Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/uQ_WF8u2QpGtNcElRFtk9eoIcUg.roa
File:                     uQ_WF8u2QpGtNcElRFtk9eoIcUg.roa (raw, json)
Hash identifier:          0Mf9jNnBt7dkJWO0k9H/BHM8EJaTrA8OJWiV6qbz8O0=
Subject key identifier:   B9:0F:D6:17:CB:B6:42:91:AD:35:C1:25:44:5B:64:F5:EA:08:71:48
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/uQ_WF8u2QpGtNcElRFtk9eoIcUg.roa
Signing time:             Thu 15 Sep 2022 02:47:05 +0000
ROA not before:           Thu 15 Sep 2022 02:47:05 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24164
IP address blocks:        60.198.40.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:05 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=B90FD617CBB64291AD35C125445B64F5EA087148
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:71:9d:68:e5:f4:be:ed:ed:6a:09:72:29:fc:
                    23:2e:f6:9a:f9:fb:cd:04:e2:6d:3d:63:98:f1:19:
                    93:54:9e:46:b8:b7:f0:64:d3:77:9d:3b:a9:35:9a:
                    d9:c3:9e:cd:ed:40:2b:b7:ca:8a:9f:43:3b:13:7f:
                    72:65:21:37:39:64:df:22:bc:35:18:95:8d:11:43:
                    42:84:2e:1f:80:c8:17:ce:50:fd:c6:18:f7:03:ba:
                    4c:2a:ee:f7:45:c6:a3:a9:01:dd:a6:1a:d9:70:f1:
                    f2:17:25:a5:2b:2a:53:0e:c1:77:ba:bf:eb:08:63:
                    bf:72:b2:fe:87:65:2e:d3:bb:b4:ee:83:d4:6e:6a:
                    fa:af:7d:ca:f9:f9:78:cc:b2:61:95:35:d0:fc:f5:
                    41:c0:d3:ac:be:4a:c4:b1:29:f2:b9:b6:5a:a5:fe:
                    2f:ac:c6:30:e2:60:7f:ce:12:2c:f3:19:d2:f6:01:
                    8b:d0:8a:08:35:67:c6:04:37:9d:9a:75:66:cb:8a:
                    11:80:f9:1b:ea:a4:8e:bf:e4:34:be:00:6a:f1:56:
                    a4:4f:e3:79:05:2d:74:be:1e:38:96:9f:31:ec:7e:
                    39:b9:d0:cd:1a:6f:a8:72:9a:3a:bf:64:fb:02:34:
                    0f:b6:09:a7:db:ce:c2:11:83:32:6f:04:79:60:9a:
                    cb:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:0F:D6:17:CB:B6:42:91:AD:35:C1:25:44:5B:64:F5:EA:08:71:48
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/uQ_WF8u2QpGtNcElRFtk9eoIcUg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.198.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         78:4b:be:84:03:05:8a:bd:5c:27:ff:48:ba:05:40:04:2a:00:
         b0:59:91:c7:cd:63:1a:bb:4f:f6:bf:1a:f5:be:2f:db:e5:1c:
         5a:4a:69:5e:84:00:02:3e:bb:3f:7b:11:1e:3f:4b:ef:f8:53:
         c9:5f:a0:28:8c:9b:93:b2:38:f8:a4:91:db:b1:c7:c4:41:a1:
         42:d4:60:14:1d:5d:bc:46:b7:91:2a:a1:92:1c:4a:18:3d:54:
         53:28:77:28:b6:29:4d:66:dc:22:59:31:95:8f:13:89:61:3b:
         af:70:9e:e4:c9:78:46:74:00:bd:19:85:39:49:ab:ec:bc:63:
         3b:b4:30:2a:a9:dd:a0:ce:f6:97:de:f8:d5:82:ec:ef:0f:7a:
         7d:6d:2c:1a:93:45:aa:b9:7e:f1:1c:e5:0b:59:0e:8e:f2:0a:
         58:be:c7:be:8a:c4:33:e3:14:77:55:02:c1:58:ac:6a:9c:2d:
         16:31:0b:09:e9:97:3d:26:9b:97:86:0c:bb:1d:61:b5:7b:5f:
         b6:31:9e:7a:20:9f:06:f7:2e:3f:75:d7:c3:93:7e:d6:93:ed:
         41:83:b2:93:0e:47:e6:27:1f:10:8c:65:a8:4c:89:cc:52:a3:
         8b:45:f6:af:e4:43:81:f0:a6:16:06:6e:cf:fd:0c:c3:be:da:
         e0:88:42:b9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEI5MEZENjE3Q0JCNjQy
OTFBRDM1QzEyNTQ0NUI2NEY1RUEwODcxNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDcZ1o5fS+7e1qCXIp/CMu9pr5+80E4m09Y5jxGZNUnka4t/Bk
03edO6k1mtnDns3tQCu3yoqfQzsTf3JlITc5ZN8ivDUYlY0RQ0KELh+AyBfOUP3G
GPcDukwq7vdFxqOpAd2mGtlw8fIXJaUrKlMOwXe6v+sIY79ysv6HZS7Tu7Tug9Ru
avqvfcr5+XjMsmGVNdD89UHA06y+SsSxKfK5tlql/i+sxjDiYH/OEizzGdL2AYvQ
igg1Z8YEN52adWbLihGA+RvqpI6/5DS+AGrxVqRP43kFLXS+HjiWnzHsfjm50M0a
b6hymjq/ZPsCNA+2CafbzsIRgzJvBHlgmsvpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUuQ/WF8u2QpGtNcElRFtk9eoIcUgwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvdVFfV0Y4dTJRcEd0TmNF
bFJGdGs5ZW9JY1VnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AzzGKDANBgkqhkiG9w0BAQsFAAOCAQEAeEu+hAMFir1cJ/9IugVABCoAsFmRx81j
GrtP9r8a9b4v2+UcWkppXoQAAj67P3sRHj9L7/hTyV+gKIybk7I4+KSR27HHxEGh
QtRgFB1dvEa3kSqhkhxKGD1UUyh3KLYpTWbcIlkxlY8TiWE7r3Ce5Ml4RnQAvRmF
OUmr7LxjO7QwKqndoM72l9741YLs7w96fW0sGpNFqrl+8RzlC1kOjvIKWL7HvorE
M+MUd1UCwVisapwtFjELCemXPSabl4YMux1htXtftjGeeiCfBvcuP3XXw5N+1pPt
QYOykw5H5icfEIxlqEyJzFKji0X2r+RDgfCmFgZuz/0Mw77a4IhCuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:43 2024 by rpki-client on console-fra.rpki-client.org