1f:3e:
                    64:20:68:92:dd:9c:c9:55:85:5c:43:84:ed:e6:4a:
                    b4:1a:39:7f:7b:63:94:aa:99:d5:5a:73:22:4a:21:
                    41:5c:c6:36:a8:9b:ee:80:99:27:bc:ea:9a:ba:61:
                    41:6c:67:b6:c1:4f:fc:08:68:f7:c0:95:98:a9:2a:
                    0e:83:8a:d3:de:20:ce:08:d4:6c:44:2f:a6:87:af:
                    a1:ae:11:b3:c4:17:35:3d:06:19:65:b8:8a:e6:4f:
                    4b:d8:7d:a0:4b:53:fa:24:fd:2b:5f:8f:2f:11:66:
                    37:f9:1d:96:8b:af:bf:c1:2a:69:dd:d2:de:1d:7f:
                    61:7a:df:04:b2:87:14:f8:cc:86:cd:7f:92:5f:cf:
                    12:23:73:ab:d1:8f:03:e4:b0:48:e8:20:a4:7f:7c:
                    60:4e:fa:79:77:6d:cf:ac:75:0c:68:37:85:8c:3e:
                    58:6f:9d:19:5f:40:93:06:e5:c4:ec:cc:8a:d2:5e:
                    c0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:BD:44:5C:90:6C:CE:79:25:54:50:DF:89:23:61:3A:B9:A0:DE:73
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/lr1EXJBsznklVFDfiSNhOrmg3nM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.108.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         15:f5:de:46:75:24:6f:9a:cb:87:d8:75:dc:12:65:14:da:42:
         7f:ca:b1:10:06:60:95:bc:76:50:c6:fd:7d:aa:1f:ca:d7:dc:
         31:8c:d6:fa:2a:9c:20:4d:16:46:28:b7:ef:b8:7a:ab:b8:99:
         b4:7d:b9:b5:99:44:e9:d6:a5:da:cb:dc:fc:67:c2:66:a6:8e:
         37:f3:1d:34:6c:6d:36:2f:fa:15:8a:6f:03:55:56:9a:af:f4:
         9e:60:15:3b:11:44:21:fe:82:8b:9c:c2:c7:a0:45:18:7d:51:
         9d:04:9b:4f:3d:40:89:74:67:dc:d0:f0:7c:1d:d5:b7:63:62:
         a9:b1:42:8c:af:78:11:e2:43:c2:0d:c7:b0:98:9f:3f:57:fa:
         8b:e2:6b:60:e0:17:31:e3:27:fc:48:ec:ab:23:7b:48:51:05:
         71:36:8f:34:b6:e9:c0:87:06:2e:3c:16:ac:ff:f3:c3:a5:f6:
         f0:ca:a7:d1:ef:fe:fd:b4:4d:5d:1a:cc:d7:57:c8:0a:3f:89:
         4a:78:31:c8:67:54:18:76:21:7f:23:3b:d5:11:d0:e9:d0:04:
         22:1a:07:a4:35:24:8f:b9:e6:47:09:c2:27:70:38:1c:b8:dc:
         e3:aa:55:4b:5b:e3:38:a9:23:cb:91:85:26:9e:53:de:c2:ee:
         90:4d:7a:c9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MjZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk2QkQ0NDVDOTA2Q0NF
NzkyNTU0NTBERjg5MjM2MTNBQjlBMERFNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCQEH+UFz5bAijphBcg14iN7ujpBsyq99C/QmwHfLDtHOGk+ab
qnyRgB1uUgY6Dtdh7cn3Qg2bOnrW5vEJa09g+Q9EKxmvysofPmQgaJLdnMlVhVxD
hO3mSrQaOX97Y5SqmdVacyJKIUFcxjaom+6AmSe86pq6YUFsZ7bBT/wIaPfAlZip
Kg6DitPeIM4I1GxEL6aHr6GuEbPEFzU9BhlluIrmT0vYfaBLU/ok/Stfjy8RZjf5
HZaLr7/BKmnd0t4df2F63wSyhxT4zIbNf5JfzxIjc6vRjwPksEjoIKR/fGBO+nl3
bc+sdQxoN4WMPlhvnRlfQJMG5cTszIrSXsAdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUlr1EXJBsznklVFDfiSNhOrmg3nMwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvbHIxRVhKQnN6bmtsVkZE
ZmlTTmhPcm1nM25NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BnxsgDANBgkqhkiG9w0BAQsFAAOCAQEAFfXeRnUkb5rLh9h13BJlFNpCf8qxEAZg
lbx2UMb9faofytfcMYzW+iqcIE0WRii377h6q7iZtH25tZlE6dal2svc/GfCZqaO
N/MdNGxtNi/6FYpvA1VWmq/0nmAVOxFEIf6Ci5zCx6BFGH1RnQSbTz1AiXRn3NDw
fB3Vt2NiqbFCjK94EeJDwg3HsJifP1f6i+JrYOAXMeMn/EjsqyN7SFEFcTaPNLbp
wIcGLjwWrP/zw6X28Mqn0e/+/bRNXRrM11fICj+JSngxyGdUGHYhfyM71RHQ6dAE
IhoHpDUkj7nmRwnCJ3A4HLjc46pVS1vjOKkjy5GFJp5T3sLukE16yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org