Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/8RAJqBf48JlJ0pwepl4bEfGBRJU.roa
File:                     8RAJqBf48JlJ0pwepl4bEfGBRJU.roa (raw, json)
Hash identifier:          PbvrHLYZcnXg37a+g2Q7bqUIhXiyUi7rpJ4kXz8sUEc=
Subject key identifier:   F1:10:09:A8:17:F8:F0:99:49:D2:9C:1E:A6:5E:1B:11:F1:81:44:95
Certificate issuer:       /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial:       011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/8RAJqBf48JlJ0pwepl4bEfGBRJU.roa
Signing time:             Thu 15 Sep 2022 02:41:53 +0000
ROA not before:           Thu 15 Sep 2022 02:41:53 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24162
IP address blocks:        103.172.124.0/23 maxlen: 32

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 287 (0x11f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
        Validity
            Not Before: Sep 15 02:41:53 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=F11009A817F8F09949D29C1EA65E1B11F1814495
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:8f:86:85:33:e5:5c:b1:78:7d:e1:39:d5:3e:
                    ce:21:45:a8:ef:3f:f8:1c:2a:ba:6e:b3:8b:aa:89:
                    ff:42:0e:0a:28:ec:5a:ba:1a:80:66:42:72:72:82:
                    83:40:b6:4a:6b:9f:b0:63:e1:29:e2:a5:5b:4a:22:
                    41:1d:2c:65:f1:ce:e3:70:71:35:14:89:38:45:c9:
                    b0:01:b6:1e:28:47:7a:80:39:31:a2:c8:b6:88:d9:
                    e8:c7:e7:82:71:55:16:d8:56:6b:b2:1b:ba:52:f2:
                    18:5c:de:55:91:cc:34:43:1f:8b:04:48:77:46:f1:
                    11:c7:ee:f0:a9:1d:de:28:a1:ac:10:65:d6:63:d7:
                    86:c7:13:75:6e:29:44:18:41:03:b6:ea:41:58:b2:
                    91:3d:6c:86:18:22:78:d8:76:98:4c:81:e2:05:cf:
                    14:c0:47:30:e0:b8:79:32:7a:2e:dd:60:15:77:60:
                    46:f1:d3:1a:5e:bf:bf:ea:41:64:06:6a:f8:b3:ef:
                    ba:c7:94:43:df:f2:13:6e:2e:ff:d6:76:66:a7:4a:
                    9b:db:13:d2:f5:bf:1e:ce:0a:b2:bd:af:7b:29:1f:
                    a5:ac:ca:6f:97:ae:7f:0c:db:8f:16:f1:3a:ee:a0:
                    31:08:22:58:c9:bc:9e:b9:98:12:08:e5:f3:91:e7:
                    ae:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:10:09:A8:17:F8:F0:99:49:D2:9C:1E:A6:5E:1B:11:F1:81:44:95
            X509v3 Authority Key Identifier:
                keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/8RAJqBf48JlJ0pwepl4bEfGBRJU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         25:2b:b6:87:f6:c2:8c:f2:79:6f:e5:25:0f:e0:09:42:59:5c:
         8c:f2:6c:e1:b2:46:d4:be:d3:dc:e3:72:07:4b:27:b6:d2:13:
         e2:23:87:3a:30:6e:07:1a:41:96:7d:1b:a8:af:c5:f9:c4:8e:
         13:4e:0e:7f:36:7e:b5:5f:30:78:f3:3c:de:53:58:ae:5e:9d:
         1c:9d:84:3b:e5:63:1a:fa:11:41:d8:9e:3e:6d:7e:71:55:28:
         87:9f:71:df:db:89:77:a6:1a:32:4b:65:ab:7e:bc:54:1d:19:
         f6:1e:34:ad:40:0a:d8:a8:06:03:90:c8:15:17:31:14:b5:58:
         1e:fe:c3:ef:d2:1c:8d:84:8c:58:69:ad:3a:42:bf:20:2b:db:
         e7:85:22:d4:79:65:b1:b8:ae:fa:ba:44:4a:fc:9c:8f:35:c7:
         e5:1b:59:15:6e:33:de:c2:1d:23:c9:05:f6:18:65:ab:12:7c:
         33:64:a7:f4:d9:c8:99:14:7e:f9:bd:c0:42:c6:11:4a:7b:40:
         3a:c1:ef:3a:66:7c:b6:63:58:8d:b3:b9:54:be:fb:c2:ea:d8:
         5f:7a:39:a6:d8:c4:46:b9:fb:5c:54:0d:5a:cf:75:ce:f8:4e:
         28:78:6b:d0:6d:79:c2:93:41:81:87:ba:ce:fe:9c:47:28:21:
         a7:10:4b:f0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEYxMTAwOUE4MTdGOEYw
OTk0OUQyOUMxRUE2NUUxQjExRjE4MTQ0OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNj4aFM+VcsXh94TnVPs4hRajvP/gcKrpus4uqif9CDgoo7Fq6
GoBmQnJygoNAtkprn7Bj4SnipVtKIkEdLGXxzuNwcTUUiThFybABth4oR3qAOTGi
yLaI2ejH54JxVRbYVmuyG7pS8hhc3lWRzDRDH4sESHdG8RHH7vCpHd4ooawQZdZj
14bHE3VuKUQYQQO26kFYspE9bIYYInjYdphMgeIFzxTARzDguHkyei7dYBV3YEbx
0xpev7/qQWQGaviz77rHlEPf8hNuLv/WdmanSpvbE9L1vx7OCrK9r3spH6Wsym+X
rn8M248W8TruoDEIIljJvJ65mBII5fOR567dAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8RAJqBf48JlJ0pwepl4bEfGBRJUwHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvOFJBSnFCZjQ4SmxKMHB3
ZXBsNGJFZkdCUkpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWesfDANBgkqhkiG9w0BAQsFAAOCAQEAJSu2h/bCjPJ5b+UlD+AJQllcjPJs4bJG
1L7T3ONyB0snttIT4iOHOjBuBxpBln0bqK/F+cSOE04OfzZ+tV8wePM83lNYrl6d
HJ2EO+VjGvoRQdiePm1+cVUoh59x39uJd6YaMktlq368VB0Z9h40rUAK2KgGA5DI
FRcxFLVYHv7D79IcjYSMWGmtOkK/ICvb54Ui1Hllsbiu+rpESvycjzXH5RtZFW4z
3sIdI8kF9hhlqxJ8M2Sn9NnImRR++b3AQsYRSntAOsHvOmZ8tmNYjbO5VL77wurY
X3o5ptjERrn7XFQNWs91zvhOKHhr0G15wpNBgYe6zv6cRyghpxBL8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org