Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/r_9ZcwulnwCxXh_kBHjkzEXQlN8.roa
File:                     r_9ZcwulnwCxXh_kBHjkzEXQlN8.roa (raw, json)
Hash identifier:          r4+wPICf8VB8bH60vxGLCVLVMUurp6SSPVVbzw+5WJ8=
Subject key identifier:   AF:FF:59:73:0B:A5:9F:00:B1:5E:1F:E4:04:78:E4:CC:45:D0:94:DF
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       09B2
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/r_9ZcwulnwCxXh_kBHjkzEXQlN8.roa
Signing time:             Wed 16 Dec 2020 03:10:40 +0000
ROA not before:           Wed 16 Dec 2020 03:10:40 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        210.17.76.0/22 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2482 (0x9b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Dec 16 03:10:40 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=AFFF59730BA59F00B15E1FE40478E4CC45D094DF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a3:d0:29:69:b9:e7:78:09:b2:e9:c9:b6:c1:
                    7a:f5:cc:d7:65:cb:45:68:ca:ad:13:f4:9c:cb:5e:
                    38:ac:7c:14:6a:a4:5f:19:8b:9d:71:76:88:f2:6c:
                    21:b9:6c:a7:28:2e:cd:40:2f:27:09:51:0b:ba:fa:
                    21:c6:a4:1a:7f:c4:ea:09:31:1e:16:be:d0:3f:43:
                    58:32:a3:8a:dd:a2:8b:70:62:0e:0b:00:62:a4:e4:
                    0b:aa:5a:c7:e7:76:60:f0:9d:69:c3:d7:7a:ac:93:
                    49:47:18:da:9a:7e:a7:11:cd:39:78:54:f6:cd:0b:
                    42:87:1a:c6:75:33:7f:10:60:cc:34:47:61:81:f4:
                    52:b0:b8:6c:d7:89:f3:c8:d1:59:6b:6c:c8:35:ca:
                    62:f1:b5:53:ee:98:d1:79:de:f9:f3:74:ef:91:76:
                    76:28:c0:b2:b2:ab:fd:31:67:f0:54:6a:53:29:e4:
                    87:d9:94:9c:3f:79:08:97:c1:a5:99:29:9e:b7:71:
                    be:da:a2:5b:4e:24:23:aa:8a:d9:20:09:12:94:fb:
                    dc:18:30:58:dd:11:99:f6:24:df:fd:5f:5d:1c:5b:
                    8c:6d:86:14:63:00:90:fd:62:fa:6c:72:bb:d4:82:
                    05:27:27:15:5f:67:2e:36:8d:75:e7:41:22:ae:e9:
                    56:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:FF:59:73:0B:A5:9F:00:B1:5E:1F:E4:04:78:E4:CC:45:D0:94:DF
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/r_9ZcwulnwCxXh_kBHjkzEXQlN8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:db:5d:bd:cc:32:e6:d9:cd:3d:c2:bb:4f:a8:31:4c:6d:89:
         9a:d3:73:6b:78:f3:8f:cb:8b:bd:7f:09:53:29:a2:5e:ef:33:
         4f:47:32:bb:f8:55:12:e0:4d:ec:71:34:07:d0:50:16:4f:96:
         06:73:3e:e2:f5:70:2c:54:3b:ec:36:fb:4e:43:79:7f:97:f8:
         db:8a:68:9b:1c:fe:54:ff:63:42:0f:c5:c7:05:4b:30:cd:54:
         f4:5f:00:dd:da:8c:24:86:03:99:70:80:d4:b7:b4:37:70:b3:
         07:1c:12:e1:da:e8:e6:9d:82:15:72:22:89:eb:22:f2:8b:a2:
         d4:54:1a:8f:ab:aa:ca:3f:7c:b9:f1:06:98:79:29:b4:22:fe:
         fa:7f:73:43:c5:f7:49:6e:47:5c:ce:d4:2f:ec:55:cc:41:27:
         39:d5:3d:08:d0:d0:d0:51:f9:c9:05:d6:e4:b3:55:c4:0e:5a:
         cb:37:da:89:f3:ad:ad:96:54:ac:fe:2d:89:84:2c:c6:7b:83:
         5b:67:68:0e:62:72:72:96:d2:a2:48:47:24:80:58:56:17:77:
         79:d6:2b:6d:4e:bb:fb:33:e2:07:b7:dd:0d:c5:d8:f0:11:a7:
         da:ea:74:07:25:16:8d:42:ec:8f:df:70:59:66:8f:cc:3c:db:
         8a:ed:ba:18
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTYw
MzEwNDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFGRkY1OTczMEJBNTlG
MDBCMTVFMUZFNDA0NzhFNENDNDVEMDk0REYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdo9ApabnneAmy6cm2wXr1zNdly0Voyq0T9JzLXjisfBRqpF8Z
i51xdojybCG5bKcoLs1ALycJUQu6+iHGpBp/xOoJMR4WvtA/Q1gyo4rdootwYg4L
AGKk5AuqWsfndmDwnWnD13qsk0lHGNqafqcRzTl4VPbNC0KHGsZ1M38QYMw0R2GB
9FKwuGzXifPI0VlrbMg1ymLxtVPumNF53vnzdO+RdnYowLKyq/0xZ/BUalMp5IfZ
lJw/eQiXwaWZKZ63cb7aoltOJCOqitkgCRKU+9wYMFjdEZn2JN/9X10cW4xthhRj
AJD9YvpscrvUggUnJxVfZy42jXXnQSKu6VZDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUr/9ZcwulnwCxXh/kBHjkzEXQlN8wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvcl85WmN3dWxud0N4WGhf
a0JIamt6RVhRbE44LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AtIRTDANBgkqhkiG9w0BAQsFAAOCAQEASttdvcwy5tnNPcK7T6gxTG2JmtNza3jz
j8uLvX8JUymiXu8zT0cyu/hVEuBN7HE0B9BQFk+WBnM+4vVwLFQ77Db7TkN5f5f4
24pomxz+VP9jQg/FxwVLMM1U9F8A3dqMJIYDmXCA1Le0N3CzBxwS4dro5p2CFXIi
iesi8oui1FQaj6uqyj98ufEGmHkptCL++n9zQ8X3SW5HXM7UL+xVzEEnOdU9CNDQ
0FH5yQXW5LNVxA5ayzfaifOtrZZUrP4tiYQsxnuDW2doDmJycpbSokhHJIBYVhd3
edYrbU67+zPiB7fdDcXY8BGn2up0ByUWjULsj99wWWaPzDzbiu26GA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org