Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sXT-VjLI7tXRDpldxpQ_Ult6bbw.roa
File:                     sXT-VjLI7tXRDpldxpQ_Ult6bbw.roa (raw, json)
Hash identifier:          HPsYwniuln0cKLe469CLdDTPj6WmMm/Klz3s019GzoU=
Subject key identifier:   B1:74:FE:56:32:C8:EE:D5:D1:0E:99:5D:C6:94:3F:52:5B:7A:6D:BC
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       07F3
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sXT-VjLI7tXRDpldxpQ_Ult6bbw.roa
Signing time:             Tue 29 Sep 2020 09:57:35 +0000
ROA not before:           Tue 29 Sep 2020 09:57:35 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        2001:c50::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2035 (0x7f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 09:57:35 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=B174FE5632C8EED5D10E995DC6943F525B7A6DBC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b4:10:d6:12:d3:a8:92:07:d9:2e:b5:9f:88:
                    2b:31:ab:e8:e0:39:81:e5:97:c7:75:6b:04:d3:03:
                    fa:ef:32:24:f0:05:62:49:aa:c4:b7:70:76:da:97:
                    6d:d5:54:0e:26:e0:f5:2c:dc:25:b1:1c:72:c0:e3:
                    09:ce:d1:b1:ea:53:63:75:26:fb:14:47:64:21:0f:
                    7b:83:6c:7e:5b:8c:da:9e:0e:f8:23:92:f2:4d:71:
                    02:1b:2f:62:57:de:c7:ab:73:b2:48:0a:a5:fe:63:
                    3c:72:e5:6d:d3:44:33:14:68:d7:b7:2f:4a:cd:67:
                    05:07:cf:00:de:25:ea:af:71:9a:1c:36:8e:e5:17:
                    4f:d8:64:4d:a3:da:43:45:71:8d:8b:95:41:47:78:
                    96:3f:a6:a5:d2:1c:8e:de:e2:67:9d:6e:66:e5:5b:
                    23:e8:f7:16:52:b9:d0:0a:28:5b:b6:7b:53:25:9b:
                    b1:ac:9c:74:5d:8d:90:fe:88:2d:d0:00:06:ef:82:
                    b4:b6:54:1e:a2:4c:c8:62:b4:03:14:a0:1e:0e:0a:
                    8d:7b:a0:5a:76:fa:c0:d9:45:a6:93:f4:62:f9:c0:
                    e3:93:8f:30:04:26:22:c3:2a:36:34:1c:e8:36:ed:
                    87:9f:92:78:21:56:c4:61:2d:55:c7:95:e1:1d:cd:
                    7e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:74:FE:56:32:C8:EE:D5:D1:0E:99:5D:C6:94:3F:52:5B:7A:6D:BC
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sXT-VjLI7tXRDpldxpQ_Ult6bbw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:c50::/32

    Signature Algorithm: sha256WithRSAEncryption
         25:3a:fc:a6:8e:b6:63:27:29:e6:da:d5:d4:e0:5c:d1:3e:d7:
         b2:44:30:3e:1b:84:78:b3:4b:bb:2b:9a:bb:0d:64:54:46:72:
         16:cb:36:f1:53:1c:a6:c1:4d:d5:bd:3e:33:2b:e7:2a:24:22:
         26:53:68:68:93:a5:a6:68:76:29:0d:df:cf:53:52:81:d6:2c:
         dc:d1:35:7e:d0:2f:ec:23:3b:1b:94:07:fd:1f:3c:86:7d:d9:
         bf:4d:08:94:38:6e:e8:f5:33:70:46:77:7e:0f:22:6b:8b:e7:
         10:ba:f1:d2:f2:fa:65:85:1c:84:9e:5d:0b:a1:5b:05:65:40:
         78:29:39:06:9e:f2:6f:97:ca:19:c3:c0:79:28:46:31:8f:6f:
         77:82:28:8d:31:43:94:f6:4c:9e:ad:56:06:9b:7f:9e:d6:7a:
         b6:8d:0b:03:3f:75:63:b1:a3:4e:6d:3e:3f:de:5f:19:f1:75:
         95:df:24:a3:c1:84:d2:78:46:46:5c:85:18:02:a1:73:96:ec:
         ef:25:d3:6f:11:12:9d:cc:ff:2f:29:27:4c:7e:46:4d:ab:cc:
         f5:30:f8:0e:63:36:0a:e8:07:bf:1c:bd:83:91:82:de:ee:ef:
         cc:e7:1d:e0:91:82:39:40:62:3d:3f:c7:a0:ee:3d:3f:6d:37:
         ac:82:cb:26
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICB/MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDA5Mjkw
OTU3MzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEIxNzRGRTU2MzJDOEVF
RDVEMTBFOTk1REM2OTQzRjUyNUI3QTZEQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCttBDWEtOokgfZLrWfiCsxq+jgOYHll8d1awTTA/rvMiTwBWJJ
qsS3cHbal23VVA4m4PUs3CWxHHLA4wnO0bHqU2N1JvsUR2QhD3uDbH5bjNqeDvgj
kvJNcQIbL2JX3serc7JICqX+Yzxy5W3TRDMUaNe3L0rNZwUHzwDeJeqvcZocNo7l
F0/YZE2j2kNFcY2LlUFHeJY/pqXSHI7e4medbmblWyPo9xZSudAKKFu2e1Mlm7Gs
nHRdjZD+iC3QAAbvgrS2VB6iTMhitAMUoB4OCo17oFp2+sDZRaaT9GL5wOOTjzAE
JiLDKjY0HOg27YefknghVsRhLVXHleEdzX5TAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsXT+VjLI7tXRDpldxpQ/Ult6bbwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvc1hULVZqTEk3dFhSRHBs
ZHhwUV9VbHQ2YmJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACABDFAwDQYJKoZIhvcNAQELBQADggEBACU6/KaOtmMnKeba1dTgXNE+17JEMD4b
hHizS7srmrsNZFRGchbLNvFTHKbBTdW9PjMr5yokIiZTaGiTpaZodikN389TUoHW
LNzRNX7QL+wjOxuUB/0fPIZ92b9NCJQ4buj1M3BGd34PImuL5xC68dLy+mWFHISe
XQuhWwVlQHgpOQae8m+XyhnDwHkoRjGPb3eCKI0xQ5T2TJ6tVgabf57WeraNCwM/
dWOxo05tPj/eXxnxdZXfJKPBhNJ4RkZchRgCoXOW7O8l028REp3M/y8pJ0x+Rk2r
zPUw+A5jNgroB78cvYORgt7u78znHeCRgjlAYj0/x6DuPT9tN6yCyyY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org