Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/gXYVuGNM2YbLuwoRk84zIKVsICk.roa
File:                     gXYVuGNM2YbLuwoRk84zIKVsICk.roa (raw, json)
Hash identifier:          g1q2718kYAuJy0ReSYOgT8p77qjkIQ9z68Bgoc3+7M8=
Subject key identifier:   81:76:15:B8:63:4C:D9:86:CB:BB:0A:11:93:CE:33:20:A5:6C:20:29
Certificate issuer:       /CN=455CD50D82958499FDAFCB0ADF10251F4CAB3E2D
Certificate serial:       0EF7
Authority key identifier: 45:5C:D5:0D:82:95:84:99:FD:AF:CB:0A:DF:10:25:1F:4C:AB:3E:2D
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RVzVDYKVhJn9r8sK3xAlH0yrPi0.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/gXYVuGNM2YbLuwoRk84zIKVsICk.roa
Signing time:             Thu 15 Sep 2022 02:49:06 +0000
ROA not before:           Thu 15 Sep 2022 02:49:06 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131675
IP address blocks:        2404:2ec0::/32 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3831 (0xef7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=455CD50D82958499FDAFCB0ADF10251F4CAB3E2D
        Validity
            Not Before: Sep 15 02:49:06 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=817615B8634CD986CBBB0A1193CE3320A56C2029
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:85:1b:dc:20:f0:cb:ee:10:db:02:03:3d:c2:
                    c6:80:88:0b:e2:e6:d0:4c:bc:55:b5:6a:d0:ad:bb:
                    d5:d0:44:25:2f:37:71:29:89:a3:67:6c:e7:1c:50:
                    bb:8a:f4:39:4d:ee:29:7e:02:dc:fd:10:38:32:bf:
                    3d:f9:ed:0c:14:50:8d:0b:4a:5d:4e:e6:6d:80:85:
                    f8:44:60:6f:2c:8d:b2:31:fe:0f:3c:85:09:74:04:
                    05:e8:28:78:03:e8:c4:5b:4f:c7:9e:07:0c:78:eb:
                    14:17:6a:38:54:2d:2d:a8:83:d8:b0:23:75:53:5a:
                    b6:85:a4:19:1b:27:fa:d7:4b:24:f3:77:0f:37:51:
                    27:59:57:72:23:d2:1e:76:8c:d8:c2:4e:19:7d:c0:
                    17:7c:e1:78:12:8c:e5:36:83:80:6a:f4:23:d6:a3:
                    94:bd:b4:5f:4d:dc:0d:e2:76:f5:f6:3e:e1:f0:6e:
                    df:1d:39:9b:74:74:b4:45:87:23:96:8b:14:e2:5e:
                    a8:79:af:1f:01:55:24:f9:a9:56:bb:a7:f8:51:b5:
                    e9:74:69:8a:c5:ee:3e:ef:f4:64:c5:fe:a5:0d:5b:
                    99:ef:f2:5d:11:72:63:7f:4a:46:08:74:b8:c0:59:
                    9c:f3:9a:8b:6a:3b:88:dd:c3:22:80:d0:a9:d9:3b:
                    81:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:76:15:B8:63:4C:D9:86:CB:BB:0A:11:93:CE:33:20:A5:6C:20:29
            X509v3 Authority Key Identifier:
                keyid:45:5C:D5:0D:82:95:84:99:FD:AF:CB:0A:DF:10:25:1F:4C:AB:3E:2D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/RVzVDYKVhJn9r8sK3xAlH0yrPi0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RVzVDYKVhJn9r8sK3xAlH0yrPi0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/gXYVuGNM2YbLuwoRk84zIKVsICk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:2ec0::/32

