Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/wmg_bObiQ1oF_ZWpGbtP015xeH0.roa
File:                     wmg_bObiQ1oF_ZWpGbtP015xeH0.roa (raw, json)
Hash identifier:          glouQKS04Mzz5T3Nza5as9vfx6zZff1k/7LVD43BFwA=
Subject key identifier:   C2:68:3F:6C:E6:E2:43:5A:05:FD:95:A9:19:BB:4F:D3:5E:71:78:7D
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/wmg_bObiQ1oF_ZWpGbtP015xeH0.roa
Signing time:             Thu 15 Sep 2022 02:47:25 +0000
ROA not before:           Thu 15 Sep 2022 02:47:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     13335
IP address blocks:        210.17.44.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3529 (0xdc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 15 02:47:25 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C2683F6CE6E2435A05FD95A919BB4FD35E71787D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f2:62:52:0d:dd:9b:cc:34:ff:ee:76:0b:ad:
                    9e:05:1b:bf:24:91:d4:1a:84:c7:65:6d:37:f9:16:
                    43:cd:84:3a:5f:9d:3d:27:a2:7c:5d:ec:5e:e1:7d:
                    01:66:15:09:2f:de:b3:0e:bb:7d:11:c7:8b:7a:b2:
                    1e:06:87:2d:4e:8e:a8:9b:1b:d1:34:11:80:47:c3:
                    e9:98:64:3c:f8:fc:a3:11:27:19:2b:a7:c6:3d:e8:
                    ad:42:c2:39:21:07:dc:b4:b7:57:13:f7:8c:8c:b9:
                    55:c2:d5:17:ca:c9:5d:c6:de:ec:12:7d:44:eb:a8:
                    eb:2d:e4:c0:65:ff:5b:82:9c:6c:cf:ab:7a:7f:63:
                    68:fc:26:0e:82:8d:84:3e:5f:3c:98:72:8b:d6:a4:
                    06:11:c1:5d:bc:c3:c4:62:d3:58:63:2d:df:d1:06:
                    e7:98:07:a5:81:9a:20:b8:37:1b:e4:95:c2:d7:ef:
                    e4:e8:8c:66:f2:60:a1:d8:f1:a3:1d:fe:0e:3c:96:
                    e8:78:0e:0c:c0:cc:4b:8e:fc:a7:2e:38:ef:7c:9f:
                    7b:bb:8a:4c:fc:9e:37:ed:73:6f:7f:73:3f:c8:a2:
                    e4:4d:52:2c:e9:ef:a5:f3:77:25:2f:43:da:1a:40:
                    72:a1:43:8b:77:4b:27:aa:d5:27:c5:9e:21:a6:fb:
                    58:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:68:3F:6C:E6:E2:43:5A:05:FD:95:A9:19:BB:4F:D3:5E:71:78:7D
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/wmg_bObiQ1oF_ZWpGbtP015xeH0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:3e:85:2f:3a:5a:ad:5e:c9:4d:d4:2a:df:f0:31:02:5d:b5:
         87:2f:b0:0d:19:78:ca:64:19:8c:f4:c7:de:79:f3:19:e9:1c:
         6a:9c:a8:00:4c:7d:56:b9:38:e2:f7:67:f2:f2:58:73:d3:d7:
         63:89:a3:81:7b:3c:82:d9:d5:f9:08:e6:90:88:96:98:87:80:
         a0:e8:3d:1e:eb:d3:aa:af:5a:26:cf:79:bf:d5:d1:13:93:ef:
         92:2c:b3:0a:35:f1:a2:52:d3:8e:90:97:ce:03:7d:c7:00:5d:
         88:16:74:ae:ec:42:1b:ab:f8:5c:83:21:b1:df:c7:e2:b1:57:
         81:3d:db:8b:02:45:28:ae:83:aa:6f:b6:33:53:15:b4:f3:e8:
         f5:5b:b2:2e:88:20:40:a2:4e:f4:d7:18:cc:3d:48:4f:2f:0e:
         e8:1b:ac:dc:40:41:a7:c0:fe:b2:0c:de:6c:33:a1:13:4a:d8:
         ca:ce:9d:ae:34:17:bf:20:4e:df:d1:31:63:fb:cc:fd:12:b7:
         72:a2:45:b3:3c:4d:ce:44:a0:fb:fa:0f:0d:a2:9d:96:97:79:
         fe:2e:9c:7c:8e:84:25:bd:b5:10:58:10:81:07:2b:3b:f3:68:
         7a:bf:08:82:da:df:9f:f8:54:36:c5:ff:97:02:42:b6:07:37:
         e9:7e:53:61
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEMyNjgzRjZDRTZFMjQz
NUEwNUZEOTVBOTE5QkI0RkQzNUU3MTc4N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA8mJSDd2bzDT/7nYLrZ4FG78kkdQahMdlbTf5FkPNhDpfnT0n
onxd7F7hfQFmFQkv3rMOu30Rx4t6sh4Ghy1OjqibG9E0EYBHw+mYZDz4/KMRJxkr
p8Y96K1CwjkhB9y0t1cT94yMuVXC1RfKyV3G3uwSfUTrqOst5MBl/1uCnGzPq3p/
Y2j8Jg6CjYQ+XzyYcovWpAYRwV28w8Ri01hjLd/RBueYB6WBmiC4NxvklcLX7+To
jGbyYKHY8aMd/g48luh4DgzAzEuO/KcuOO98n3u7ikz8njftc29/cz/IouRNUizp
76XzdyUvQ9oaQHKhQ4t3Syeq1SfFniGm+1ivAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwmg/bObiQ1oF/ZWpGbtP015xeH0wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvd21nX2JPYmlRMW9GX1pX
cEdidFAwMTV4ZUgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRLDANBgkqhkiG9w0BAQsFAAOCAQEAVj6FLzparV7JTdQq3/AxAl21hy+wDRl4
ymQZjPTH3nnzGekcapyoAEx9Vrk44vdn8vJYc9PXY4mjgXs8gtnV+QjmkIiWmIeA
oOg9HuvTqq9aJs95v9XRE5PvkiyzCjXxolLTjpCXzgN9xwBdiBZ0ruxCG6v4XIMh
sd/H4rFXgT3biwJFKK6Dqm+2M1MVtPPo9VuyLoggQKJO9NcYzD1ITy8O6Bus3EBB
p8D+sgzebDOhE0rYys6drjQXvyBO39ExY/vM/RK3cqJFszxNzkSg+/oPDaKdlpd5
/i6cfI6EJb21EFgQgQcrO/Noer8Igtrfn/hUNsX/lwJCtgc36X5TYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org