Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/mNgedo18iYJ1axTmk-nNeYRGqn4.roa
File:                     mNgedo18iYJ1axTmk-nNeYRGqn4.roa (raw, json)
Hash identifier:          Xcl/WBSBcruGpYk7muAvalnK8q7tf1X0eexS4UBqnzo=
Subject key identifier:   98:D8:1E:76:8D:7C:89:82:75:6B:14:E6:93:E9:CD:79:84:46:AA:7E
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/mNgedo18iYJ1axTmk-nNeYRGqn4.roa
Signing time:             Thu 15 Sep 2022 02:47:26 +0000
ROA not before:           Thu 15 Sep 2022 02:47:26 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        210.17.19.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:26 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=98D81E768D7C8982756B14E693E9CD798446AA7E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:39:67:0e:e5:83:b8:a6:53:bd:74:7c:ed:40:
                    e2:a9:74:6d:0e:90:4c:d0:26:a2:07:1d:17:b4:4e:
                    63:19:29:dd:43:6e:e1:65:60:e5:bc:2c:98:98:d4:
                    42:2e:3b:d2:14:42:7b:ef:42:79:1d:e1:71:3f:e9:
                    70:4e:4f:20:d0:6e:b4:73:2b:b7:f3:04:c2:69:b3:
                    e4:77:f0:d9:26:45:16:5b:0d:e0:b5:50:f9:28:19:
                    2a:90:86:82:7e:53:6d:47:57:b3:d5:0b:ac:ba:66:
                    46:8f:0d:f5:d8:5b:8a:b1:32:ef:4b:d8:34:08:77:
                    d0:cb:43:45:b9:0e:93:d2:ff:44:42:94:aa:f9:65:
                    21:0f:2c:4f:56:e6:7b:f5:75:69:37:04:ea:ba:f7:
                    0c:b2:41:9c:82:af:25:76:86:64:92:86:b5:a2:9b:
                    6f:69:1e:c7:86:3a:84:96:c4:00:27:22:8e:f9:0b:
                    ea:9c:50:94:a7:13:36:6d:e2:be:33:81:85:82:0e:
                    3a:e3:1b:ff:cb:59:4b:a6:d3:ba:0c:ac:a7:8a:80:
                    84:d3:c4:54:9d:48:62:a8:7b:c5:2d:c3:86:11:82:
                    c8:74:b0:99:b7:01:29:8d:d2:f8:df:4f:3e:2c:00:
                    8e:b3:96:1b:bd:94:fb:ea:75:69:b8:c6:51:c4:16:
                    36:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:D8:1E:76:8D:7C:89:82:75:6B:14:E6:93:E9:CD:79:84:46:AA:7E
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/mNgedo18iYJ1axTmk-nNeYRGqn4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:02:e2:a2:57:b3:1f:6c:05:ea:4d:27:db:8d:30:eb:b1:41:
         c9:98:32:7e:05:8b:e5:55:e2:6a:86:56:63:92:09:8d:68:01:
         a3:af:e9:a1:e9:22:8b:54:26:2e:9e:58:58:c1:e8:ca:be:4f:
         70:b7:1a:bf:ac:5f:27:2c:a4:ad:b0:c2:d9:93:15:b8:55:54:
         f4:1a:7d:0e:0d:53:f1:0d:3d:cc:e1:96:24:48:6b:ed:26:7e:
         ad:e8:ee:d4:49:9c:f2:b7:f9:3c:fa:08:2d:d6:cb:5b:d8:b7:
         81:1b:55:50:67:63:16:75:6c:2f:f3:ae:cc:4a:0c:24:e2:c4:
         e8:57:1c:79:f7:4a:62:4a:c5:24:44:4d:46:e9:12:ab:eb:c8:
         6b:88:03:db:f1:12:9e:a1:02:74:95:40:39:61:42:3c:02:1d:
         ae:ee:46:46:cc:8f:11:c3:ce:3a:58:dc:a0:69:8e:14:f2:e0:
         90:9c:ea:2c:3a:8c:1b:0d:76:e6:4b:bf:ee:31:74:67:97:5a:
         98:e2:3b:77:49:c6:01:67:44:b8:bb:22:96:20:3b:59:fd:f3:
         04:75:05:74:15:d8:6a:45:3e:ed:7d:24:62:c1:5e:6f:9f:44:
         51:6e:d1:98:26:ec:0b:f3:31:91:1c:50:61:0b:af:f0:88:9a:
         4e:83:39:88
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MjZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk4RDgxRTc2OEQ3Qzg5
ODI3NTZCMTRFNjkzRTlDRDc5ODQ0NkFBN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2OWcO5YO4plO9dHztQOKpdG0OkEzQJqIHHRe0TmMZKd1DbuFl
YOW8LJiY1EIuO9IUQnvvQnkd4XE/6XBOTyDQbrRzK7fzBMJps+R38NkmRRZbDeC1
UPkoGSqQhoJ+U21HV7PVC6y6ZkaPDfXYW4qxMu9L2DQId9DLQ0W5DpPS/0RClKr5
ZSEPLE9W5nv1dWk3BOq69wyyQZyCryV2hmSShrWim29pHseGOoSWxAAnIo75C+qc
UJSnEzZt4r4zgYWCDjrjG//LWUum07oMrKeKgITTxFSdSGKoe8Utw4YRgsh0sJm3
ASmN0vjfTz4sAI6zlhu9lPvqdWm4xlHEFjYxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmNgedo18iYJ1axTmk+nNeYRGqn4wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvbU5nZWRvMThpWUoxYXhU
bWstbk5lWVJHcW40LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIREzANBgkqhkiG9w0BAQsFAAOCAQEAbwLiolezH2wF6k0n240w67FByZgyfgWL
5VXiaoZWY5IJjWgBo6/poekii1QmLp5YWMHoyr5PcLcav6xfJyykrbDC2ZMVuFVU
9Bp9Dg1T8Q09zOGWJEhr7SZ+reju1Emc8rf5PPoILdbLW9i3gRtVUGdjFnVsL/Ou
zEoMJOLE6FccefdKYkrFJERNRukSq+vIa4gD2/ESnqECdJVAOWFCPAIdru5GRsyP
EcPOOljcoGmOFPLgkJzqLDqMGw125ku/7jF0Z5damOI7d0nGAWdEuLsiliA7Wf3z
BHUFdBXYakU+7X0kYsFeb59EUW7RmCbsC/MxkRxQYQuv8IiaToM5iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:18 2024 by rpki-client on console-ams.rpki-client.org