Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ANSONNET/gBkpQmsOdDpfgkgfFrs_ozKU-CA.roa
File:                     gBkpQmsOdDpfgkgfFrs_ozKU-CA.roa (raw, json)
Hash identifier:          uJfexosT0//wV5M9sx6nXM/vxhpTUOQHq5HpB6Lm4vQ=
Subject key identifier:   80:19:29:42:6B:0E:74:3A:5F:82:48:1F:16:BB:3F:A3:32:94:F8:20
Certificate issuer:       /CN=802BA6123EA123F439DA91CA3DE5A5AE0AA41378
Certificate serial:       08AF
Authority key identifier: 80:2B:A6:12:3E:A1:23:F4:39:DA:91:CA:3D:E5:A5:AE:0A:A4:13:78
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/gCumEj6hI_Q52pHKPeWlrgqkE3g.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ANSONNET/gBkpQmsOdDpfgkgfFrs_ozKU-CA.roa
Signing time:             Sun 07 Feb 2021 11:32:46 +0000
ROA not before:           Sun 07 Feb 2021 11:32:46 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     206819
IP address blocks:        103.100.124.0/22 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2223 (0x8af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=802BA6123EA123F439DA91CA3DE5A5AE0AA41378
        Validity
            Not Before: Feb  7 11:32:46 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=801929426B0E743A5F82481F16BB3FA33294F820
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:1b:90:00:5a:e8:ea:d0:08:6f:94:d9:1d:4f:
                    1e:0a:be:43:17:fb:79:e9:e5:8c:92:89:9d:38:7a:
                    1a:4e:f2:99:7e:a9:27:35:7f:54:a4:2a:54:ef:5b:
                    92:3d:bf:fc:2c:71:67:ed:98:d3:51:65:1d:3e:ac:
                    23:93:6b:bc:f5:c2:e3:3d:76:04:bb:ce:e2:c7:7a:
                    08:a0:aa:4f:72:d4:bd:19:81:c2:a9:01:ef:1a:4e:
                    4f:6e:f8:f9:0f:45:95:ef:39:77:03:50:df:1c:fc:
                    87:34:ca:52:e2:bc:88:78:4c:17:b0:7f:37:ce:05:
                    d9:41:93:95:a6:e4:de:f4:76:25:2c:95:7a:18:67:
                    7d:40:ed:2b:99:b0:cb:03:2f:1a:c1:1e:8a:48:02:
                    77:10:de:34:49:21:1a:70:43:b1:c6:24:71:15:8e:
                    5b:15:c3:07:b8:a3:d2:93:7d:82:80:fd:b4:db:6e:
                    93:e8:20:b3:3e:87:33:95:48:06:e7:74:b1:b8:bd:
                    a6:f9:d9:24:f5:49:72:d0:a5:c1:de:c1:aa:9a:da:
                    d1:7a:78:da:e6:77:8b:8f:71:bc:f0:aa:8b:dc:e0:
                    66:66:75:ef:b4:32:1e:ef:d0:41:aa:9a:ce:67:68:
                    fd:91:3c:45:8d:84:15:12:77:2f:e2:c6:a9:ac:34:
                    05:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:19:29:42:6B:0E:74:3A:5F:82:48:1F:16:BB:3F:A3:32:94:F8:20
            X509v3 Authority Key Identifier:
                keyid:80:2B:A6:12:3E:A1:23:F4:39:DA:91:CA:3D:E5:A5:AE:0A:A4:13:78

