Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/qtp4nBJnwFRg0HgZU3APhRPuVDg.roa
File:                     qtp4nBJnwFRg0HgZU3APhRPuVDg.roa (raw, json)
Hash identifier:          +q/GE8fwE+jDIqzNoE9IyN3LSe9bc8sElGw0a9/kD8E=
Subject key identifier:   AA:DA:78:9C:12:67:C0:54:60:D0:78:19:53:70:0F:85:13:EE:54:38
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/qtp4nBJnwFRg0HgZU3APhRPuVDg.roa
Signing time:             Thu 15 Sep 2022 02:47:29 +0000
ROA not before:           Thu 15 Sep 2022 02:47:29 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        60.199.235.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:29 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=AADA789C1267C05460D0781953700F8513EE5438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:33:ec:d2:fb:3d:92:39:1b:c5:d8:a4:30:00:
                    e3:21:10:a0:ed:fe:83:be:9f:4d:18:46:f5:c7:37:
                    61:4c:a8:e8:f6:1f:18:6b:72:5e:43:b4:7b:5c:f1:
                    bc:16:1f:28:37:bc:7b:b2:44:7b:46:a8:dc:7e:e0:
                    d0:82:17:fd:01:6d:b2:bc:24:b3:57:f9:98:f9:5b:
                    ee:c0:28:ce:33:ed:23:00:c4:12:bc:6f:21:7b:de:
                    98:cd:84:2c:29:17:6d:21:89:da:16:2e:e4:64:28:
                    1a:9b:e2:34:b4:fe:6b:04:55:6a:5b:fb:1d:5c:e4:
                    cd:93:64:d3:da:49:93:48:8e:e1:49:b5:31:f6:59:
                    26:e4:7f:b4:43:5e:44:ff:69:52:80:b1:81:5f:a2:
                    4e:67:f2:d8:73:98:18:3b:75:20:af:15:a1:25:b7:
                    28:34:67:53:70:e5:b1:58:8a:32:fa:eb:f9:da:78:
                    27:66:4e:c0:5d:ac:93:bc:c5:de:bc:de:f4:54:1c:
                    25:26:e0:b4:d7:5d:f2:f5:0e:15:6f:b5:8a:ec:e3:
                    e3:06:96:55:6d:ce:0d:09:21:77:0a:1b:e8:37:48:
                    af:ec:1c:d4:eb:d7:61:c1:35:02:8f:3a:88:ce:41:
                    3d:9e:c1:8a:47:67:86:37:63:02:cf:50:fa:37:24:
                    86:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:DA:78:9C:12:67:C0:54:60:D0:78:19:53:70:0F:85:13:EE:54:38
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/qtp4nBJnwFRg0HgZU3APhRPuVDg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.199.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:31:a8:cc:3b:d2:b6:d1:de:38:4d:84:d1:22:c8:32:3c:32:
         c0:32:41:57:02:be:fa:01:83:df:e7:bf:ae:14:31:ff:93:21:
         a9:b6:4a:3d:ba:04:91:5e:df:66:8d:f9:ee:d7:5a:5c:19:bf:
         87:d3:7f:35:db:01:27:78:fe:f0:e5:24:fc:36:14:44:e1:47:
         5c:50:98:2a:60:1f:14:f6:14:f4:61:f2:b3:cc:bc:e1:c3:f9:
         b8:2e:ee:1b:73:95:bd:e7:c1:93:c9:c0:e6:a4:c4:a8:7a:2a:
         a3:c1:e8:18:f2:2c:eb:78:a6:fa:06:14:c9:ff:1f:b8:b8:57:
         2f:dd:ff:9a:d3:40:24:03:01:66:98:19:3f:5a:a5:5d:a2:9e:
         29:ef:f5:99:ce:74:3d:bd:8d:7f:76:3d:8b:49:9d:a0:4f:6b:
         b3:ce:20:b4:b3:d0:e7:c7:57:7f:a8:e4:d1:5f:9d:e6:93:ef:
         11:48:93:6a:9d:cb:48:49:80:2f:4e:85:f0:ec:f4:ac:c7:ab:
         64:5f:b1:42:54:1a:6d:ca:bd:e9:83:e7:aa:20:89:2c:9c:88:
         f4:36:d5:42:c5:c5:c1:5f:d8:ef:06:6d:f5:8b:3d:7c:02:d6:
         e6:eb:4d:25:c9:ff:63:2a:b0:8f:51:db:e2:27:a3:72:41:e2:
         04:ce:47:ac
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MjlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFBREE3ODlDMTI2N0Mw
NTQ2MEQwNzgxOTUzNzAwRjg1MTNFRTU0MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6M+zS+z2SORvF2KQwAOMhEKDt/oO+n00YRvXHN2FMqOj2Hxhr
cl5DtHtc8bwWHyg3vHuyRHtGqNx+4NCCF/0BbbK8JLNX+Zj5W+7AKM4z7SMAxBK8
byF73pjNhCwpF20hidoWLuRkKBqb4jS0/msEVWpb+x1c5M2TZNPaSZNIjuFJtTH2
WSbkf7RDXkT/aVKAsYFfok5n8thzmBg7dSCvFaEltyg0Z1Nw5bFYijL66/naeCdm
TsBdrJO8xd683vRUHCUm4LTXXfL1DhVvtYrs4+MGllVtzg0JIXcKG+g3SK/sHNTr
12HBNQKPOojOQT2ewYpHZ4Y3YwLPUPo3JIZ7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqtp4nBJnwFRg0HgZU3APhRPuVDgwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvcXRwNG5CSm53RlJnMEhn
WlUzQVBoUlB1VkRnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzH6zANBgkqhkiG9w0BAQsFAAOCAQEATjGozDvSttHeOE2E0SLIMjwywDJBVwK+
+gGD3+e/rhQx/5MhqbZKPboEkV7fZo357tdaXBm/h9N/NdsBJ3j+8OUk/DYUROFH
XFCYKmAfFPYU9GHys8y84cP5uC7uG3OVvefBk8nA5qTEqHoqo8HoGPIs63im+gYU
yf8fuLhXL93/mtNAJAMBZpgZP1qlXaKeKe/1mc50Pb2Nf3Y9i0mdoE9rs84gtLPQ
58dXf6jk0V+d5pPvEUiTap3LSEmAL06F8Oz0rMerZF+xQlQabcq96YPnqiCJLJyI
9DbVQsXFwV/Y7wZt9Ys9fALW5utNJcn/Yyqwj1Hb4iejckHiBM5HrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org