Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/5DHQ8M7yEfM-FUT9BBjygvl_Msc.roa
File:                     5DHQ8M7yEfM-FUT9BBjygvl_Msc.roa (raw, json)
Hash identifier:          uA8Ql6e/7It92qysNUoTlD84hoc3k1NG9SYcRbxqMtk=
Subject key identifier:   E4:31:D0:F0:CE:F2:11:F3:3E:15:44:FD:04:18:F2:82:F9:7F:32:C7
Certificate issuer:       /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial:       15
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/5DHQ8M7yEfM-FUT9BBjygvl_Msc.roa
Signing time:             Sat 11 Sep 2021 17:19:53 +0000
ROA not before:           Sat 11 Sep 2021 17:19:53 +0000
ROA not after:            Tue 30 Aug 2022 03:11:21 +0000
asID:                     212279
IP address blocks:        103.172.124.0/24 maxlen: 32

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21 (0x15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
        Validity
            Not Before: Sep 11 17:19:53 2021 GMT
            Not After : Aug 30 03:11:21 2022 GMT
        Subject: CN=E431D0F0CEF211F33E1544FD0418F282F97F32C7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:96:23:90:53:14:64:84:ad:5b:11:c8:c3:51:
                    1c:4f:14:83:80:26:27:12:9d:99:c4:a4:23:f1:2f:
                    8d:ea:cb:28:ce:ec:a5:30:a7:89:da:13:2f:c6:78:
                    f3:f8:1c:1b:ea:23:83:58:30:b8:f5:23:b5:5a:16:
                    f8:a0:16:b1:b5:3a:b0:91:d7:94:15:17:fd:51:2e:
                    b3:e6:46:42:88:01:2e:01:40:ef:7d:14:a1:22:74:
                    79:77:25:2a:2c:ff:e8:48:27:ce:76:f3:46:de:a2:
                    f9:2e:c3:02:af:a7:6f:b8:fa:a5:f8:3d:17:e8:00:
                    68:c4:fd:6f:88:41:68:39:cc:93:52:16:22:1d:69:
                    1a:24:e4:68:7c:4a:d4:c5:9d:e6:f7:3e:ba:ed:46:
                    61:a7:95:3c:2c:63:5e:48:38:5a:b5:f4:60:64:91:
                    7e:7f:38:56:09:d7:fa:a8:c1:08:e6:39:9a:e0:72:
                    38:58:1d:59:36:72:87:0f:fe:15:4a:b5:72:e1:54:
                    47:42:f9:23:4b:cb:72:0b:a4:eb:97:b0:29:c6:4f:
                    b5:29:26:89:8d:c2:d6:99:58:65:34:4d:c2:2c:c0:
                    24:af:b2:2d:3f:13:61:d6:c5:4e:e9:25:55:7d:84:
                    6b:37:4f:90:16:e8:42:15:a5:33:08:0a:db:0f:9b:
                    c2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:31:D0:F0:CE:F2:11:F3:3E:15:44:FD:04:18:F2:82:F9:7F:32:C7
            X509v3 Authority Key Identifier:
                keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/5DHQ8M7yEfM-FUT9BBjygvl_Msc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:d4:21:96:97:f7:27:de:37:7a:83:c3:0a:e3:06:21:dd:9d:
         05:54:6a:e3:a2:2d:2f:a1:58:1e:c2:92:4c:65:a5:2c:73:70:
         5b:1d:45:50:1c:75:5c:df:70:db:d3:56:70:cc:8b:fd:b4:66:
         cc:65:52:71:07:ca:56:fb:43:d4:95:09:c8:27:85:d2:bb:5a:
         bf:81:ca:5a:3f:f3:6b:6d:e9:af:84:4a:c9:f3:05:04:d9:7b:
         15:04:6a:d2:2b:d4:73:9f:97:d8:47:2f:20:24:70:0f:35:11:
         91:00:cd:a6:e8:3c:b0:78:08:04:6b:5b:ad:db:2d:a4:d8:10:
         94:e9:20:48:83:d4:29:c5:b0:8c:a7:98:dd:23:25:b6:c6:36:
         b7:86:c3:a8:c7:01:c8:f8:b2:ae:ac:50:c9:04:a3:6f:6c:ce:
         ed:b6:c6:a3:17:a1:fb:44:33:bb:53:bb:7e:3b:63:7a:00:0a:
         a6:ab:58:47:db:d0:54:a7:a1:9d:11:a0:14:c9:62:17:0a:20:
         d1:72:b1:b9:44:65:09:24:1a:86:07:35:d6:47:3b:34:e6:d5:
         ef:53:ed:c8:0a:dd:0d:01:4d:79:e1:21:28:9d:e3:67:bc:85:
         00:97:34:87:ad:1e:1c:98:70:52:d4:bf:d5:e8:be:12:6d:c2:
         52:62:f9:ba
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIxMDkxMTE3
MTk1M1oXDTIyMDgzMDAzMTEyMVowMzExMC8GA1UEAxMoRTQzMUQwRjBDRUYyMTFG
MzNFMTU0NEZEMDQxOEYyODJGOTdGMzJDNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAN+WI5BTFGSErVsRyMNRHE8Ug4AmJxKdmcSkI/EvjerLKM7spTCn
idoTL8Z48/gcG+ojg1gwuPUjtVoW+KAWsbU6sJHXlBUX/VEus+ZGQogBLgFA730U
oSJ0eXclKiz/6EgnznbzRt6i+S7DAq+nb7j6pfg9F+gAaMT9b4hBaDnMk1IWIh1p
GiTkaHxK1MWd5vc+uu1GYaeVPCxjXkg4WrX0YGSRfn84VgnX+qjBCOY5muByOFgd
WTZyhw/+FUq1cuFUR0L5I0vLcguk65ewKcZPtSkmiY3C1plYZTRNwizAJK+yLT8T
YdbFTuklVX2EazdPkBboQhWlMwgK2w+bwhkCAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBTkMdDwzvIR8z4VRP0EGPKC+X8yxzAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS81REhROE03eUVmTS1GVVQ5
QkJqeWd2bF9Nc2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Z6x8MA0GCSqGSIb3DQEBCwUAA4IBAQCf1CGWl/cn3jd6g8MK4wYh3Z0FVGrjoi0v
oVgewpJMZaUsc3BbHUVQHHVc33Db01ZwzIv9tGbMZVJxB8pW+0PUlQnIJ4XSu1q/
gcpaP/NrbemvhErJ8wUE2XsVBGrSK9Rzn5fYRy8gJHAPNRGRAM2m6DyweAgEa1ut
2y2k2BCU6SBIg9QpxbCMp5jdIyW2xja3hsOoxwHI+LKurFDJBKNvbM7ttsajF6H7
RDO7U7t+O2N6AAqmq1hH29BUp6GdEaAUyWIXCiDRcrG5RGUJJBqGBzXWRzs05tXv
U+3ICt0NAU154SEoneNnvIUAlzSHrR4cmHBS1L/V6L4SbcJSYvm6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org