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ANSONNET/gCumEj6hI_Q52pHKPeWlrgqkE3g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gCumEj6hI_Q52pHKPeWlrgqkE3g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ANSONNET/gBkpQmsOdDpfgkgfFrs_ozKU-CA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.100.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         49:7f:4b:25:a9:b3:90:f2:6c:95:80:4f:47:4e:c1:6d:89:42:
         58:50:21:20:3a:ea:90:1e:b9:e2:d5:62:2b:d9:86:86:d7:ac:
         96:70:12:76:06:bc:08:b9:cd:a2:08:cc:1e:ef:48:d3:f0:05:
         e6:c0:21:3d:5c:b3:18:65:0c:1c:5d:42:fc:d6:71:6b:e0:3b:
         b7:cb:d3:9a:63:ad:89:8a:b2:de:ce:4b:ae:99:d0:be:95:85:
         e1:0b:62:dc:04:9f:36:fb:fb:61:f4:72:45:b3:13:12:3b:21:
         4d:3d:80:07:fd:e6:ae:b4:47:ef:85:e9:f6:42:8c:90:c7:60:
         78:0b:41:31:27:21:60:10:a5:d7:85:ca:0e:bb:da:d7:22:49:
         6e:92:03:82:fe:77:13:86:47:49:c9:4d:14:20:24:11:39:b4:
         d6:2d:12:62:cb:21:fa:b2:0c:b2:f5:e3:aa:bc:1f:5f:45:f9:
         b6:98:53:97:25:15:c0:1c:e1:05:03:9b:13:05:35:37:cc:1b:
         d4:1d:44:0d:57:d3:fd:ec:2d:67:5d:ed:db:49:48:48:fc:3f:
         0e:6b:e9:1b:02:8a:0f:1b:53:41:c8:19:b6:3d:59:c6:b5:bd:
         e0:42:89:11:47:43:69:a4:9e:ef:fa:e0:cb:76:b6:84:60:b7:
         14:ae:1b:61
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODAy
QkE2MTIzRUExMjNGNDM5REE5MUNBM0RFNUE1QUUwQUE0MTM3ODAeFw0yMTAyMDcx
MTMyNDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDgwMTkyOTQyNkIwRTc0
M0E1RjgyNDgxRjE2QkIzRkEzMzI5NEY4MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRG5AAWujq0AhvlNkdTx4KvkMX+3np5YySiZ04ehpO8pl+qSc1
f1SkKlTvW5I9v/wscWftmNNRZR0+rCOTa7z1wuM9dgS7zuLHegigqk9y1L0ZgcKp
Ae8aTk9u+PkPRZXvOXcDUN8c/Ic0ylLivIh4TBewfzfOBdlBk5Wm5N70diUslXoY
Z31A7SuZsMsDLxrBHopIAncQ3jRJIRpwQ7HGJHEVjlsVwwe4o9KTfYKA/bTbbpPo
ILM+hzOVSAbndLG4vab52ST1SXLQpcHewaqa2tF6eNrmd4uPcbzwqovc4GZmde+0
Mh7v0EGqms5naP2RPEWNhBUSdy/ixqmsNAV5AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUgBkpQmsOdDpfgkgfFrs/ozKU+CAwHwYDVR0jBBgwFoAUgCumEj6hI/Q52pHK
PeWlrgqkE3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQU5TT05O
RVQvZ0N1bUVqNmhJX1E1MnBIS1BlV2xyZ3FrRTNnLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9nQ3VtRWo2aElfUTUycEhLUGVXbHJncWtFM2cuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BTlNPTk5FVC9nQmtwUW1zT2REcGZn
a2dmRnJzX296S1UtQ0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ2R8MA0GCSqGSIb3DQEBCwUAA4IBAQBJf0slqbOQ8myVgE9HTsFtiUJYUCEg
OuqQHrni1WIr2YaG16yWcBJ2BrwIuc2iCMwe70jT8AXmwCE9XLMYZQwcXUL81nFr
4Du3y9OaY62JirLezkuumdC+lYXhC2LcBJ82+/th9HJFsxMSOyFNPYAH/eautEfv
hen2QoyQx2B4C0ExJyFgEKXXhcoOu9rXIklukgOC/ncThkdJyU0UICQRObTWLRJi
yyH6sgyy9eOqvB9fRfm2mFOXJRXAHOEFA5sTBTU3zBvUHUQNV9P97C1nXe3bSUhI
/D8Oa+kbAooPG1NByBm2PVnGtb3gQokRR0NppJ7v+uDLdraEYLcUrhth
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:30 2024 by rpki-client on console-fra.rpki-client.org