Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sBrhZCh9YdqLw4PFkNBn2md9bMo.roa
File:                     sBrhZCh9YdqLw4PFkNBn2md9bMo.roa (raw, json)
Hash identifier:          LIv+bvXgS2QYpCSR+dJB+e8GNWl1VQMkt4+W0Fm8t0g=
Subject key identifier:   B0:1A:E1:64:28:7D:61:DA:8B:C3:83:C5:90:D0:67:DA:67:7D:6C:CA
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       087B
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sBrhZCh9YdqLw4PFkNBn2md9bMo.roa
Signing time:             Tue 13 Oct 2020 05:38:20 +0000
ROA not before:           Tue 13 Oct 2020 05:38:20 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131628
IP address blocks:        175.99.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2171 (0x87b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Oct 13 05:38:20 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=B01AE164287D61DA8BC383C590D067DA677D6CCA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f5:6b:0a:0f:de:ea:14:40:c2:55:2b:ef:de:
                    2e:90:70:da:a7:e9:bd:aa:0d:7e:25:c9:36:5d:29:
                    82:c4:dd:e8:9a:5c:90:47:05:aa:78:fe:4b:af:6f:
                    fc:5b:dc:9f:0b:f4:c2:27:ad:dc:d9:4f:60:c5:18:
                    94:29:78:61:13:08:75:18:f4:61:82:14:bc:c5:bf:
                    23:7a:7f:2d:f9:d7:91:64:05:2f:3b:94:8e:61:c5:
                    61:6e:7a:54:66:a0:db:0e:bb:40:53:8f:2c:36:eb:
                    7a:6e:5f:ad:68:a5:f2:d8:ee:66:8f:69:dd:d5:e4:
                    69:4b:13:d9:96:32:95:8a:c8:c0:06:a1:8c:29:0b:
                    bc:b0:7a:f1:57:c1:47:ff:35:d5:0e:3e:2b:7a:b5:
                    32:40:b8:02:2d:35:e4:f9:59:3e:0a:df:f0:db:45:
                    9c:a8:4a:29:0d:43:9c:b3:95:63:44:47:93:32:41:
                    cb:b6:4c:e6:7c:5e:c0:be:9b:97:4f:ec:14:be:a8:
                    cf:ab:96:dd:2f:02:72:10:5a:9f:66:a5:e8:24:99:
                    18:54:3f:71:3b:0a:43:02:68:f6:63:45:1a:a2:e3:
                    50:b6:de:c9:83:ea:84:98:ae:f0:90:ad:c8:bb:59:
                    c5:c2:46:57:14:fd:39:b4:b9:e7:55:eb:43:4a:42:
                    f9:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:1A:E1:64:28:7D:61:DA:8B:C3:83:C5:90:D0:67:DA:67:7D:6C:CA
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sBrhZCh9YdqLw4PFkNBn2md9bMo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.99.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:d7:91:d5:fd:44:b0:c3:52:51:dc:85:27:62:bc:25:cc:88:
         4d:fb:57:74:2c:ea:c1:10:1b:7f:6b:dc:8b:28:b9:db:5a:d9:
         39:8c:37:fc:72:ec:b9:45:c0:0f:70:14:9b:a5:f2:0d:29:86:
         43:6f:6a:1b:d2:34:67:08:1a:be:f5:41:c7:bf:45:88:1a:48:
         a2:d1:13:92:80:02:48:da:a2:e6:e8:cf:b7:7d:bb:26:a6:75:
         92:27:b9:c9:0d:73:33:57:a6:63:04:d2:69:45:73:dc:8b:eb:
         a1:e4:97:c0:20:c2:1c:0d:f8:3f:dd:9a:a2:b1:c7:ba:c1:f3:
         20:d3:8c:d6:5d:58:b6:d2:9d:35:7f:6a:15:b8:4d:31:45:2c:
         6d:4a:fa:8c:63:15:c5:f1:d9:ae:cd:a7:74:f4:cb:51:6a:00:
         af:66:36:82:e1:d7:5f:34:0e:72:a9:d4:09:19:94:0a:da:21:
         60:a2:8d:28:31:be:dd:b4:b4:fe:18:da:71:1a:8a:6d:ac:8b:
         d7:01:65:f7:e7:54:66:d0:31:fa:6e:14:f3:5e:f5:0a:ba:c4:
         e6:67:1e:b0:a8:20:57:9c:d8:79:f9:9d:89:38:be:88:30:b8:
         7f:ce:31:13:56:fc:88:02:00:43:c7:eb:f6:15:df:63:94:2d:
         c4:6e:f6:2b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCHswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEwMTMw
NTM4MjBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEIwMUFFMTY0Mjg3RDYx
REE4QkMzODNDNTkwRDA2N0RBNjc3RDZDQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL9WsKD97qFEDCVSvv3i6QcNqn6b2qDX4lyTZdKYLE3eiaXJBH
Bap4/kuvb/xb3J8L9MInrdzZT2DFGJQpeGETCHUY9GGCFLzFvyN6fy3515FkBS87
lI5hxWFuelRmoNsOu0BTjyw263puX61opfLY7maPad3V5GlLE9mWMpWKyMAGoYwp
C7ywevFXwUf/NdUOPit6tTJAuAItNeT5WT4K3/DbRZyoSikNQ5yzlWNER5MyQcu2
TOZ8XsC+m5dP7BS+qM+rlt0vAnIQWp9mpegkmRhUP3E7CkMCaPZjRRqi41C23smD
6oSYrvCQrci7WcXCRlcU/Tm0uedV60NKQvk7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUsBrhZCh9YdqLw4PFkNBn2md9bMowHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvc0JyaFpDaDlZZHFMdzRQ
RmtOQm4ybWQ5Yk1vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AK9j4DANBgkqhkiG9w0BAQsFAAOCAQEAi9eR1f1EsMNSUdyFJ2K8JcyITftXdCzq
wRAbf2vciyi521rZOYw3/HLsuUXAD3AUm6XyDSmGQ29qG9I0ZwgavvVBx79FiBpI
otETkoACSNqi5ujPt327JqZ1kie5yQ1zM1emYwTSaUVz3IvroeSXwCDCHA34P92a
orHHusHzINOM1l1YttKdNX9qFbhNMUUsbUr6jGMVxfHZrs2ndPTLUWoAr2Y2guHX
XzQOcqnUCRmUCtohYKKNKDG+3bS0/hjacRqKbayL1wFl9+dUZtAx+m4U8171CrrE
5mcesKggV5zYefmdiTi+iDC4f84xE1b8iAIAQ8fr9hXfY5QtxG72Kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org