Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/07EaCEqY8hBvv8En1eXoQ0xI2MY.roa
File:                     07EaCEqY8hBvv8En1eXoQ0xI2MY.roa (raw, json)
Hash identifier:          5eB+sC3AiAG4SdD4M/Zo9FY+12MVVoOCa5jmyXYvUxc=
Subject key identifier:   D3:B1:1A:08:4A:98:F2:10:6F:BF:C1:27:D5:E5:E8:43:4C:48:D8:C6
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       131B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/07EaCEqY8hBvv8En1eXoQ0xI2MY.roa
Signing time:             Fri 01 Sep 2023 08:05:22 +0000
ROA not before:           Fri 01 Sep 2023 08:05:22 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24154
IP address blocks:        210.200.4.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4891 (0x131b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:05:22 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=D3B11A084A98F2106FBFC127D5E5E8434C48D8C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8a:2c:27:5e:6a:3f:82:73:fc:d2:19:7f:1e:
                    00:e9:19:77:39:d7:ec:4c:0f:5f:53:bd:ab:21:34:
                    d8:4a:d3:02:46:0b:3d:eb:ed:2d:75:d0:40:8d:a9:
                    01:4d:f6:70:b6:66:70:f0:0d:c2:da:99:30:bb:88:
                    ce:f3:fd:d1:29:8f:9e:a8:f3:ad:be:03:59:42:ea:
                    64:7d:e3:18:d8:92:9e:3f:b2:57:e9:3c:70:e9:c1:
                    df:1c:40:04:b4:af:e6:7d:99:fa:a1:2f:78:d8:27:
                    2c:90:05:d1:de:45:8e:8e:e9:93:4b:70:3d:71:59:
                    d4:7c:56:7e:06:05:4a:22:2a:3f:88:9d:ac:4f:17:
                    54:77:b4:68:05:f2:a6:12:0d:e4:69:c2:7c:54:3e:
                    2f:16:98:be:7c:15:21:56:03:35:cb:3b:1c:01:f9:
                    27:d8:6d:90:54:41:23:b4:fd:d2:77:46:31:6c:a0:
                    d5:76:0d:53:3a:4e:bc:ef:1e:15:c8:62:89:2c:1c:
                    e1:3e:87:6e:98:19:fa:ac:bc:8c:ef:4e:f6:81:05:
                    86:ae:92:c1:c2:f6:34:b0:45:83:db:9a:cb:b9:f4:
                    3c:3f:b9:d5:dc:09:2b:78:2d:63:5b:d9:de:bb:84:
                    6d:5b:d6:1d:41:28:6a:ce:af:ee:5d:cb:74:50:e2:
                    f2:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:B1:1A:08:4A:98:F2:10:6F:BF:C1:27:D5:E5:E8:43:4C:48:D8:C6
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/07EaCEqY8hBvv8En1eXoQ0xI2MY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:ea:f2:fe:50:08:6a:fe:4c:8a:e7:29:80:16:d3:3e:fc:53:
         f7:86:13:43:4e:e6:23:da:fe:8f:a9:1f:6f:26:d7:ec:6c:24:
         1d:94:81:41:7a:d1:2e:50:a2:d9:68:72:24:e1:42:37:f3:1c:
         0e:1b:ac:ce:90:1d:f8:1e:fc:72:63:3a:d2:c2:ba:26:0e:04:
         f2:18:54:1c:89:81:a9:f5:af:c7:c6:8a:92:76:ac:a3:5f:de:
         ad:7d:75:32:2a:33:38:0f:59:ee:06:63:5d:15:c7:01:25:b2:
         a9:66:29:29:9f:3c:22:66:78:d0:66:7a:4c:1f:01:f9:d6:50:
         6c:90:06:df:e5:29:af:d5:a3:c4:89:3c:30:c9:b2:3f:dd:27:
         d5:c1:0d:ca:9c:57:51:57:f9:7d:5f:0b:66:29:71:99:39:c9:
         1e:91:b4:66:00:aa:38:2f:54:d0:d7:76:b3:5f:73:cd:d2:7e:
         d8:dd:f3:23:0e:09:b2:55:f7:25:f7:8c:35:17:04:29:0e:36:
         c6:1a:6b:cf:73:c6:47:b3:24:84:ef:dc:35:ab:f8:76:99:7e:
         d6:d5:1e:9a:a5:df:46:c1:ca:98:43:9a:ce:36:7f:9d:38:b5:
         a4:cb:75:43:fa:13:63:1f:59:85:34:5f:42:b1:66:5f:e7:ca:
         b6:a6:12:f6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICExswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQzQjExQTA4NEE5OEYy
MTA2RkJGQzEyN0Q1RTVFODQzNEM0OEQ4QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyiiwnXmo/gnP80hl/HgDpGXc51+xMD19TvashNNhK0wJGCz3r
7S110ECNqQFN9nC2ZnDwDcLamTC7iM7z/dEpj56o862+A1lC6mR94xjYkp4/slfp
PHDpwd8cQAS0r+Z9mfqhL3jYJyyQBdHeRY6O6ZNLcD1xWdR8Vn4GBUoiKj+InaxP
F1R3tGgF8qYSDeRpwnxUPi8WmL58FSFWAzXLOxwB+SfYbZBUQSO0/dJ3RjFsoNV2
DVM6TrzvHhXIYoksHOE+h26YGfqsvIzvTvaBBYauksHC9jSwRYPbmsu59Dw/udXc
CSt4LWNb2d67hG1b1h1BKGrOr+5dy3RQ4vKzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU07EaCEqY8hBvv8En1eXoQ0xI2MYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMDdFYUNFcVk4aEJ2djhFbjFlWG9R
MHhJMk1ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLIBDAN
BgkqhkiG9w0BAQsFAAOCAQEAiOry/lAIav5MiucpgBbTPvxT94YTQ07mI9r+j6kf
bybX7GwkHZSBQXrRLlCi2WhyJOFCN/McDhuszpAd+B78cmM60sK6Jg4E8hhUHImB
qfWvx8aKknaso1/erX11MiozOA9Z7gZjXRXHASWyqWYpKZ88ImZ40GZ6TB8B+dZQ
bJAG3+Upr9WjxIk8MMmyP90n1cENypxXUVf5fV8LZilxmTnJHpG0ZgCqOC9U0Nd2
s19zzdJ+2N3zIw4JslX3JfeMNRcEKQ42xhprz3PGR7MkhO/cNav4dpl+1tUemqXf
RsHKmEOazjZ/nTi1pMt1Q/oTYx9ZhTRfQrFmX+fKtqYS9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org