Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/8/32332e3134392e3135322e302f32342d3234203d3e20323132383935.roa
File:                     32332e3134392e3135322e302f32342d3234203d3e20323132383935.roa (raw, json)
Hash identifier:          N77fqXLNV163+Kks1DRHCABKbUDFo7o3+fCat3PPJiw=
Subject key identifier:   00:21:5B:E9:5F:10:8E:26:10:D4:F5:2D:37:CE:7C:97:E9:C7:F4:29
Certificate issuer:       /CN=381C7A4E80F50F1F7F8CE0819134F3836A8C389C
Certificate serial:       74FDE50BE168A8A1A019C16B2040C2FC0E4EFAFD
Authority key identifier: 38:1C:7A:4E:80:F5:0F:1F:7F:8C:E0:81:91:34:F3:83:6A:8C:38:9C
Authority info access:    rsync://dev.tw/rpki/August/4/381C7A4E80F50F1F7F8CE0819134F3836A8C389C.cer
Subject info access:      rsync://rpki.co/repo/AS945/8/32332e3134392e3135322e302f32342d3234203d3e20323132383935.roa
Signing time:             Mon 11 Mar 2024 04:13:46 +0000
ROA not before:           Mon 11 Mar 2024 04:08:46 +0000
ROA not after:            Mon 10 Mar 2025 04:13:46 +0000
asID:                     212895
IP address blocks:        23.149.152.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:fd:e5:0b:e1:68:a8:a1:a0:19:c1:6b:20:40:c2:fc:0e:4e:fa:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381C7A4E80F50F1F7F8CE0819134F3836A8C389C
        Validity
            Not Before: Mar 11 04:08:46 2024 GMT
            Not After : Mar 10 04:13:46 2025 GMT
        Subject: CN=00215BE95F108E2610D4F52D37CE7C97E9C7F429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5d:d7:1b:15:fd:ce:71:1b:7b:20:fb:a8:d0:
                    b3:ea:39:fa:1a:82:02:cf:48:5c:c1:ba:8e:18:5f:
                    2a:3a:74:66:a3:bf:ed:fb:87:10:36:a7:c7:e0:dc:
                    ff:e7:31:1f:21:53:d9:0a:96:d5:d8:ce:0b:63:96:
                    6f:a4:d7:99:11:b9:93:29:7c:ff:28:2b:f2:5f:32:
                    67:0e:f0:18:8b:37:85:a2:f6:7d:f0:54:e9:49:e1:
                    7a:71:f6:3d:c7:9e:24:24:52:d9:67:01:7e:43:80:
                    97:e7:26:12:99:f3:83:e2:a8:be:5e:86:02:2c:e7:
                    b4:07:33:05:84:ce:f9:ce:45:4b:34:78:cf:c8:1a:
                    ac:65:c0:47:0f:9b:0d:cc:c2:e5:10:c2:5b:bc:47:
                    17:89:aa:c3:02:b8:df:9e:db:0f:3e:35:c5:b1:c8:
                    07:8f:4a:72:47:80:8f:bb:1d:3c:ad:28:d8:f3:15:
                    3d:99:42:0e:90:5f:a5:ab:c1:68:51:98:3a:17:b4:
                    c2:b1:0e:16:76:88:30:a7:5b:af:a1:5b:7e:1c:1d:
                    8a:aa:d6:db:6a:4c:a2:2d:13:76:7c:05:ca:d7:b7:
                    e1:1d:0b:32:e0:66:04:15:ec:f5:19:42:80:ba:40:
                    c4:c7:d2:fb:06:10:bd:cd:40:7e:ff:3f:99:18:82:
                    c5:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:21:5B:E9:5F:10:8E:26:10:D4:F5:2D:37:CE:7C:97:E9:C7:F4:29
            X509v3 Authority Key Identifier:
