Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/BTWVN8UX5PU4x0kycSs1nNWSSe0.roa
File:                     BTWVN8UX5PU4x0kycSs1nNWSSe0.roa (raw, json)
Hash identifier:          q2m5/k9NDClLjd7tfustFfOTYT1AOA8YTbxR9Hu6rYU=
Subject key identifier:   05:35:95:37:C5:17:E4:F5:38:C7:49:32:71:2B:35:9C:D5:92:49:ED
Certificate issuer:       /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial:       011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/BTWVN8UX5PU4x0kycSs1nNWSSe0.roa
Signing time:             Thu 15 Sep 2022 02:41:53 +0000
ROA not before:           Thu 15 Sep 2022 02:41:53 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     210707
IP address blocks:        103.172.124.0/23 maxlen: 32

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 287 (0x11f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
        Validity
            Not Before: Sep 15 02:41:53 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=05359537C517E4F538C74932712B359CD59249ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:c5:5e:43:b2:a6:e4:7d:72:07:39:db:4b:72:
                    69:a2:42:a2:76:59:9e:3d:9f:fb:d5:d9:e5:e0:23:
                    fa:4b:df:db:d1:5f:db:fc:4d:8f:1d:48:8a:78:de:
                    41:91:c8:5e:87:71:2f:23:21:ed:30:42:1b:8b:54:
                    f2:a1:40:85:61:0e:02:32:bd:3f:98:12:73:eb:04:
                    0d:87:7d:9b:fe:a7:ee:fb:b2:06:9a:70:b1:3c:18:
                    8c:b9:37:93:5a:60:e3:88:60:e6:2a:f1:58:9b:5c:
                    f3:86:d2:cf:bb:4b:71:f2:3f:28:a3:49:bb:bf:b0:
                    b0:c0:d9:90:06:3a:9c:04:c6:65:bf:d6:12:dd:db:
                    97:e8:af:16:15:4c:96:c2:12:83:db:ca:0d:3b:cc:
                    3b:17:04:c7:f6:b4:76:10:1a:ab:68:f7:01:6a:ac:
                    7d:14:66:3c:81:e9:90:2a:7d:b4:09:3e:90:03:ec:
                    dc:c4:4f:1d:1f:62:de:31:ac:a5:af:03:4d:70:19:
                    14:03:93:73:be:9c:23:a3:cb:ef:c6:d4:17:ed:99:
                    5b:11:15:45:66:4f:70:b7:c0:cb:1a:a2:5f:e5:35:
                    30:80:66:29:26:53:3a:e5:e8:48:0c:74:80:8d:7d:
                    2b:4c:e2:71:ea:23:a1:93:72:23:0e:9e:c5:ce:0d:
                    63:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:35:95:37:C5:17:E4:F5:38:C7:49:32:71:2B:35:9C:D5:92:49:ED
            X509v3 Authority Key Identifier:
                keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/BTWVN8UX5PU4x0kycSs1nNWSSe0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:27:c1:93:19:6e:07:5e:92:52:e4:f7:84:82:d7:b4:ba:c4:
         3f:ac:be:72:e0:73:3b:c9:a9:0e:bf:d0:4d:67:39:81:68:40:
         07:47:1d:56:85:f9:18:01:88:47:f7:9d:43:c5:95:2c:ec:cf:
         b9:5f:72:2f:f1:f8:b5:2a:b3:8f:d4:41:d6:25:9e:e8:9a:2c:
         11:f9:ba:d1:1d:a3:6e:01:5f:c7:5d:72:30:6c:93:cd:1a:81:
         dd:cf:4c:5e:c3:c0:98:3a:22:d2:aa:56:8c:f8:09:50:f1:b4:
         1b:ec:e7:16:6a:b3:f7:29:05:da:0c:3c:a0:cc:a8:f8:1d:9e:
         c5:ce:9f:7b:55:8f:2e:bf:f4:29:05:fc:4e:e2:e4:86:a2:8c:
         f6:eb:43:f9:8f:e5:61:d0:68:53:e7:c9:50:d0:74:f3:09:ae:
         20:1b:e4:2c:f4:60:de:94:6f:8e:a8:65:f0:77:c4:67:c1:48:
         aa:d1:e8:bd:be:1b:97:5e:52:dc:2f:e1:3b:d9:cf:45:9f:97:
         52:04:bc:be:4c:ff:7e:ab:fe:70:cb:72:eb:08:cc:4d:23:70:
         fb:50:e8:be:49:29:68:c3:57:c2:ff:61:5b:b3:18:a4:3d:44:
         ce:45:b7:45:38:79:e6:1e:ed:a0:b7:44:12:1e:bf:a1:52:48:
         57:21:7b:8f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA1MzU5NTM3QzUxN0U0
RjUzOEM3NDkzMjcxMkIzNTlDRDU5MjQ5RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVxV5DsqbkfXIHOdtLcmmiQqJ2WZ49n/vV2eXgI/pL39vRX9v8
TY8dSIp43kGRyF6HcS8jIe0wQhuLVPKhQIVhDgIyvT+YEnPrBA2HfZv+p+77sgaa
cLE8GIy5N5NaYOOIYOYq8VibXPOG0s+7S3HyPyijSbu/sLDA2ZAGOpwExmW/1hLd
25forxYVTJbCEoPbyg07zDsXBMf2tHYQGqto9wFqrH0UZjyB6ZAqfbQJPpAD7NzE
Tx0fYt4xrKWvA01wGRQDk3O+nCOjy+/G1BftmVsRFUVmT3C3wMsaol/lNTCAZikm
Uzrl6EgMdICNfStM4nHqI6GTciMOnsXODWOFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBTWVN8UX5PU4x0kycSs1nNWSSe0wHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvQlRXVk44VVg1UFU0eDBr
eWNTczFuTldTU2UwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWesfDANBgkqhkiG9w0BAQsFAAOCAQEAKCfBkxluB16SUuT3hILXtLrEP6y+cuBz
O8mpDr/QTWc5gWhAB0cdVoX5GAGIR/edQ8WVLOzPuV9yL/H4tSqzj9RB1iWe6Jos
Efm60R2jbgFfx11yMGyTzRqB3c9MXsPAmDoi0qpWjPgJUPG0G+znFmqz9ykF2gw8
oMyo+B2exc6fe1WPLr/0KQX8TuLkhqKM9utD+Y/lYdBoU+fJUNB08wmuIBvkLPRg
3pRvjqhl8HfEZ8FIqtHovb4bl15S3C/hO9nPRZ+XUgS8vkz/fqv+cMty6wjMTSNw
+1DovkkpaMNXwv9hW7MYpD1EzkW3RTh55h7toLdEEh6/oVJIVyF7jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org