Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/tyDUpYeccBdbI6AVwjxH1sZwZao.roa
File:                     tyDUpYeccBdbI6AVwjxH1sZwZao.roa (raw, json)
Hash identifier:          qqTuRkizBH774gcTu1p/CT6pGYCqbYVdRNgSphbU8hU=
Subject key identifier:   B7:20:D4:A5:87:9C:70:17:5B:23:A0:15:C2:3C:47:D6:C6:70:65:AA
Certificate issuer:       /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial:       096E
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/tyDUpYeccBdbI6AVwjxH1sZwZao.roa
Signing time:             Wed 29 Sep 2021 02:50:28 +0000
ROA not before:           Wed 29 Sep 2021 02:50:28 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     20473
IP address blocks:        103.122.191.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2414 (0x96e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
        Validity
            Not Before: Sep 29 02:50:28 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=B720D4A5879C70175B23A015C23C47D6C67065AA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f2:2f:94:23:a2:ff:f2:60:10:86:4a:15:95:
                    3b:d1:57:66:63:95:25:95:ca:f1:e5:4b:b8:b5:50:
                    d1:87:a9:8c:a9:26:e7:73:57:4c:92:18:f5:ad:55:
                    8c:fe:b5:e7:cc:08:10:8a:90:d1:70:ee:ed:35:a2:
                    22:f4:c6:84:b6:bb:bd:fa:6b:fd:42:47:9a:5c:af:
                    38:6b:25:db:4a:bd:87:e7:0b:eb:e0:8f:85:66:7a:
                    99:fa:24:93:7c:d8:9e:6c:1c:46:59:db:27:65:63:
                    09:1b:e8:22:e4:55:a2:4a:28:4a:5a:2a:90:0d:f6:
                    4a:1a:b4:b6:ec:f4:0b:1b:70:8d:66:cc:70:82:27:
                    e5:ec:5f:69:8b:04:79:e1:61:84:a4:70:f0:b7:b0:
                    f8:15:3c:97:b4:c9:a7:34:ac:9c:34:20:22:37:d9:
                    37:ce:9e:eb:d8:81:a2:87:ad:da:52:1a:5b:50:16:
                    e2:a2:06:2a:ca:db:2b:66:d6:67:66:0b:9a:88:62:
                    74:8e:9b:2d:54:2d:ee:e0:cc:a6:a1:18:10:f1:42:
                    dc:52:c0:8f:f3:1d:cc:88:0c:4d:0b:3b:00:fc:8c:
                    87:13:95:f7:17:b5:e9:ce:a5:c7:51:cd:4b:b1:ff:
                    e0:03:85:2c:cd:99:dd:7c:b5:c9:22:4e:5e:d0:dc:
                    10:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:20:D4:A5:87:9C:70:17:5B:23:A0:15:C2:3C:47:D6:C6:70:65:AA
            X509v3 Authority Key Identifier:
                keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/tyDUpYeccBdbI6AVwjxH1sZwZao.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:04:2a:7b:f4:a7:f9:42:b2:e5:42:e8:06:e1:28:ae:63:5d:
         bc:3c:60:6b:29:78:fe:25:38:2b:ac:65:1c:40:6e:99:e0:fb:
         2f:6d:a1:8f:9e:a9:74:4a:88:1b:54:32:96:35:09:33:68:9a:
         46:86:05:4d:9a:4a:e8:61:02:7e:16:98:55:36:f0:7f:23:1a:
         2f:5c:f1:01:d5:4c:af:ef:f2:1d:2d:f1:34:8b:dd:f5:ce:70:
         9d:2f:9a:ee:4b:a5:04:a6:72:d5:35:84:88:8b:ad:41:9e:b8:
         64:c4:f3:f3:4b:19:fc:32:08:5e:cb:f1:4b:2f:0d:c0:df:92:
         76:e5:ce:ce:25:aa:1b:fc:0c:4f:f6:06:05:76:30:72:a6:b7:
         15:d4:d8:97:3a:a0:15:f4:c9:93:ea:ae:7e:1d:06:3f:5c:6d:
         74:a2:d3:34:2b:bd:be:1c:76:de:e3:17:95:42:7d:64:2f:4d:
         ce:38:c1:dd:bd:88:fa:7e:49:90:4d:2b:94:a6:40:a7:c5:b0:
         44:34:5a:87:1b:37:1e:b1:41:a2:8c:04:79:20:7c:d6:76:9c:
         4b:54:67:b5:a9:3e:2b:ce:a9:84:04:9e:7e:94:5f:ee:f5:26:
         0a:4c:af:39:5c:5f:99:1d:be:a5:47:68:ad:ef:41:8c:23:a9:
         1c:c1:4f:7a
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTA5Mjkw
MjUwMjhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEI3MjBENEE1ODc5Qzcw
MTc1QjIzQTAxNUMyM0M0N0Q2QzY3MDY1QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr8i+UI6L/8mAQhkoVlTvRV2ZjlSWVyvHlS7i1UNGHqYypJudz
V0ySGPWtVYz+tefMCBCKkNFw7u01oiL0xoS2u736a/1CR5pcrzhrJdtKvYfnC+vg
j4Vmepn6JJN82J5sHEZZ2ydlYwkb6CLkVaJKKEpaKpAN9koatLbs9AsbcI1mzHCC
J+XsX2mLBHnhYYSkcPC3sPgVPJe0yac0rJw0ICI32TfOnuvYgaKHrdpSGltQFuKi
BirK2ytm1mdmC5qIYnSOmy1ULe7gzKahGBDxQtxSwI/zHcyIDE0LOwD8jIcTlfcX
tenOpcdRzUux/+ADhSzNmd18tckiTl7Q3BBTAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUtyDUpYeccBdbI6AVwjxH1sZwZaowHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC90eURVcFllY2NCZGJJ
NkFWd2p4SDFzWndaYW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQCSBCp79Kf5QrLlQugG4SiuY128PGBr
KXj+JTgrrGUcQG6Z4PsvbaGPnql0SogbVDKWNQkzaJpGhgVNmkroYQJ+FphVNvB/
IxovXPEB1Uyv7/IdLfE0i931znCdL5ruS6UEpnLVNYSIi61BnrhkxPPzSxn8Mghe
y/FLLw3A35J25c7OJaob/AxP9gYFdjByprcV1NiXOqAV9MmT6q5+HQY/XG10otM0
K72+HHbe4xeVQn1kL03OOMHdvYj6fkmQTSuUpkCnxbBENFqHGzcesUGijAR5IHzW
dpxLVGe1qT4rzqmEBJ5+lF/u9SYKTK85XF+ZHb6lR2it70GMI6kcwU96
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org