Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/naM-9Wgu46pUiviLDvj6ML4Gw44.roa
File:                     naM-9Wgu46pUiviLDvj6ML4Gw44.roa (raw, json)
Hash identifier:          S4BtunjX9vAongAwq2+uksSdvosAbX3GAnyqy3cTyVE=
Subject key identifier:   9D:A3:3E:F5:68:2E:E3:AA:54:8A:F8:8B:0E:F8:FA:30:BE:06:C3:8E
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0CB9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/naM-9Wgu46pUiviLDvj6ML4Gw44.roa
Signing time:             Wed 29 Sep 2021 02:50:11 +0000
ROA not before:           Wed 29 Sep 2021 02:50:11 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131597
IP address blocks:        219.86.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3257 (0xcb9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 02:50:11 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=9DA33EF5682EE3AA548AF88B0EF8FA30BE06C38E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:9b:8a:96:77:05:4c:6e:63:47:a3:7e:c6:15:
                    36:f6:12:08:50:26:72:63:3f:6f:92:8c:c3:9b:d9:
                    7e:e8:90:b6:c1:70:8b:26:54:35:0f:a6:53:a8:75:
                    ef:27:e7:8a:a3:f8:39:19:c7:ad:0f:f6:07:64:9a:
                    17:08:7c:37:85:2c:74:a0:5d:1f:ca:ea:1b:04:75:
                    3f:ce:c8:fd:92:01:8a:03:29:d2:a7:a1:6d:0b:cc:
                    1c:b2:21:9f:d0:90:66:be:95:6a:63:4e:37:1d:1c:
                    6d:31:99:da:c9:ca:be:34:62:57:28:52:e7:af:5d:
                    c8:8c:48:f6:27:1e:33:98:21:d8:d2:30:80:a4:f3:
                    7a:7e:7c:10:99:61:ab:e8:22:39:4d:13:1a:31:74:
                    c9:66:e9:a9:a7:81:a1:07:56:29:45:ce:e0:7e:44:
                    8f:11:2b:41:fc:dc:52:94:56:e7:4b:0f:80:9d:6c:
                    ed:b5:4a:1c:57:90:de:14:9d:48:99:ef:f2:a7:d8:
                    7b:ca:03:35:76:84:1b:67:01:a0:59:90:98:eb:60:
                    39:c1:77:74:44:27:2f:40:ae:fa:85:f4:a6:41:49:
                    f1:ed:5f:96:f4:fc:df:4b:13:b3:6d:ef:23:de:18:
                    c5:47:53:03:38:7d:22:04:69:63:0b:07:1b:c5:de:
                    29:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:A3:3E:F5:68:2E:E3:AA:54:8A:F8:8B:0E:F8:FA:30:BE:06:C3:8E
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/naM-9Wgu46pUiviLDvj6ML4Gw44.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.86.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:c0:25:24:ee:a2:dd:af:b0:8f:41:73:7d:95:36:08:5f:d8:
         ba:1e:c9:38:ce:04:ee:e7:c6:b3:c3:2c:2a:75:24:86:fa:f8:
         e0:f8:f1:56:34:89:25:57:b2:ee:d4:fc:47:55:a2:27:c5:9f:
         32:8d:32:26:44:48:ed:68:0b:a4:a8:3c:19:d0:7e:8d:c2:d4:
         aa:17:fa:51:3b:cd:d0:31:dc:55:00:4d:d3:3a:dc:35:ab:9f:
         f2:38:2e:1c:21:54:85:1b:1c:b9:f5:69:b0:42:5b:5f:e8:3e:
         57:06:52:83:36:3c:cd:d3:81:b9:99:b7:f5:30:6b:ae:04:cb:
         45:78:3d:15:3c:e4:1c:91:de:5d:52:79:2f:5e:fb:12:89:eb:
         a9:e4:f7:cd:77:7e:50:fd:92:a3:57:f0:29:49:9b:db:d7:31:
         d1:00:44:f4:ac:a2:a6:e2:1d:f3:40:d4:38:f8:d1:b2:4a:a3:
         c3:0f:fd:88:6f:3f:57:ca:9b:08:f7:a2:28:17:07:2d:a7:12:
         63:6e:04:8e:65:69:a5:f8:5e:78:05:14:27:3c:18:c4:e7:dd:
         6d:b6:67:c9:9e:c8:ab:26:7b:4c:bb:83:a8:67:ab:a8:4d:b7:
         b5:8e:e0:9d:0c:11:86:d8:44:4e:42:a7:ff:63:c8:cd:20:6a:
         85:84:38:26
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDLkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTA5Mjkw
MjUwMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlEQTMzRUY1NjgyRUUz
QUE1NDhBRjg4QjBFRjhGQTMwQkUwNkMzOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdm4qWdwVMbmNHo37GFTb2EghQJnJjP2+SjMOb2X7okLbBcIsm
VDUPplOode8n54qj+DkZx60P9gdkmhcIfDeFLHSgXR/K6hsEdT/OyP2SAYoDKdKn
oW0LzByyIZ/QkGa+lWpjTjcdHG0xmdrJyr40YlcoUuevXciMSPYnHjOYIdjSMICk
83p+fBCZYavoIjlNExoxdMlm6amngaEHVilFzuB+RI8RK0H83FKUVudLD4CdbO21
ShxXkN4UnUiZ7/Kn2HvKAzV2hBtnAaBZkJjrYDnBd3REJy9ArvqF9KZBSfHtX5b0
/N9LE7Nt7yPeGMVHUwM4fSIEaWMLBxvF3ik1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnaM+9Wgu46pUiviLDvj6ML4Gw44wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvbmFNLTlXZ3U0NnBVaXZp
TER2ajZNTDRHdzQ0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANtWXDANBgkqhkiG9w0BAQsFAAOCAQEAY8AlJO6i3a+wj0FzfZU2CF/Yuh7JOM4E
7ufGs8MsKnUkhvr44PjxVjSJJVey7tT8R1WiJ8WfMo0yJkRI7WgLpKg8GdB+jcLU
qhf6UTvN0DHcVQBN0zrcNauf8jguHCFUhRscufVpsEJbX+g+VwZSgzY8zdOBuZm3
9TBrrgTLRXg9FTzkHJHeXVJ5L177EonrqeT3zXd+UP2So1fwKUmb29cx0QBE9Kyi
puId80DUOPjRskqjww/9iG8/V8qbCPeiKBcHLacSY24EjmVppfheeAUUJzwYxOfd
bbZnyZ7IqyZ7TLuDqGerqE23tY7gnQwRhthETkKn/2PIzSBqhYQ4Jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org