Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/Yz8vsKqJ6jYfbeV_NgWC54WB3DY.roa
File:                     Yz8vsKqJ6jYfbeV_NgWC54WB3DY.roa (raw, json)
Hash identifier:          ICMStYR5a9pVeNMSKr/DPk5/G1fnAMgizYTBSjE1t8w=
Subject key identifier:   63:3F:2F:B0:AA:89:EA:36:1F:6D:E5:7F:36:05:82:E7:85:81:DC:36
Certificate issuer:       /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial:       011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/Yz8vsKqJ6jYfbeV_NgWC54WB3DY.roa
Signing time:             Thu 15 Sep 2022 02:41:52 +0000
ROA not before:           Thu 15 Sep 2022 02:41:52 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     141173
IP address blocks:        103.172.124.0/23 maxlen: 23

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 287 (0x11f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
        Validity
            Not Before: Sep 15 02:41:52 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=633F2FB0AA89EA361F6DE57F360582E78581DC36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:2c:ed:44:75:db:5e:0d:83:ea:e1:2f:08:46:
                    cb:74:92:37:a1:f4:42:59:8b:8a:4e:08:68:2c:6d:
                    25:aa:bc:ff:d3:d9:c4:4f:92:d6:25:ba:ba:6f:51:
                    da:2c:ce:10:30:ac:7c:78:0b:3f:a1:81:75:19:ac:
                    c8:02:d9:07:8e:45:9e:4d:1c:bb:c6:be:35:dc:10:
                    38:70:4a:bc:e9:48:6c:3a:37:68:28:c7:12:cd:65:
                    3f:f0:c4:64:c4:97:d9:ef:a1:d7:8e:c9:a3:eb:dc:
                    e8:b0:f5:76:a4:9e:cc:4b:58:b9:87:17:6d:7d:68:
                    29:66:8b:cb:86:64:ce:53:f3:12:d1:37:2f:ee:1e:
                    27:61:7d:c8:b6:81:f0:03:62:99:ad:ba:7a:51:68:
                    d0:32:9d:6f:2d:12:02:58:a8:5e:ef:75:32:71:48:
                    c8:43:85:c5:d2:f9:55:c2:4e:dd:72:1b:50:6a:03:
                    04:ca:a1:11:d8:be:1d:e8:d0:dc:d2:79:e1:be:0a:
                    45:d0:4e:27:67:d8:94:7d:db:d7:fb:bf:e1:01:19:
                    05:35:16:47:f3:3d:88:44:74:bf:96:d3:e3:e0:b3:
                    29:3b:6d:a2:38:43:be:4c:02:39:f9:00:4c:da:96:
                    b0:aa:37:56:75:af:b9:fe:37:e1:a8:90:2a:89:a9:
                    dd:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:3F:2F:B0:AA:89:EA:36:1F:6D:E5:7F:36:05:82:E7:85:81:DC:36
            X509v3 Authority Key Identifier:
                keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/Yz8vsKqJ6jYfbeV_NgWC54WB3DY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         02:a0:54:08:8a:8d:6d:a1:52:8d:73:e0:7b:87:fc:fa:b0:7d:
         f9:2a:d7:55:5d:71:d0:2f:c6:a4:6d:74:87:d3:43:19:5b:c1:
         fb:9a:98:99:7d:1c:c0:df:90:86:b1:1a:c0:a2:ed:2e:e2:2a:
         39:05:e5:f9:87:0a:78:d7:03:31:ca:31:b2:38:8f:2d:9d:4b:
         5a:15:31:4b:51:f3:4a:4e:49:94:c9:d3:69:d5:94:76:ed:1e:
         e1:26:e2:bd:b6:4f:da:4e:a2:d6:a6:70:d4:c0:95:54:d6:2d:
         6b:44:de:a2:5f:9c:77:bc:de:88:23:08:5e:4e:84:30:54:92:
         cc:77:ac:d7:4d:66:81:58:8e:10:f5:bf:28:8f:21:ec:be:eb:
         47:a3:10:a5:91:39:74:0a:6d:39:3d:ec:6b:16:11:5f:e6:02:
         02:f4:6f:6a:a7:de:6f:45:01:d9:b9:c1:29:f1:be:55:4d:ba:
         f9:7f:ad:43:9e:27:7f:39:9b:57:df:ff:88:68:a8:39:44:9b:
         9c:a0:b7:42:b4:45:26:3a:fe:0f:3f:78:47:d4:96:94:ed:99:
         09:aa:23:ae:01:a6:9f:4e:fa:73:f0:2f:0d:6e:4c:c0:f8:91:
         81:d5:ba:d6:59:bd:72:32:12:72:b3:dd:02:ef:a3:92:4f:64:
         a5:69:34:a5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYzM0YyRkIwQUE4OUVB
MzYxRjZERTU3RjM2MDU4MkU3ODU4MURDMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHLO1EddteDYPq4S8IRst0kjeh9EJZi4pOCGgsbSWqvP/T2cRP
ktYlurpvUdoszhAwrHx4Cz+hgXUZrMgC2QeORZ5NHLvGvjXcEDhwSrzpSGw6N2go
xxLNZT/wxGTEl9nvodeOyaPr3Oiw9XaknsxLWLmHF219aClmi8uGZM5T8xLRNy/u
Hidhfci2gfADYpmtunpRaNAynW8tEgJYqF7vdTJxSMhDhcXS+VXCTt1yG1BqAwTK
oRHYvh3o0NzSeeG+CkXQTidn2JR929f7v+EBGQU1FkfzPYhEdL+W0+Pgsyk7baI4
Q75MAjn5AEzalrCqN1Z1r7n+N+GokCqJqd2TAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYz8vsKqJ6jYfbeV/NgWC54WB3DYwHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvWXo4dnNLcUo2allmYmVW
X05nV0M1NFdCM0RZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWesfDANBgkqhkiG9w0BAQsFAAOCAQEAAqBUCIqNbaFSjXPge4f8+rB9+SrXVV1x
0C/GpG10h9NDGVvB+5qYmX0cwN+QhrEawKLtLuIqOQXl+YcKeNcDMcoxsjiPLZ1L
WhUxS1HzSk5JlMnTadWUdu0e4SbivbZP2k6i1qZw1MCVVNYta0Teol+cd7zeiCMI
Xk6EMFSSzHes101mgViOEPW/KI8h7L7rR6MQpZE5dAptOT3saxYRX+YCAvRvaqfe
b0UB2bnBKfG+VU26+X+tQ54nfzmbV9//iGioOUSbnKC3QrRFJjr+Dz94R9SWlO2Z
CaojrgGmn076c/AvDW5MwPiRgdW61lm9cjIScrPdAu+jkk9kpWk0pQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org