Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/rFIQVU0TPwCPeA5Yy6so7Ch8k4s.roa
File:                     rFIQVU0TPwCPeA5Yy6so7Ch8k4s.roa (raw, json)
Hash identifier:          4B04/L21zC8EnQE1nkBVXvNMce1nu6KqcR5DDIbWdcI=
Subject key identifier:   AC:52:10:55:4D:13:3F:00:8F:78:0E:58:CB:AB:28:EC:28:7C:93:8B
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/rFIQVU0TPwCPeA5Yy6so7Ch8k4s.roa
Signing time:             Thu 15 Sep 2022 02:46:56 +0000
ROA not before:           Thu 15 Sep 2022 02:46:56 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        202.132.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:46:56 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=AC5210554D133F008F780E58CBAB28EC287C938B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:22:0f:a6:24:0f:b2:53:73:2d:f5:45:06:f9:
                    6a:a8:f0:54:4e:d7:49:a9:02:5b:84:e5:ba:d7:fe:
                    b9:af:48:3a:44:a1:73:30:2b:c5:82:5c:3d:8c:3a:
                    b7:10:f8:9d:f0:4d:98:a7:bc:c9:60:fc:93:7c:53:
                    0b:54:02:57:64:4e:21:cd:40:53:4b:51:ca:0a:dd:
                    32:35:71:79:92:55:54:c5:cf:59:4d:f9:4c:cd:ee:
                    68:42:0d:4e:04:23:d2:d2:81:5e:58:a3:7b:7e:69:
                    43:ca:95:2c:4e:90:ec:fc:d2:07:4b:be:c8:52:3c:
                    39:8a:de:8e:20:91:0c:f6:c5:d8:5e:ba:84:63:e2:
                    e2:8a:16:33:d5:c1:26:05:06:93:b7:97:9d:ea:49:
                    71:bb:06:0c:76:49:06:fe:88:3a:b0:b1:07:84:2d:
                    8e:e6:db:6e:76:de:73:fb:52:a1:53:8d:9e:a6:e8:
                    01:bc:33:35:c8:29:1d:ba:5d:60:d5:87:58:50:31:
                    a0:87:a5:5e:f7:ba:2e:1c:cd:ef:51:a3:fe:11:c0:
                    6e:56:48:44:a3:71:73:f2:9a:74:a8:75:60:4c:f3:
                    87:40:e8:7b:40:b5:d7:36:71:12:0a:b9:eb:80:6b:
                    b2:2f:ae:68:bd:40:73:cf:28:de:4c:45:d0:1a:f1:
                    70:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:52:10:55:4D:13:3F:00:8F:78:0E:58:CB:AB:28:EC:28:7C:93:8B
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/rFIQVU0TPwCPeA5Yy6so7Ch8k4s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.132.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         14:de:fb:1b:d2:8b:98:3e:0c:07:28:4a:d2:01:be:a8:4c:25:
         86:a1:eb:54:a0:5a:24:80:8e:14:73:fe:b7:a3:18:8c:66:0a:
         54:37:5e:93:58:97:18:18:3c:18:f5:7f:3a:e8:ef:84:67:77:
         cc:f0:f3:d6:cf:2b:8e:d9:d1:43:80:6b:8b:2d:d2:3c:5e:cb:
         32:a1:3d:e0:d7:39:94:5e:5b:2b:18:db:2d:e9:40:24:a0:3d:
         d6:62:14:35:02:5e:f2:85:77:c5:00:ac:e1:54:3f:fc:ab:ad:
         64:55:f1:ed:e7:12:33:47:d0:77:d7:1b:98:61:66:f5:30:6f:
         cb:32:17:46:47:bd:c1:52:29:f4:c2:33:4f:f5:f8:5f:06:92:
         05:a8:50:af:19:b9:a2:87:78:0f:c0:04:82:37:4c:ec:a5:36:
         94:57:05:5d:b2:b9:00:c8:1f:bf:b2:bf:09:a2:7d:1d:25:8a:
         1c:62:c9:49:c8:29:e4:64:90:e2:ab:ba:98:83:d5:ae:13:a3:
         6a:8f:a6:d2:44:f2:29:f8:1d:a4:80:7a:84:b6:93:98:22:08:
         f5:8f:01:7c:f5:cb:50:51:2f:cf:f4:8f:d4:06:e9:7b:ee:b6:
         a1:0f:f5:8b:66:4d:64:3f:ec:db:f3:43:8f:b4:04:f3:f3:56:
         e3:6d:93:3e
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ2NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFDNTIxMDU1NEQxMzNG
MDA4Rjc4MEU1OENCQUIyOEVDMjg3QzkzOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCIg+mJA+yU3Mt9UUG+Wqo8FRO10mpAluE5brX/rmvSDpEoXMw
K8WCXD2MOrcQ+J3wTZinvMlg/JN8UwtUAldkTiHNQFNLUcoK3TI1cXmSVVTFz1lN
+UzN7mhCDU4EI9LSgV5Yo3t+aUPKlSxOkOz80gdLvshSPDmK3o4gkQz2xdheuoRj
4uKKFjPVwSYFBpO3l53qSXG7Bgx2SQb+iDqwsQeELY7m22523nP7UqFTjZ6m6AG8
MzXIKR26XWDVh1hQMaCHpV73ui4cze9Ro/4RwG5WSESjcXPymnSodWBM84dA6HtA
tdc2cRIKueuAa7Ivrmi9QHPPKN5MRdAa8XC5AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUrFIQVU0TPwCPeA5Yy6so7Ch8k4swHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvckZJUVZVMFRQd0NQZUE1
WXk2c283Q2g4azRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
AMqEMA0GCSqGSIb3DQEBCwUAA4IBAQAU3vsb0ouYPgwHKErSAb6oTCWGoetUoFok
gI4Uc/63oxiMZgpUN16TWJcYGDwY9X866O+EZ3fM8PPWzyuO2dFDgGuLLdI8Xssy
oT3g1zmUXlsrGNst6UAkoD3WYhQ1Al7yhXfFAKzhVD/8q61kVfHt5xIzR9B31xuY
YWb1MG/LMhdGR73BUin0wjNP9fhfBpIFqFCvGbmih3gPwASCN0zspTaUVwVdsrkA
yB+/sr8Jon0dJYocYslJyCnkZJDiq7qYg9WuE6Nqj6bSRPIp+B2kgHqEtpOYIgj1
jwF89ctQUS/P9I/UBul77rahD/WLZk1kP+zb80OPtATz81bjbZM+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org