Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/iXFhGaUXTwtBnXqOyezRUMGA-74.roa
File:                     iXFhGaUXTwtBnXqOyezRUMGA-74.roa (raw, json)
Hash identifier:          oceDw8umncRT9VrilTlGVU0LfMzCIiH2WMzqF0/N5+M=
Subject key identifier:   89:71:61:19:A5:17:4F:0B:41:9D:7A:8E:C9:EC:D1:50:C1:80:FB:BE
Certificate issuer:       /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial:       0A68
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/iXFhGaUXTwtBnXqOyezRUMGA-74.roa
Signing time:             Thu 15 Sep 2022 02:47:53 +0000
ROA not before:           Thu 15 Sep 2022 02:47:53 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131657
IP address blocks:        103.122.188.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2664 (0xa68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
        Validity
            Not Before: Sep 15 02:47:53 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=89716119A5174F0B419D7A8EC9ECD150C180FBBE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fd:14:54:5d:6c:40:c7:00:5f:31:fd:48:ef:
                    bd:87:67:7c:7c:b1:e0:2d:ee:b9:93:fb:ae:63:16:
                    ad:1f:60:0b:cd:57:02:29:e1:ec:b4:68:dd:e1:08:
                    19:40:1e:0b:87:e3:63:16:f0:6e:da:30:9c:db:cb:
                    3b:04:6b:e1:a4:cd:1e:35:76:94:ca:eb:af:d8:31:
                    15:63:be:a4:7c:bc:26:b5:5a:f8:8c:0d:8f:68:20:
                    6d:88:e8:8d:48:3f:8a:54:82:b7:70:2b:0d:d5:42:
                    98:44:2c:65:b5:78:7c:7a:28:74:ca:05:bd:43:08:
                    a4:fe:6c:58:be:52:12:74:c0:20:06:9e:b0:42:34:
                    e9:0f:32:74:b8:77:35:2d:17:b1:ee:10:f9:bf:15:
                    b3:06:3d:b1:f3:20:28:5e:06:ac:d4:23:53:eb:20:
                    81:67:20:14:54:76:1b:0b:a9:0d:c1:5b:0b:12:fa:
                    23:81:02:03:6e:0a:bd:0b:13:7f:36:f9:7a:4b:22:
                    45:9a:f0:71:04:ce:34:0e:59:9d:74:6b:b0:75:b1:
                    61:18:1d:8f:c7:42:1f:b7:60:4d:7b:8e:b7:e0:89:
                    86:28:5d:ac:68:51:14:17:b5:57:ff:f0:3c:b4:a8:
                    24:0d:92:09:dd:19:86:d6:65:bd:0b:e2:ae:49:2d:
                    6f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:71:61:19:A5:17:4F:0B:41:9D:7A:8E:C9:EC:D1:50:C1:80:FB:BE
            X509v3 Authority Key Identifier:
                keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/iXFhGaUXTwtBnXqOyezRUMGA-74.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:3a:72:b1:c5:34:54:cf:0a:71:72:af:96:8c:b3:b6:1c:3d:
         ec:bd:bd:01:a4:cf:74:19:31:dd:f4:63:23:98:02:9c:11:40:
         f8:26:bf:c3:8f:79:95:b9:04:3a:86:7b:eb:d3:ce:71:5a:48:
         2d:2d:3d:7b:13:c1:b6:2c:1d:4d:0b:b7:3c:d8:57:d2:b9:dc:
         28:8b:c6:21:08:1e:0d:22:57:05:c0:05:cb:27:a2:d0:b0:82:
         06:1a:2c:1f:c3:54:d0:3e:b7:1b:97:04:f6:cc:88:a7:e7:26:
         f4:6e:68:a8:cd:34:30:55:04:ac:bf:d0:9b:f3:ca:5e:7a:25:
         09:2c:44:54:5d:cb:25:15:e3:72:a8:84:0f:68:8f:c2:84:b7:
         79:e2:1a:b8:75:d5:c6:67:76:34:8a:aa:82:0d:f2:45:dc:e1:
         99:81:40:93:38:d8:e4:a6:d0:e8:75:bf:78:18:2c:0a:78:2d:
         fe:04:e2:38:71:3a:11:ac:c8:5d:30:42:9a:96:7e:6b:3d:7f:
         fc:28:49:55:99:a0:39:c9:bf:6a:8c:84:d1:52:1c:2b:cd:da:
         18:62:69:9c:31:94:a6:fb:8b:e0:bb:ac:2d:b2:53:40:38:58:
         d0:70:3e:3f:d9:4f:79:67:30:a4:c8:aa:dd:43:c5:64:2a:8a:
         af:73:58:f5
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjA5MTUw
MjQ3NTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg5NzE2MTE5QTUxNzRG
MEI0MTlEN0E4RUM5RUNEMTUwQzE4MEZCQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy/RRUXWxAxwBfMf1I772HZ3x8seAt7rmT+65jFq0fYAvNVwIp
4ey0aN3hCBlAHguH42MW8G7aMJzbyzsEa+GkzR41dpTK66/YMRVjvqR8vCa1WviM
DY9oIG2I6I1IP4pUgrdwKw3VQphELGW1eHx6KHTKBb1DCKT+bFi+UhJ0wCAGnrBC
NOkPMnS4dzUtF7HuEPm/FbMGPbHzICheBqzUI1PrIIFnIBRUdhsLqQ3BWwsS+iOB
AgNuCr0LE382+XpLIkWa8HEEzjQOWZ10a7B1sWEYHY/HQh+3YE17jrfgiYYoXaxo
URQXtVf/8Dy0qCQNkgndGYbWZb0L4q5JLW9JAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUiXFhGaUXTwtBnXqOyezRUMGA+74wHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9pWEZoR2FVWFR3dEJu
WHFPeWV6UlVNR0EtNzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQA3OnKxxTRUzwpxcq+WjLO2HD3svb0B
pM90GTHd9GMjmAKcEUD4Jr/Dj3mVuQQ6hnvr085xWkgtLT17E8G2LB1NC7c82FfS
udwoi8YhCB4NIlcFwAXLJ6LQsIIGGiwfw1TQPrcblwT2zIin5yb0bmiozTQwVQSs
v9Cb88peeiUJLERUXcslFeNyqIQPaI/ChLd54hq4ddXGZ3Y0iqqCDfJF3OGZgUCT
ONjkptDodb94GCwKeC3+BOI4cToRrMhdMEKaln5rPX/8KElVmaA5yb9qjITRUhwr
zdoYYmmcMZSm+4vgu6wtslNAOFjQcD4/2U95ZzCkyKrdQ8VkKoqvc1j1
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org