Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/xXNawCMVLUOTfJZN2Uusy3yibwM.roa
File:                     xXNawCMVLUOTfJZN2Uusy3yibwM.roa (raw, json)
Hash identifier:          vbdWOOvlpd/mVSjRRk8R85sEOCF1F7jsLnEn+pg1f2M=
Subject key identifier:   C5:73:5A:C0:23:15:2D:43:93:7C:96:4D:D9:4B:AC:CB:7C:A2:6F:03
Certificate issuer:       /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial:       08CD
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/xXNawCMVLUOTfJZN2Uusy3yibwM.roa
Signing time:             Sun 07 Feb 2021 13:03:46 +0000
ROA not before:           Sun 07 Feb 2021 13:03:46 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     20473
IP address blocks:        103.122.188.0/22 maxlen: 22

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2253 (0x8cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
        Validity
            Not Before: Feb  7 13:03:46 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=C5735AC023152D43937C964DD94BACCB7CA26F03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1b:20:9f:b5:77:bb:f2:cb:ee:cc:4f:08:33:
                    14:4a:e1:dd:7c:65:a3:17:84:7c:3c:6c:59:59:f2:
                    8a:97:f7:e8:84:fa:03:d8:6e:ad:68:a6:08:b6:d6:
                    0c:48:f9:07:f5:a8:60:43:1a:a5:38:3f:f2:ff:3a:
                    24:ef:06:ae:ca:05:75:df:d7:6c:c1:f1:4d:a7:39:
                    87:9b:67:a1:2c:3b:d9:10:2d:28:90:75:c3:93:0e:
                    05:53:3a:93:38:73:67:3a:b2:1f:74:0d:73:ea:22:
                    45:76:6d:12:43:9d:64:5e:39:21:df:2e:c9:9e:a1:
                    6b:8f:a4:33:1f:c8:18:74:f9:48:38:a4:3c:b3:73:
                    73:11:9f:e6:2b:cf:78:bf:5a:f7:23:11:ff:64:71:
                    38:54:f1:58:9d:a7:15:b9:e3:70:a7:15:fa:c2:50:
                    7c:0a:91:72:28:e0:6f:4d:f5:93:7b:d3:28:2f:24:
                    6f:71:67:a3:b4:30:b4:68:fa:72:28:07:66:e1:a1:
                    86:4e:56:0f:e9:02:18:b5:cc:ac:d7:6e:51:3f:b2:
                    44:7b:ce:f2:db:95:56:96:e1:57:89:78:ed:c9:9b:
                    66:a6:02:1e:0d:22:61:b6:75:f5:1f:93:21:f6:e9:
                    24:68:14:69:57:9f:ff:78:21:a4:77:c8:87:9d:be:
                    be:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:73:5A:C0:23:15:2D:43:93:7C:96:4D:D9:4B:AC:CB:7C:A2:6F:03
            X509v3 Authority Key Identifier:
                keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/xXNawCMVLUOTfJZN2Uusy3yibwM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:f9:9c:4e:ad:2c:1e:e3:25:15:04:23:cd:cf:1b:dc:ce:bc:
         dd:6b:e4:73:26:b1:6d:62:c7:c0:ee:6a:60:fc:bc:96:03:5f:
         d9:74:9b:4b:26:69:45:45:2c:6e:bd:ce:8b:bb:bd:12:94:61:
         85:f5:f3:63:7c:35:d0:90:db:49:47:a1:55:0a:60:e2:a3:9c:
         c4:2e:65:35:78:48:16:74:05:b6:ff:36:77:ee:24:98:e5:e9:
         37:34:3c:e5:2c:73:31:21:29:69:ee:86:39:60:be:69:90:88:
         58:16:8d:78:c3:b4:00:1b:d1:3d:ec:fa:61:da:f5:6c:3e:fe:
         73:7e:fa:62:32:fb:6d:2d:e4:47:d4:de:1b:59:f2:9c:f9:ec:
         42:98:a4:59:93:ee:5c:c0:a5:e6:2c:c3:66:8e:06:54:5b:52:
         e1:37:b3:1a:41:43:5e:72:34:7a:21:c4:a9:62:63:26:6d:85:
         f1:c4:f3:7b:29:13:4c:c5:fc:1e:c5:b5:7c:66:8c:93:0b:db:
         b8:b0:ce:56:db:67:bb:d5:48:e6:74:09:1d:90:4c:2b:98:ec:
         19:fd:d9:a6:85:7d:4a:97:17:f5:fa:58:77:9b:0c:93:3d:a2:
         af:4f:d5:93:36:95:64:08:f8:f1:a3:41:12:e5:ab:1b:1e:8d:
         73:14:66:74
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTAyMDcx
MzAzNDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM1NzM1QUMwMjMxNTJE
NDM5MzdDOTY0REQ5NEJBQ0NCN0NBMjZGMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+GyCftXe78svuzE8IMxRK4d18ZaMXhHw8bFlZ8oqX9+iE+gPY
bq1opgi21gxI+Qf1qGBDGqU4P/L/OiTvBq7KBXXf12zB8U2nOYebZ6EsO9kQLSiQ
dcOTDgVTOpM4c2c6sh90DXPqIkV2bRJDnWReOSHfLsmeoWuPpDMfyBh0+Ug4pDyz
c3MRn+Yrz3i/WvcjEf9kcThU8VidpxW543CnFfrCUHwKkXIo4G9N9ZN70ygvJG9x
Z6O0MLRo+nIoB2bhoYZOVg/pAhi1zKzXblE/skR7zvLblVaW4VeJeO3Jm2amAh4N
ImG2dfUfkyH26SRoFGlXn/94IaR3yIedvr6nAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUxXNawCMVLUOTfJZN2Uusy3yibwMwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC94WE5hd0NNVkxVT1Rm
SlpOMlV1c3kzeWlid00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQAI+ZxOrSwe4yUVBCPNzxvczrzda+Rz
JrFtYsfA7mpg/LyWA1/ZdJtLJmlFRSxuvc6Lu70SlGGF9fNjfDXQkNtJR6FVCmDi
o5zELmU1eEgWdAW2/zZ37iSY5ek3NDzlLHMxISlp7oY5YL5pkIhYFo14w7QAG9E9
7Pph2vVsPv5zfvpiMvttLeRH1N4bWfKc+exCmKRZk+5cwKXmLMNmjgZUW1LhN7Ma
QUNecjR6IcSpYmMmbYXxxPN7KRNMxfwexbV8ZoyTC9u4sM5W22e71UjmdAkdkEwr
mOwZ/dmmhX1Klxf1+lh3mwyTPaKvT9WTNpVkCPjxo0ES5asbHo1zFGZ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org