Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/nAZMElGDZm3GJ-UI57sNWdKs9-Q.roa
File:                     nAZMElGDZm3GJ-UI57sNWdKs9-Q.roa (raw, json)
Hash identifier:          +Rp01jxboadpJ8KNwsGlh6oVHE1RCZWPo6akaSov508=
Subject key identifier:   9C:06:4C:12:51:83:66:6D:C6:27:E5:08:E7:BB:0D:59:D2:AC:F7:E4
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0C51
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/nAZMElGDZm3GJ-UI57sNWdKs9-Q.roa
Signing time:             Wed 29 Sep 2021 02:49:40 +0000
ROA not before:           Wed 29 Sep 2021 02:49:40 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9924
IP address blocks:        202.132.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3153 (0xc51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:49:40 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=9C064C125183666DC627E508E7BB0D59D2ACF7E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:36:3c:99:c1:c1:c9:17:37:28:1b:5e:b0:9d:
                    42:20:a0:91:86:5c:62:62:ed:79:29:d7:23:32:03:
                    a5:0b:d3:b8:ad:e6:e8:49:8d:12:b4:9a:16:56:69:
                    6e:e8:c7:77:be:07:f6:3b:f0:eb:cc:9d:d0:99:90:
                    bc:8d:cc:28:f5:45:5b:f5:b1:35:38:43:79:49:2d:
                    d4:c8:92:23:b9:15:24:d5:f3:3e:5d:56:96:c1:5f:
                    e8:ac:34:b9:49:88:3f:e8:50:e7:8e:e4:87:fd:f7:
                    ad:b6:89:7f:33:65:e2:63:0d:64:9c:56:f5:c5:f1:
                    fd:d5:d9:bf:74:bb:f5:68:f8:f4:f0:eb:60:38:93:
                    ec:25:b3:5e:bc:91:03:da:58:c4:9b:74:18:d8:2d:
                    ff:ed:68:f2:3b:42:0c:d4:45:0f:fb:24:5a:ba:4c:
                    0f:2d:c3:53:0d:27:9b:a1:d3:d2:a3:58:de:7d:4c:
                    67:f1:f9:da:3c:dd:04:46:40:20:92:30:06:8d:59:
                    49:67:7c:98:6c:6a:23:c5:3c:bb:46:f0:6e:2b:c3:
                    41:86:c7:42:c1:ed:9c:86:b0:cb:a2:6b:ea:f5:14:
                    10:c3:8b:ad:7f:d6:17:4a:6d:ea:80:4e:84:33:bb:
                    61:a0:78:6e:1b:47:34:80:3d:13:a0:ac:cc:72:a5:
                    d1:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:06:4C:12:51:83:66:6D:C6:27:E5:08:E7:BB:0D:59:D2:AC:F7:E4
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/nAZMElGDZm3GJ-UI57sNWdKs9-Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.132.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:7c:98:d7:8c:c9:b6:b3:3a:2b:54:f7:7b:0b:ff:52:b9:1d:
         4b:34:93:e1:6c:d3:72:88:cf:8b:a8:0a:6f:47:a5:eb:ea:2a:
         96:2a:cf:46:57:df:62:08:d3:c3:fa:a9:97:25:a7:2c:99:e1:
         87:51:c6:e6:88:97:55:af:f6:91:9e:c4:b5:68:8e:ed:48:8d:
         2e:30:63:34:f0:d9:7d:4f:5f:9a:08:cf:0b:21:7a:2f:40:d4:
         ba:ca:1b:50:d0:16:56:58:4a:01:45:40:2c:d7:aa:20:bc:d9:
         e9:89:39:14:c7:45:7e:e7:64:af:8b:4c:2a:7b:9e:87:6e:b3:
         db:27:b3:a4:30:34:57:01:96:a9:eb:38:5d:de:8c:99:ef:51:
         41:73:ec:f2:d1:76:f0:87:41:f9:99:74:b8:a3:30:83:c4:fd:
         ba:d7:6a:c3:4b:3c:03:82:13:8e:fb:7b:15:be:b1:ce:53:0b:
         4c:38:c2:e3:58:b6:b0:8b:b6:e2:3f:ff:d7:98:5f:de:32:ad:
         e7:94:71:a0:22:90:2d:75:1a:bf:f4:31:4e:5d:eb:ff:e4:c6:
         38:0b:94:2a:fb:78:15:aa:6b:79:4d:ac:38:cb:fc:a0:c1:4c:
         07:0b:0a:34:91:b7:d8:aa:1e:26:78:d0:38:96:de:3a:f2:f8:
         8b:80:7d:5f
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDFEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjQ5NDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlDMDY0QzEyNTE4MzY2
NkRDNjI3RTUwOEU3QkIwRDU5RDJBQ0Y3RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0NjyZwcHJFzcoG16wnUIgoJGGXGJi7Xkp1yMyA6UL07it5uhJ
jRK0mhZWaW7ox3e+B/Y78OvMndCZkLyNzCj1RVv1sTU4Q3lJLdTIkiO5FSTV8z5d
VpbBX+isNLlJiD/oUOeO5If99622iX8zZeJjDWScVvXF8f3V2b90u/Vo+PTw62A4
k+wls168kQPaWMSbdBjYLf/taPI7QgzURQ/7JFq6TA8tw1MNJ5uh09KjWN59TGfx
+do83QRGQCCSMAaNWUlnfJhsaiPFPLtG8G4rw0GGx0LB7ZyGsMuia+r1FBDDi61/
1hdKbeqAToQzu2GgeG4bRzSAPROgrMxypdFrAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUnAZMElGDZm3GJ+UI57sNWdKs9+QwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvbkFaTUVsR0RabTNHSi1V
STU3c05XZEtzOS1RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
AMqEMA0GCSqGSIb3DQEBCwUAA4IBAQCBfJjXjMm2szorVPd7C/9SuR1LNJPhbNNy
iM+LqApvR6Xr6iqWKs9GV99iCNPD+qmXJacsmeGHUcbmiJdVr/aRnsS1aI7tSI0u
MGM08Nl9T1+aCM8LIXovQNS6yhtQ0BZWWEoBRUAs16ogvNnpiTkUx0V+52Svi0wq
e56HbrPbJ7OkMDRXAZap6zhd3oyZ71FBc+zy0Xbwh0H5mXS4ozCDxP2612rDSzwD
ghOO+3sVvrHOUwtMOMLjWLawi7biP//XmF/eMq3nlHGgIpAtdRq/9DFOXev/5MY4
C5Qq+3gVqmt5Taw4y/ygwUwHCwo0kbfYqh4meNA4lt468viLgH1f
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org