Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sQ0YsqPoZxSGSXqYq1IsIWqZbSk.roa
File:                     sQ0YsqPoZxSGSXqYq1IsIWqZbSk.roa (raw, json)
Hash identifier:          hFEkabHBstrE//WbSJ3fPaxEKNZ0MtaAhkY5yZpJR0o=
Subject key identifier:   B1:0D:18:B2:A3:E8:67:14:86:49:7A:98:AB:52:2C:21:6A:99:6D:29
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       097E
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sQ0YsqPoZxSGSXqYq1IsIWqZbSk.roa
Signing time:             Wed 16 Dec 2020 02:17:14 +0000
ROA not before:           Wed 16 Dec 2020 02:17:14 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        210.17.72.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2430 (0x97e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Dec 16 02:17:14 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=B10D18B2A3E8671486497A98AB522C216A996D29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:f2:67:2f:89:c6:c8:dc:a8:65:93:e4:4f:d9:
                    b4:50:54:2c:04:fa:a2:3e:b5:d2:a3:74:41:8f:6e:
                    52:97:83:25:47:2e:d0:ef:e7:e3:74:43:23:bc:e9:
                    43:69:90:76:e5:1a:09:43:61:6c:13:21:87:ae:55:
                    ad:81:09:f5:4f:c6:8c:8f:4f:4e:c7:aa:af:60:a2:
                    e0:68:2c:0c:a8:3c:bf:f9:47:46:d5:2e:11:58:89:
                    e2:e5:6e:02:ba:18:d1:bd:9d:0c:5f:ae:c8:8a:fc:
                    9c:b6:a2:b4:80:5f:a1:e3:94:8c:55:2d:92:ef:0a:
                    39:37:0a:9f:61:15:70:0d:ce:d3:89:5f:fe:10:31:
                    fa:1a:fd:5a:a4:95:11:f3:e9:5b:46:9c:35:c2:49:
                    94:21:8b:4e:98:d8:46:9f:17:10:39:b3:05:88:90:
                    3f:72:b0:7e:90:31:e5:14:63:dc:18:a4:12:97:62:
                    db:21:9c:83:61:bb:a7:94:68:ee:01:63:c6:4b:f2:
                    4c:14:e3:a6:b0:44:f3:e5:f8:16:da:7d:80:82:39:
                    e3:d0:42:d7:88:c2:6a:95:8e:d1:f7:d3:e6:7b:52:
                    18:76:d1:58:32:d8:c9:4f:7a:ca:8c:8f:3f:c7:83:
                    c1:38:71:d0:1f:d9:c5:97:f4:25:6d:e4:4f:05:7e:
                    99:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:0D:18:B2:A3:E8:67:14:86:49:7A:98:AB:52:2C:21:6A:99:6D:29
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sQ0YsqPoZxSGSXqYq1IsIWqZbSk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:59:aa:a7:e6:0a:c2:a6:11:f9:d4:a6:61:3e:2c:89:30:bd:
         3a:8e:43:54:1d:73:8e:19:05:bb:04:3a:64:34:da:4e:70:73:
         c8:a4:10:a7:c4:c2:1e:4d:7e:5d:59:15:62:b4:91:6f:95:b4:
         c3:4d:ef:cf:b7:ba:5d:e6:ae:49:46:f6:40:1e:0a:19:42:f2:
         02:25:8f:fd:61:60:78:6c:47:4d:93:12:45:20:ca:82:8c:15:
         1b:78:56:0f:1b:2c:3a:9c:a6:78:f5:b3:1a:27:eb:18:ee:90:
         80:c2:65:51:20:4e:4b:f0:a6:62:5c:ee:ae:d8:c5:84:ef:6f:
         45:db:a4:95:6d:b3:26:dc:fb:13:af:df:6b:b5:72:7d:c0:81:
         6e:07:8a:b9:91:4a:91:3a:b7:cd:18:a9:06:24:5c:03:62:91:
         81:7d:34:de:b9:16:a3:71:80:4b:e2:3a:45:14:54:9b:68:84:
         9a:c8:35:f2:4d:d0:bd:c4:9a:a4:01:40:6e:22:3b:34:b2:3e:
         e5:bd:39:b3:3c:d3:51:d1:fd:c3:55:f5:ae:b1:f5:a9:c5:c3:
         9c:8b:7a:c5:2c:44:01:29:32:55:f8:2a:81:7b:13:4d:3b:96:
         50:d6:78:6f:a6:aa:f7:6f:2f:41:bb:aa:f1:c4:c7:f2:b9:89:
         29:0a:61:2f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCX4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDEyMTYw
MjE3MTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEIxMEQxOEIyQTNFODY3
MTQ4NjQ5N0E5OEFCNTIyQzIxNkE5OTZEMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD28mcvicbI3Khlk+RP2bRQVCwE+qI+tdKjdEGPblKXgyVHLtDv
5+N0QyO86UNpkHblGglDYWwTIYeuVa2BCfVPxoyPT07Hqq9gouBoLAyoPL/5R0bV
LhFYieLlbgK6GNG9nQxfrsiK/Jy2orSAX6HjlIxVLZLvCjk3Cp9hFXANztOJX/4Q
Mfoa/VqklRHz6VtGnDXCSZQhi06Y2EafFxA5swWIkD9ysH6QMeUUY9wYpBKXYtsh
nINhu6eUaO4BY8ZL8kwU46awRPPl+BbafYCCOePQQteIwmqVjtH30+Z7Uhh20Vgy
2MlPesqMjz/Hg8E4cdAf2cWX9CVt5E8FfpkNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUsQ0YsqPoZxSGSXqYq1IsIWqZbSkwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvc1EwWXNxUG9aeFNHU1hx
WXExSXNJV3FaYlNrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRSDANBgkqhkiG9w0BAQsFAAOCAQEAhlmqp+YKwqYR+dSmYT4siTC9Oo5DVB1z
jhkFuwQ6ZDTaTnBzyKQQp8TCHk1+XVkVYrSRb5W0w03vz7e6XeauSUb2QB4KGULy
AiWP/WFgeGxHTZMSRSDKgowVG3hWDxssOpymePWzGifrGO6QgMJlUSBOS/CmYlzu
rtjFhO9vRduklW2zJtz7E6/fa7VyfcCBbgeKuZFKkTq3zRipBiRcA2KRgX003rkW
o3GAS+I6RRRUm2iEmsg18k3QvcSapAFAbiI7NLI+5b05szzTUdH9w1X1rrH1qcXD
nIt6xSxEASkyVfgqgXsTTTuWUNZ4b6aq928vQbuq8cTH8rmJKQphLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org