Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/s3brrtnSlc_cKMm2lRIrCBxH090.roa
File:                     s3brrtnSlc_cKMm2lRIrCBxH090.roa (raw, json)
Hash identifier:          IY0/Ie2NUJHRZEmDHVcIwJsU5oxNlvQsUMvfqdZoRsk=
Subject key identifier:   B3:76:EB:AE:D9:D2:95:CF:DC:28:C9:B6:95:12:2B:08:1C:47:D3:DD
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/s3brrtnSlc_cKMm2lRIrCBxH090.roa
Signing time:             Thu 15 Sep 2022 02:47:06 +0000
ROA not before:           Thu 15 Sep 2022 02:47:06 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     9924
IP address blocks:        210.192.128.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:06 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=B376EBAED9D295CFDC28C9B695122B081C47D3DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5e:ac:47:0c:ab:77:85:90:ad:df:1f:bf:fb:
                    36:2d:d2:ae:aa:1d:16:9c:90:e0:94:49:d4:7d:ec:
                    88:0b:3a:a0:e5:e9:d7:ac:27:e2:a6:79:cf:ee:6c:
                    0d:6a:3e:cb:5c:f8:98:7a:7e:27:ad:85:c9:c8:26:
                    07:85:f0:32:a7:b3:69:da:d0:90:e7:b5:0c:6b:03:
                    21:e0:8d:91:8e:1f:c0:6a:f0:93:89:d5:5d:f2:69:
                    44:1d:f2:06:da:da:2e:2d:e6:bc:19:e4:4c:39:ec:
                    7a:48:df:9c:c9:d2:fe:d4:49:a9:9e:45:e3:5b:17:
                    6e:c1:0a:e1:88:87:84:64:63:63:99:be:de:ee:4e:
                    db:af:f6:2e:9d:e6:c9:f3:0b:2f:0d:b5:7b:ad:03:
                    7e:ca:d9:44:53:65:f1:54:28:9b:8d:a5:22:12:31:
                    aa:0a:2e:4f:c6:44:07:74:2b:1f:04:71:70:53:17:
                    63:bf:6f:99:dd:47:47:b4:1e:ff:73:53:37:44:05:
                    ae:54:10:9d:7d:7e:9a:e5:22:22:1e:c3:2f:fb:11:
                    48:81:cf:8a:9d:34:50:71:41:8b:22:fe:d4:e9:60:
                    e6:b4:e0:75:ba:11:05:c4:70:4d:33:0f:ea:86:3c:
                    5d:95:39:4e:46:90:bf:31:73:e2:89:91:07:7a:7d:
                    0d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:76:EB:AE:D9:D2:95:CF:DC:28:C9:B6:95:12:2B:08:1C:47:D3:DD
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/s3brrtnSlc_cKMm2lRIrCBxH090.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.192.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         1c:5d:f9:93:37:ab:d6:71:ed:47:a3:62:bc:94:8d:8e:9d:0e:
         59:57:e7:7b:55:c8:02:d2:1b:cf:1e:7c:5a:e1:5f:73:a7:44:
         16:dc:8a:07:29:e0:57:bd:f0:26:7d:0f:b5:4d:2c:d7:80:51:
         8f:dd:48:aa:df:4a:ab:9c:52:1c:a4:71:3b:96:ac:f5:8b:de:
         8f:4d:13:61:61:dd:24:bb:08:1c:bc:23:40:48:1a:7d:3e:0b:
         27:0d:7b:10:56:95:9b:97:a7:3b:67:0a:35:e9:bb:63:d4:81:
         d6:76:53:41:a0:45:02:11:98:2b:d9:49:cf:27:90:6c:f5:93:
         35:b2:6a:14:12:27:61:46:09:2a:53:7f:f5:c3:a0:70:92:36:
         8a:93:fa:2b:6e:32:75:22:13:bc:21:a6:ec:f9:65:7e:dc:1a:
         2a:36:e0:f4:ae:bb:8e:76:7f:55:21:db:00:a7:93:0a:e3:60:
         67:40:1d:d9:38:7f:a0:77:59:b8:82:6d:84:c5:1c:e8:07:e5:
         fd:68:4d:eb:ea:bc:a5:2d:a0:57:a9:d4:c5:92:d1:cf:5d:fd:
         54:6c:33:3a:c2:b5:30:5a:fa:57:2e:bb:53:0b:5d:62:a7:fa:
         db:a7:7f:0a:6f:2a:0c:d6:06:c5:ab:03:9f:6b:01:be:52:d9:
         ad:01:73:7f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEIzNzZFQkFFRDlEMjk1
Q0ZEQzI4QzlCNjk1MTIyQjA4MUM0N0QzREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnXqxHDKt3hZCt3x+/+zYt0q6qHRackOCUSdR97IgLOqDl6des
J+Kmec/ubA1qPstc+Jh6fiethcnIJgeF8DKns2na0JDntQxrAyHgjZGOH8Bq8JOJ
1V3yaUQd8gba2i4t5rwZ5Ew57HpI35zJ0v7USameReNbF27BCuGIh4RkY2OZvt7u
Ttuv9i6d5snzCy8NtXutA37K2URTZfFUKJuNpSISMaoKLk/GRAd0Kx8EcXBTF2O/
b5ndR0e0Hv9zUzdEBa5UEJ19fprlIiIewy/7EUiBz4qdNFBxQYsi/tTpYOa04HW6
EQXEcE0zD+qGPF2VOU5GkL8xc+KJkQd6fQ3zAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUs3brrtnSlc/cKMm2lRIrCBxH090wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvczNicnJ0blNsY19jS01t
MmxSSXJDQnhIMDkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
B9LAgDANBgkqhkiG9w0BAQsFAAOCAQEAHF35kzer1nHtR6NivJSNjp0OWVfne1XI
AtIbzx58WuFfc6dEFtyKByngV73wJn0PtU0s14BRj91Iqt9Kq5xSHKRxO5as9Yve
j00TYWHdJLsIHLwjQEgafT4LJw17EFaVm5enO2cKNem7Y9SB1nZTQaBFAhGYK9lJ
zyeQbPWTNbJqFBInYUYJKlN/9cOgcJI2ipP6K24ydSITvCGm7PllftwaKjbg9K67
jnZ/VSHbAKeTCuNgZ0Ad2Th/oHdZuIJthMUc6Afl/WhN6+q8pS2gV6nUxZLRz139
VGwzOsK1MFr6Vy67UwtdYqf626d/Cm8qDNYGxasDn2sBvlLZrQFzfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org