Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/BbFHRGj8ZlOiJGiH7uD4xec87w0.roa
File:                     BbFHRGj8ZlOiJGiH7uD4xec87w0.roa (raw, json)
Hash identifier:          L4qqRqyyiEd07K0pPf4uyVEg0e6Vw29k67xCQt6upRE=
Subject key identifier:   05:B1:47:44:68:FC:66:53:A2:24:68:87:EE:E0:F8:C5:E7:3C:EF:0D
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/BbFHRGj8ZlOiJGiH7uD4xec87w0.roa
Signing time:             Thu 15 Sep 2022 02:48:16 +0000
ROA not before:           Thu 15 Sep 2022 02:48:16 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131660
IP address blocks:        114.25.250.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3446 (0xd76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep 15 02:48:16 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=05B1474468FC6653A2246887EEE0F8C5E73CEF0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:50:b1:6f:b9:54:62:fe:d7:3e:70:be:7f:19:
                    8f:22:ba:44:fd:d4:25:af:13:44:01:21:75:69:fa:
                    9a:2f:18:65:1a:48:a6:81:29:86:46:23:55:78:f5:
                    18:a1:66:80:a0:67:bb:16:7b:61:a3:8b:4a:44:d5:
                    49:cb:d9:97:79:72:35:f7:43:f5:f7:26:15:f6:bd:
                    bb:70:76:61:69:ba:00:3f:d1:cd:0f:13:a4:78:0c:
                    e7:ae:c1:5a:a6:c6:44:35:36:5a:49:95:90:6b:ff:
                    f2:38:e1:21:f2:43:99:f7:9e:68:c1:d7:d6:fe:38:
                    ea:59:43:0d:01:bf:34:39:0e:74:c8:e4:8c:b9:41:
                    15:e0:4d:49:d7:dd:4b:14:98:87:18:41:81:84:b5:
                    b9:b7:33:fa:f3:76:d6:3f:31:8f:a6:ac:d5:3a:c0:
                    4b:6d:7c:b7:bf:4a:30:ca:1d:08:c2:e2:d8:81:eb:
                    34:a8:c6:13:11:dd:20:4e:96:e5:b9:98:8f:46:60:
                    56:37:08:22:94:0d:42:7a:6c:59:2c:7e:e0:74:4a:
                    d8:ce:7b:ef:11:b6:16:7f:d1:af:81:e7:b0:15:a4:
                    0b:e9:d9:9a:2e:45:d1:f3:91:ee:18:e4:a4:6c:1a:
                    09:21:50:00:cf:10:dd:18:5c:b5:73:c1:ea:e8:6b:
                    04:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:B1:47:44:68:FC:66:53:A2:24:68:87:EE:E0:F8:C5:E7:3C:EF:0D
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/BbFHRGj8ZlOiJGiH7uD4xec87w0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.25.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:1b:27:2c:e7:ce:9a:7d:7c:15:de:62:7e:82:16:fd:4d:d4:
         d4:44:a2:c3:18:c1:e2:61:20:e9:00:80:e0:95:93:9c:f7:f4:
         c2:a0:87:66:39:2a:48:72:06:91:c1:3d:1a:18:70:12:77:77:
         b1:bb:4d:90:f5:01:67:15:f6:ae:22:33:1d:68:01:01:5c:f8:
         35:f8:f4:2e:88:ee:17:62:73:f6:51:56:b8:f1:3d:98:bf:4b:
         be:78:c4:fb:e0:38:7a:9f:38:6e:ef:09:3d:e3:64:e0:1f:68:
         a3:08:47:3c:14:71:ec:0e:bd:74:ff:80:b9:5c:84:f1:2e:8c:
         23:49:a6:e7:43:87:63:cd:a3:e3:80:95:f5:99:d0:35:9b:ed:
         88:0f:dc:33:6e:71:e4:e4:24:d2:49:84:75:0a:67:93:55:76:
         0f:f1:e7:06:2b:aa:8b:c8:87:a5:a8:49:ce:50:41:6d:a0:9a:
         6e:06:e3:78:6f:43:1b:4e:bf:92:8b:3f:e0:fe:39:f6:32:f3:
         39:dc:2e:7a:f4:33:cf:31:e2:d0:6d:96:83:c2:b8:d1:bb:f1:
         9e:fb:fb:1f:5d:c6:2d:8e:e0:e1:43:0f:b4:50:71:51:64:95:
         60:d5:80:a9:16:bf:c7:6f:99:22:07:c8:91:88:86:d2:be:12:
         90:b7:90:17
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA1QjE0NzQ0NjhGQzY2
NTNBMjI0Njg4N0VFRTBGOEM1RTczQ0VGMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEULFvuVRi/tc+cL5/GY8iukT91CWvE0QBIXVp+povGGUaSKaB
KYZGI1V49RihZoCgZ7sWe2Gji0pE1UnL2Zd5cjX3Q/X3JhX2vbtwdmFpugA/0c0P
E6R4DOeuwVqmxkQ1NlpJlZBr//I44SHyQ5n3nmjB19b+OOpZQw0BvzQ5DnTI5Iy5
QRXgTUnX3UsUmIcYQYGEtbm3M/rzdtY/MY+mrNU6wEttfLe/SjDKHQjC4tiB6zSo
xhMR3SBOluW5mI9GYFY3CCKUDUJ6bFksfuB0StjOe+8RthZ/0a+B57AVpAvp2Zou
RdHzke4Y5KRsGgkhUADPEN0YXLVzweroawTnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUBbFHRGj8ZlOiJGiH7uD4xec87w0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9CYkZIUkdqOFpsT2lKR2lIN3VE
NHhlYzg3dzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAchn6
MA0GCSqGSIb3DQEBCwUAA4IBAQCZGycs586afXwV3mJ+ghb9TdTURKLDGMHiYSDp
AIDglZOc9/TCoIdmOSpIcgaRwT0aGHASd3exu02Q9QFnFfauIjMdaAEBXPg1+PQu
iO4XYnP2UVa48T2Yv0u+eMT74Dh6nzhu7wk942TgH2ijCEc8FHHsDr10/4C5XITx
LowjSabnQ4djzaPjgJX1mdA1m+2ID9wzbnHk5CTSSYR1CmeTVXYP8ecGK6qLyIel
qEnOUEFtoJpuBuN4b0MbTr+Siz/g/jn2MvM53C569DPPMeLQbZaDwrjRu/Ge+/sf
XcYtjuDhQw+0UHFRZJVg1YCpFr/Hb5kiB8iRiIbSvhKQt5AX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org