Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/vG0Fr-516BOvzF-_NiV6Eyg2eVw.roa
File:                     vG0Fr-516BOvzF-_NiV6Eyg2eVw.roa (raw, json)
Hash identifier:          gaAA195hvvB9x8Xo24S9JlkDWYkjPzClooX/kyR86jY=
Subject key identifier:   BC:6D:05:AF:EE:75:E8:13:AF:CC:5F:BF:36:25:7A:13:28:36:79:5C
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0B46
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/vG0Fr-516BOvzF-_NiV6Eyg2eVw.roa
Signing time:             Sun 07 Feb 2021 13:12:43 +0000
ROA not before:           Sun 07 Feb 2021 13:12:43 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9924
IP address blocks:        210.17.100.0/23 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2886 (0xb46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Feb  7 13:12:43 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=BC6D05AFEE75E813AFCC5FBF36257A132836795C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:f6:e8:b0:00:49:af:b7:86:8a:1e:ad:26:ec:
                    a3:02:5b:a9:c7:e0:6c:28:e7:6a:b0:bc:fd:31:25:
                    09:3d:66:33:0f:9f:f4:82:eb:16:4c:59:a2:82:2a:
                    62:3a:ac:03:dc:38:94:df:f3:f8:1b:da:5a:8e:5e:
                    96:2d:78:e6:c3:91:e4:c5:1b:f5:ce:30:11:94:57:
                    4e:da:01:29:a1:81:5c:7f:72:fc:95:28:74:01:32:
                    29:6b:9b:1c:7e:76:e7:a7:5c:9f:de:4c:e1:70:86:
                    07:09:2f:b5:1f:fb:4c:f5:8d:66:6b:51:27:8d:cb:
                    3d:00:4a:4f:fb:5e:e9:9d:79:5e:4a:bc:8a:3b:cf:
                    49:1b:97:b0:64:50:bf:db:ad:b4:fb:ae:83:95:f5:
                    b1:25:a7:7a:9c:26:b4:89:ea:00:ad:ca:5b:ce:a1:
                    6c:59:66:6f:97:8f:e4:cb:83:07:24:30:c2:92:77:
                    d6:7e:84:f8:6b:7a:ba:3e:f8:da:58:fe:61:ef:71:
                    b4:3b:92:07:bc:b8:40:e0:ac:9b:2f:f5:ce:7d:01:
                    7d:99:f1:01:e5:53:ea:b0:12:56:e0:cf:28:14:ed:
                    04:46:84:28:3c:ae:ba:35:e3:27:55:09:a2:27:fc:
                    f2:99:1d:f8:69:ac:f9:5e:42:94:89:12:ac:eb:14:
                    5f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:6D:05:AF:EE:75:E8:13:AF:CC:5F:BF:36:25:7A:13:28:36:79:5C
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/vG0Fr-516BOvzF-_NiV6Eyg2eVw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:e3:85:8b:a9:41:70:a2:f6:8a:52:b4:33:21:c1:e7:1d:9f:
         ce:98:33:6e:28:54:c0:e0:27:38:92:40:5e:c6:da:74:4c:53:
         bd:d3:eb:e0:53:0f:d8:ea:c1:09:f5:70:c2:9e:0a:03:d3:6f:
         8a:53:55:19:77:01:f7:50:a7:86:df:1f:b5:75:ae:94:4d:a3:
         10:00:6c:1c:08:02:ba:96:d3:31:39:79:79:9f:36:f3:36:9a:
         04:67:f9:ce:a2:d2:04:46:5d:91:c5:df:2a:3b:76:ee:0a:7c:
         87:66:d9:90:e8:24:61:e2:72:3f:59:4e:20:37:84:c6:37:27:
         cf:8e:e6:49:55:c5:22:51:7c:df:9d:af:f0:8e:76:dd:6b:a5:
         9f:b5:4f:ad:97:29:5c:c5:4f:5a:a5:9d:e3:d8:f6:35:b1:36:
         85:7a:97:a8:62:9b:12:53:2c:f0:6a:4c:0b:17:24:39:09:a3:
         2b:23:ac:2d:0b:4a:6b:25:31:8b:4a:1e:3b:65:fd:9e:9c:52:
         e9:66:a8:6c:3b:d0:a1:f0:54:e9:4a:6b:d1:35:53:e0:8b:fb:
         77:49:e6:d2:f2:59:a2:67:e5:50:d0:8b:1b:0a:98:80:28:e9:
         7d:f1:16:be:87:ec:d2:e0:7b:8a:a1:4c:07:76:58:89:cb:ed:
         46:16:67:46
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICC0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMTAyMDcx
MzEyNDNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJDNkQwNUFGRUU3NUU4
MTNBRkNDNUZCRjM2MjU3QTEzMjgzNjc5NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz9uiwAEmvt4aKHq0m7KMCW6nH4Gwo52qwvP0xJQk9ZjMPn/SC
6xZMWaKCKmI6rAPcOJTf8/gb2lqOXpYteObDkeTFG/XOMBGUV07aASmhgVx/cvyV
KHQBMilrmxx+duenXJ/eTOFwhgcJL7Uf+0z1jWZrUSeNyz0ASk/7XumdeV5KvIo7
z0kbl7BkUL/brbT7roOV9bElp3qcJrSJ6gCtylvOoWxZZm+Xj+TLgwckMMKSd9Z+
hPhrero++NpY/mHvcbQ7kge8uEDgrJsv9c59AX2Z8QHlU+qwElbgzygU7QRGhCg8
rro14ydVCaIn/PKZHfhprPleQpSJEqzrFF9rAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvG0Fr+516BOvzF+/NiV6Eyg2eVwwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvdkcwRnItNTE2Qk92ekYt
X05pVjZFeWcyZVZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AdIRZDANBgkqhkiG9w0BAQsFAAOCAQEAF+OFi6lBcKL2ilK0MyHB5x2fzpgzbihU
wOAnOJJAXsbadExTvdPr4FMP2OrBCfVwwp4KA9NvilNVGXcB91Cnht8ftXWulE2j
EABsHAgCupbTMTl5eZ828zaaBGf5zqLSBEZdkcXfKjt27gp8h2bZkOgkYeJyP1lO
IDeExjcnz47mSVXFIlF8352v8I523Wuln7VPrZcpXMVPWqWd49j2NbE2hXqXqGKb
ElMs8GpMCxckOQmjKyOsLQtKayUxi0oeO2X9npxS6WaobDvQofBU6Upr0TVT4Iv7
d0nm0vJZomflUNCLGwqYgCjpffEWvofs0uB7iqFMB3ZYicvtRhZnRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org