                keyid:38:1C:7A:4E:80:F5:0F:1F:7F:8C:E0:81:91:34:F3:83:6A:8C:38:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/8/381C7A4E80F50F1F7F8CE0819134F3836A8C389C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/4/381C7A4E80F50F1F7F8CE0819134F3836A8C389C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/8/32332e3134392e3135322e302f32342d3234203d3e20323132383935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.149.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:ea:b4:12:eb:ef:9a:3b:93:08:79:ef:a8:ca:e1:1b:62:18:
         d6:9f:f7:8e:fc:1c:e3:b5:51:11:4c:f1:cf:4d:99:e5:47:5b:
         0d:13:af:50:81:53:0f:82:69:a3:17:d2:3a:8a:96:4f:e3:ea:
         be:1f:df:7c:4d:ea:01:d0:f8:8b:89:88:87:a9:2d:38:ad:04:
         7b:6f:95:29:e9:5a:98:5c:f5:69:14:cd:d7:d5:fb:6c:ab:56:
         87:f5:68:7c:47:5b:34:b0:2d:e7:bc:99:5a:eb:6e:15:91:01:
         ec:9b:7a:37:45:a6:24:b5:a2:04:5a:4b:23:2b:31:d5:cf:3f:
         06:df:fd:fb:a6:d2:3b:90:0f:70:8d:c2:dc:9f:9d:33:f8:3a:
         92:51:a6:a1:b2:4c:17:3d:5c:50:07:14:26:b4:18:40:5e:7f:
         17:5b:9f:74:72:a8:a8:75:03:48:d9:7b:c1:46:ee:60:5d:b5:
         04:9a:e5:22:21:b1:b5:f0:ec:09:1b:86:ea:16:31:79:b5:60:
         87:5f:28:22:39:ae:f7:2f:69:4e:30:dd:43:42:3d:82:c7:2b:
         7d:2b:40:5b:b9:54:2c:d1:44:c2:01:93:47:dc:3d:08:46:4e:
         cb:c7:86:51:ed:73:3b:e7:db:06:94:69:62:fe:c5:73:8f:22:
         9e:ef:94:2a
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUdP3lC+FoqKGgGcFrIEDC/A5O+v0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzgxQzdBNEU4MEY1MEYxRjdGOENFMDgxOTEzNEYzODM2
QThDMzg5QzAeFw0yNDAzMTEwNDA4NDZaFw0yNTAzMTAwNDEzNDZaMDMxMTAvBgNV
BAMTKDAwMjE1QkU5NUYxMDhFMjYxMEQ0RjUyRDM3Q0U3Qzk3RTlDN0Y0MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxXdcbFf3OcRt7IPuo0LPqOfoa
ggLPSFzBuo4YXyo6dGajv+37hxA2p8fg3P/nMR8hU9kKltXYzgtjlm+k15kRuZMp
fP8oK/JfMmcO8BiLN4Wi9n3wVOlJ4Xpx9j3HniQkUtlnAX5DgJfnJhKZ84PiqL5e
hgIs57QHMwWEzvnORUs0eM/IGqxlwEcPmw3MwuUQwlu8RxeJqsMCuN+e2w8+NcWx
yAePSnJHgI+7HTytKNjzFT2ZQg6QX6WrwWhRmDoXtMKxDhZ2iDCnW6+hW34cHYqq
1ttqTKItE3Z8BcrXt+EdCzLgZgQV7PUZQoC6QMTH0vsGEL3NQH7/P5kYgsX5AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUACFb6V8QjiYQ1PUtN858l+nH9CkwHwYDVR0j
BBgwFoAUOBx6ToD1Dx9/jOCBkTTzg2qMOJwwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzgvMzgxQzdB
NEU4MEY1MEYxRjdGOENFMDgxOTEzNEYzODM2QThDMzg5Qy5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC80
LzM4MUM3QTRFODBGNTBGMUY3RjhDRTA4MTkxMzRGMzgzNkE4QzM4OUMuY2VyMHUG
CCsGAQUFBwELBGkwZzBlBggrBgEFBQcwC4ZZcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvOC8zMjMzMmUzMTM0MzkyZTMxMzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNk
M2UyMDMyMzEzMjM4MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEABeVmDANBgkqhkiG9w0BAQsFAAOC
AQEAAOq0EuvvmjuTCHnvqMrhG2IY1p/3jvwc47VREUzxz02Z5UdbDROvUIFTD4Jp
oxfSOoqWT+Pqvh/ffE3qAdD4i4mIh6ktOK0Ee2+VKelamFz1aRTN19X7bKtWh/Vo
fEdbNLAt57yZWutuFZEB7Jt6N0WmJLWiBFpLIysx1c8/Bt/9+6bSO5APcI3C3J+d
M/g6klGmobJMFz1cUAcUJrQYQF5/F1ufdHKoqHUDSNl7wUbuYF21BJrlIiGxtfDs
CRuG6hYxebVgh18oIjmu9y9pTjDdQ0I9gscrfStAW7lULNFEwgGTR9w9CEZOy8eG
Ue1zO+fbBpRpYv7Fc48inu+UKg==
-----END CERTIFICATE-----
Generated at Thu Jun 20 06:10:03 2024 by rpki-client on console-ams.rpki-client.org