    Signature Algorithm: sha256WithRSAEncryption
         95:84:83:61:14:77:ff:cc:87:db:e6:04:e1:7a:70:72:eb:5e:
         42:6a:db:1a:aa:c2:8b:55:62:aa:a4:a4:c1:be:41:a0:7a:4b:
         66:39:4b:f6:72:2a:bd:0e:e8:34:be:7a:cb:6d:ef:eb:9a:01:
         b2:56:a9:1c:40:eb:ca:11:e4:9d:0f:2e:e0:96:46:5d:df:1e:
         bf:d1:3f:68:f7:00:4a:50:39:92:44:0f:a8:9e:81:a1:0a:e4:
         b8:82:d7:4d:b9:9e:43:4a:bb:2d:e8:83:93:36:64:fa:e6:46:
         88:cd:dd:fc:34:cf:47:22:08:27:be:1e:db:d1:3b:9d:ef:53:
         4c:bd:7c:e0:73:58:55:4c:57:ba:b9:db:da:4b:c3:a8:1d:48:
         65:73:57:23:ef:0e:a6:9a:43:d5:b1:5c:40:9c:7a:6e:f0:5b:
         0e:cf:1d:88:fa:14:a6:cb:8e:c2:17:49:1f:42:bc:fe:3d:ce:
         83:0b:b8:85:fe:3b:02:52:1b:86:11:e1:06:df:f7:6c:dd:5f:
         9b:2f:6a:c4:56:1e:ce:b0:9b:e4:08:54:f8:2d:a0:33:17:af:
         5a:63:cd:21:9e:b1:16:ea:0a:18:20:6f:4e:1d:6c:9d:0f:43:
         31:64:ba:16:d0:79:36:d0:f3:05:86:5b:0f:54:62:bf:12:ec:
         d5:18:fa:fe
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICDvcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU1
Q0Q1MEQ4Mjk1ODQ5OUZEQUZDQjBBREYxMDI1MUY0Q0FCM0UyRDAeFw0yMjA5MTUw
MjQ5MDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDgxNzYxNUI4NjM0Q0Q5
ODZDQkJCMEExMTkzQ0UzMzIwQTU2QzIwMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGhRvcIPDL7hDbAgM9wsaAiAvi5tBMvFW1atCtu9XQRCUvN3Ep
iaNnbOccULuK9DlN7il+Atz9EDgyvz357QwUUI0LSl1O5m2AhfhEYG8sjbIx/g88
hQl0BAXoKHgD6MRbT8eeBwx46xQXajhULS2og9iwI3VTWraFpBkbJ/rXSyTzdw83
USdZV3Ij0h52jNjCThl9wBd84XgSjOU2g4Bq9CPWo5S9tF9N3A3idvX2PuHwbt8d
OZt0dLRFhyOWixTiXqh5rx8BVST5qVa7p/hRtel0aYrF7j7v9GTF/qUNW5nv8l0R
cmN/SkYIdLjAWZzzmotqO4jdwyKA0KnZO4HJAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUgXYVuGNM2YbLuwoRk84zIKVsICkwHwYDVR0jBBgwFoAURVzVDYKVhJn9r8sK
3xAlH0yrPi0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBhBgNVHR8EWjBYMFag
VKBShlByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQkVZT05E
T1JCSVQvUlZ6VkRZS1ZoSm45cjhzSzN4QWxIMHlyUGkwLmNybDBgBggrBgEFBQcB
AQRUMFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kv
VFdOSUNDQS9SVnpWRFlLVmhKbjlyOHNLM3hBbEgweXJQaTAuY2VyMA4GA1UdDwEB
/wQEAwIHgDCBoQYIKwYBBQUHAQsEgZQwgZEwXAYIKwYBBQUHMAuGUHJzeW5jOi8v
cnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9CRVlPTkRPUkJJVC9nWFlWdUdO
TTJZYkx1d29Sazg0eklLVnNJQ2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jy
ZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAQuwDANBgkqhkiG9w0BAQsFAAOCAQEAlYSDYRR3/8yH2+YE4Xpw
cuteQmrbGqrCi1ViqqSkwb5BoHpLZjlL9nIqvQ7oNL56y23v65oBslapHEDryhHk
nQ8u4JZGXd8ev9E/aPcASlA5kkQPqJ6BoQrkuILXTbmeQ0q7LeiDkzZk+uZGiM3d
/DTPRyIIJ74e29E7ne9TTL184HNYVUxXurnb2kvDqB1IZXNXI+8OpppD1bFcQJx6
bvBbDs8diPoUpsuOwhdJH0K8/j3Ogwu4hf47AlIbhhHhBt/3bN1fmy9qxFYezrCb
5AhU+C2gMxevWmPNIZ6xFuoKGCBvTh1snQ9DMWS6FtB5NtDzBYZbD1RivxLs1Rj6
/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org