Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/Yq9JkhUJElM8vcOjfsMGaWsFfLg.roa
File:                     Yq9JkhUJElM8vcOjfsMGaWsFfLg.roa (raw, json)
Hash identifier:          sWTopNo4wcY8b2Rw7NXh63xfHaDSoxtd1bjIb9jZX/A=
Subject key identifier:   62:AF:49:92:15:09:12:53:3C:BD:C3:A3:7E:C3:06:69:6B:05:7C:B8
Certificate issuer:       /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial:       0A68
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/Yq9JkhUJElM8vcOjfsMGaWsFfLg.roa
Signing time:             Thu 15 Sep 2022 02:47:53 +0000
ROA not before:           Thu 15 Sep 2022 02:47:53 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     20473
IP address blocks:        103.122.188.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2664 (0xa68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
        Validity
            Not Before: Sep 15 02:47:53 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=62AF4992150912533CBDC3A37EC306696B057CB8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:da:39:2d:9b:8a:37:b2:e6:b0:ee:3a:c1:9c:
                    23:42:e4:e6:81:58:7a:f3:ae:91:1a:ce:73:39:76:
                    71:e9:be:57:57:3a:20:a0:0e:d2:09:04:b6:18:ff:
                    f8:68:b4:65:42:73:3f:97:92:14:49:90:1a:7f:d8:
                    61:09:f0:a2:b8:45:88:a8:33:f9:96:5a:90:88:8d:
                    1f:59:f1:eb:25:d7:a1:50:15:19:a3:28:7f:d6:cb:
                    c2:a5:33:f0:52:8e:43:eb:fa:53:47:34:27:5a:7c:
                    5d:9e:5a:b9:58:bb:73:e8:f0:df:04:e6:1e:8a:38:
                    37:a7:14:87:d3:ae:fb:6e:3f:db:ba:83:a3:66:b1:
                    5f:3d:cd:35:3a:06:38:91:49:54:fd:59:4f:ae:c9:
                    8d:86:23:37:25:39:ac:2f:64:ee:60:4a:de:a8:57:
                    b3:57:4d:84:99:70:67:2f:e6:76:48:da:ab:96:82:
                    e2:d1:cf:ad:02:ae:02:39:92:08:4e:85:b6:bd:ef:
                    d5:a3:5f:96:5b:f9:35:5a:43:13:8f:9a:e6:97:24:
                    f3:0e:28:88:ca:0f:94:75:3c:c9:c9:04:b2:56:65:
                    b4:83:01:1d:b4:9a:67:f5:71:38:94:6c:98:ca:12:
                    1b:86:96:d4:ce:7b:f4:f9:89:4c:55:e2:ec:ae:72:
                    7b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:AF:49:92:15:09:12:53:3C:BD:C3:A3:7E:C3:06:69:6B:05:7C:B8
            X509v3 Authority Key Identifier:
                keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/Yq9JkhUJElM8vcOjfsMGaWsFfLg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:e3:1b:b3:dc:2d:5b:a7:81:7a:d9:aa:c6:65:0f:01:09:a5:
         65:fc:0b:3d:d4:da:71:84:72:71:83:75:9f:33:3c:1e:ee:b0:
         04:ad:15:c9:c7:c0:1e:38:5a:c7:36:82:2b:f9:f1:62:77:bc:
         6d:97:a1:e8:7b:82:63:d3:91:11:89:84:4b:60:99:2c:b1:0c:
         be:83:b5:11:3b:be:3a:63:48:eb:f4:a3:d1:92:6c:9f:22:c1:
         bb:ee:6d:99:a0:ce:96:d4:06:6e:e8:bc:92:d9:68:d7:ba:fd:
         18:3a:ff:3d:d7:98:8f:09:b0:1f:63:f5:92:51:77:2b:6d:72:
         75:fb:83:66:2a:c7:5d:d3:92:ba:fa:7d:13:fa:76:59:6c:30:
         12:6d:d3:ca:4c:c2:36:3c:54:1a:84:03:94:66:24:32:47:51:
         0e:74:51:72:16:1d:d1:6e:a3:7a:06:57:ca:96:c4:4e:2c:d7:
         01:ac:05:3c:8a:83:83:4c:d9:76:f9:60:16:34:3e:cc:f7:b9:
         92:39:da:7b:41:98:3e:e5:d3:2e:af:fd:46:5e:df:8d:34:29:
         0b:a4:ef:8f:58:49:c4:71:42:4c:22:a0:68:46:09:37:ef:ce:
         30:cf:c5:73:ed:78:a5:78:57:2f:e8:48:35:d9:aa:24:84:94:
         45:94:b4:76
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjA5MTUw
MjQ3NTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYyQUY0OTkyMTUwOTEy
NTMzQ0JEQzNBMzdFQzMwNjY5NkIwNTdDQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ2jktm4o3suaw7jrBnCNC5OaBWHrzrpEaznM5dnHpvldXOiCg
DtIJBLYY//hotGVCcz+XkhRJkBp/2GEJ8KK4RYioM/mWWpCIjR9Z8esl16FQFRmj
KH/Wy8KlM/BSjkPr+lNHNCdafF2eWrlYu3Po8N8E5h6KODenFIfTrvtuP9u6g6Nm
sV89zTU6BjiRSVT9WU+uyY2GIzclOawvZO5gSt6oV7NXTYSZcGcv5nZI2quWguLR
z60CrgI5kghOhba979WjX5Zb+TVaQxOPmuaXJPMOKIjKD5R1PMnJBLJWZbSDAR20
mmf1cTiUbJjKEhuGltTOe/T5iUxV4uyucntbAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUYq9JkhUJElM8vcOjfsMGaWsFfLgwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9ZcTlKa2hVSkVsTTh2
Y09qZnNNR2FXc0ZmTGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQBO4xuz3C1bp4F62arGZQ8BCaVl/As9
1NpxhHJxg3WfMzwe7rAErRXJx8AeOFrHNoIr+fFid7xtl6Hoe4Jj05ERiYRLYJks
sQy+g7URO746Y0jr9KPRkmyfIsG77m2ZoM6W1AZu6LyS2WjXuv0YOv8915iPCbAf
Y/WSUXcrbXJ1+4NmKsdd05K6+n0T+nZZbDASbdPKTMI2PFQahAOUZiQyR1EOdFFy
Fh3RbqN6BlfKlsROLNcBrAU8ioODTNl2+WAWND7M97mSOdp7QZg+5dMur/1GXt+N
NCkLpO+PWEnEcUJMIqBoRgk3784wz8Vz7XileFcv6Eg12aokhJRFlLR2
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org