Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ylbI_Mb7Z9wjf1vJQ2upEsW6qi0.roa
File:                     ylbI_Mb7Z9wjf1vJQ2upEsW6qi0.roa (raw, json)
Hash identifier:          nNdDBb2KIu+xL8rlYc7aBeSQacSEK/zbbu5uoy1+nEg=
Subject key identifier:   CA:56:C8:FC:C6:FB:67:DC:23:7F:5B:C9:43:6B:A9:12:C5:BA:AA:2D
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       07F2
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ylbI_Mb7Z9wjf1vJQ2upEsW6qi0.roa
Signing time:             Tue 29 Sep 2020 09:57:34 +0000
ROA not before:           Tue 29 Sep 2020 09:57:34 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24164
IP address blocks:        203.77.36.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2034 (0x7f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep 29 09:57:34 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=CA56C8FCC6FB67DC237F5BC9436BA912C5BAAA2D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:16:a6:a3:2d:92:a2:79:20:28:07:05:61:1d:
                    b7:9f:de:2d:9c:9c:a7:f4:54:2c:91:ed:f8:a2:22:
                    3b:d5:39:32:dd:b4:e5:8a:b0:f6:0f:8b:4c:7b:53:
                    b4:27:ac:81:b4:c0:97:9c:65:1f:df:1d:2e:25:67:
                    80:7f:35:03:e8:3c:f9:6e:8f:81:4f:0a:51:06:eb:
                    57:70:59:14:17:2d:7c:b0:af:d9:07:46:25:75:77:
                    fc:35:7d:23:d4:f8:4d:da:38:41:be:1c:43:06:29:
                    0f:ce:6d:a4:f3:91:10:a3:90:55:8f:4b:36:b5:12:
                    fc:16:0c:20:5a:c6:5b:e5:5d:b7:ff:f6:dd:6b:4a:
                    44:d8:ef:e8:2c:88:d5:41:be:cc:80:22:bb:00:67:
                    67:4b:02:82:09:a5:5f:61:c3:08:e2:16:11:a7:4a:
                    94:7e:da:d4:ef:6c:11:80:a0:05:b4:41:73:1a:c4:
                    c8:74:1f:0c:92:7c:fa:e1:82:e3:9e:28:72:0f:57:
                    1c:6c:14:be:53:6a:9c:52:ea:1c:73:60:e7:01:ed:
                    e9:98:3a:86:3c:30:79:86:6a:94:0a:82:24:7d:b1:
                    8d:01:e5:41:5c:97:37:39:87:65:1b:8a:d1:35:ec:
                    e8:6f:b0:e0:d6:a7:35:37:32:48:9e:2c:93:c0:c9:
                    07:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:56:C8:FC:C6:FB:67:DC:23:7F:5B:C9:43:6B:A9:12:C5:BA:AA:2D
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ylbI_Mb7Z9wjf1vJQ2upEsW6qi0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:48:26:e5:8f:1a:8b:d1:93:8d:3c:47:be:46:87:9f:64:5d:
         5d:3f:a7:2e:fa:7a:00:ae:cf:6e:21:cc:81:2f:09:59:60:be:
         8d:91:68:84:e3:7f:af:7e:c3:f8:15:bb:92:51:27:da:ec:44:
         8a:9a:a0:51:d0:ad:34:fd:c1:4a:bd:aa:b5:99:1e:76:38:e3:
         1c:8b:37:57:7e:d2:8e:4c:ad:6a:c7:7e:61:41:3a:8a:9c:26:
         d6:56:03:5a:e7:74:68:90:dd:3c:ee:b3:78:42:f3:13:dc:ef:
         10:c5:3a:a0:cf:65:d2:74:d6:67:5f:f1:c3:11:28:98:3f:fc:
         76:09:17:37:74:27:e0:4f:a0:2c:34:fa:53:7c:83:db:58:12:
         7f:2b:20:55:f2:86:57:64:39:f6:a3:14:6f:b1:22:11:54:e5:
         b6:bd:81:06:91:fe:f8:f6:98:cf:1c:0a:c3:c4:57:a1:eb:e7:
         70:7b:7d:98:8c:39:e9:e2:bd:7c:44:f0:29:99:62:00:73:e3:
         c2:77:af:75:5d:d4:93:7c:a4:8e:e6:e3:12:05:fb:e9:e0:1e:
         81:01:d6:65:6d:83:57:6e:06:d7:5b:aa:34:88:39:7c:04:3a:
         a6:5d:6d:3f:d2:f5:71:bd:42:6b:4e:e2:cd:1b:ff:aa:f7:5a:
         1f:53:9c:a5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICB/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMDA5Mjkw
OTU3MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENBNTZDOEZDQzZGQjY3
REMyMzdGNUJDOTQzNkJBOTEyQzVCQUFBMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7FqajLZKieSAoBwVhHbef3i2cnKf0VCyR7fiiIjvVOTLdtOWK
sPYPi0x7U7QnrIG0wJecZR/fHS4lZ4B/NQPoPPluj4FPClEG61dwWRQXLXywr9kH
RiV1d/w1fSPU+E3aOEG+HEMGKQ/ObaTzkRCjkFWPSza1EvwWDCBaxlvlXbf/9t1r
SkTY7+gsiNVBvsyAIrsAZ2dLAoIJpV9hwwjiFhGnSpR+2tTvbBGAoAW0QXMaxMh0
HwySfPrhguOeKHIPVxxsFL5TapxS6hxzYOcB7emYOoY8MHmGapQKgiR9sY0B5UFc
lzc5h2UbitE17OhvsODWpzU3MkieLJPAyQd9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUylbI/Mb7Z9wjf1vJQ2upEsW6qi0wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQveWxiSV9NYjdaOXdqZjF2
SlEydXBFc1c2cWkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ActNJDANBgkqhkiG9w0BAQsFAAOCAQEASUgm5Y8ai9GTjTxHvkaHn2RdXT+nLvp6
AK7PbiHMgS8JWWC+jZFohON/r37D+BW7klEn2uxEipqgUdCtNP3BSr2qtZkedjjj
HIs3V37Sjkytasd+YUE6ipwm1lYDWud0aJDdPO6zeELzE9zvEMU6oM9l0nTWZ1/x
wxEomD/8dgkXN3Qn4E+gLDT6U3yD21gSfysgVfKGV2Q59qMUb7EiEVTltr2BBpH+
+PaYzxwKw8RXoevncHt9mIw56eK9fETwKZliAHPjwnevdV3Uk3ykjubjEgX76eAe
gQHWZW2DV24G11uqNIg5fAQ6pl1tP9L1cb1Ca07izRv/qvdaH1OcpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org