Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/2IiVAe9sM4z-FVvoCMdzrn9Wg7o.roa
File:                     2IiVAe9sM4z-FVvoCMdzrn9Wg7o.roa (raw, json)
Hash identifier:          CVbIitWtMPRtxvaCpvXnPAYm0hyiPLmfp+0vLk8y5sc=
Subject key identifier:   D8:88:95:01:EF:6C:33:8C:FE:15:5B:E8:08:C7:73:AE:7F:56:83:BA
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       125D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2IiVAe9sM4z-FVvoCMdzrn9Wg7o.roa
Signing time:             Fri 01 Sep 2023 08:04:22 +0000
ROA not before:           Fri 01 Sep 2023 08:04:22 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131627
IP address blocks:        219.91.68.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4701 (0x125d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:04:22 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=D8889501EF6C338CFE155BE808C773AE7F5683BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:0d:8e:4e:b8:f1:84:0e:32:54:85:3f:95:36:
                    44:36:5e:77:b5:17:a3:5b:15:6b:49:92:8e:d5:19:
                    d2:92:75:ba:63:c2:f4:c9:80:46:71:cb:a6:bd:25:
                    c6:2b:b6:2a:d3:c6:85:64:f9:0d:5d:52:12:f5:7b:
                    9b:e7:9c:a2:8e:5c:49:aa:75:f9:1c:8a:a4:27:22:
                    42:be:09:42:e4:52:70:9c:48:e0:72:84:62:3a:f7:
                    60:d0:c7:cd:de:d1:2a:01:ea:af:1d:4c:54:cf:6d:
                    f8:8e:79:d4:d0:c4:0e:33:65:a1:b5:40:4b:99:fd:
                    9f:84:8e:5b:a7:46:ba:c7:f8:dd:b7:80:ae:45:c3:
                    0d:de:01:58:61:b7:76:4f:42:96:15:c2:57:0d:ae:
                    f6:68:5f:ca:44:d0:9e:bd:68:6f:e5:a9:d8:7b:ed:
                    87:44:f9:ae:8d:7e:17:ce:eb:9b:c2:8d:b0:34:52:
                    70:eb:8c:0c:ab:9e:4e:87:ca:58:6f:81:4a:3d:30:
                    07:c6:fa:7f:21:cf:1c:bc:54:9f:fe:2f:70:3f:ad:
                    14:5c:85:46:1c:d5:d3:09:ce:2d:d6:07:4e:7c:07:
                    d6:b8:3f:b5:9c:5c:1f:e0:26:17:5d:9c:21:f1:0a:
                    90:0c:9f:aa:d8:91:e0:8f:2f:f1:9c:a9:d4:a3:e1:
                    03:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:88:95:01:EF:6C:33:8C:FE:15:5B:E8:08:C7:73:AE:7F:56:83:BA
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2IiVAe9sM4z-FVvoCMdzrn9Wg7o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.91.68.0/23

    Signature Algorithm: sha256WithRSAEncryption
         30:55:95:98:ad:d2:4e:29:50:f6:3e:d9:a9:6b:39:e1:45:e3:
         25:f2:22:65:bd:6a:7b:ab:b3:87:29:e8:0d:ec:61:92:d0:ce:
         72:56:05:8b:0d:6c:23:06:9d:fa:c1:6a:dc:65:c2:64:f8:53:
         e9:17:36:b7:e9:c5:a1:95:88:d9:fe:57:6d:a7:cf:59:f3:c5:
         67:d8:37:5b:85:9b:bd:c8:f5:ce:4a:83:3f:a7:3c:55:d7:4c:
         88:3a:ce:86:6b:b8:95:17:28:e2:54:56:b6:ff:3a:59:3a:cc:
         8c:7a:e1:0d:fa:48:1c:06:7d:c2:83:81:b2:3d:b7:7a:eb:1c:
         6e:c5:e3:a3:f8:a5:52:c1:f9:51:3b:8f:83:78:bf:d7:53:3a:
         82:1d:80:60:b1:68:a7:0b:1d:dc:8d:eb:d6:77:b8:69:dc:70:
         88:2f:96:2e:a5:34:62:e2:ec:00:52:d9:ac:4f:5f:06:4b:3e:
         ca:64:d4:71:cf:08:b6:59:23:6b:5e:f5:20:a2:2a:a5:98:9d:
         0b:dc:73:86:3b:ee:f7:1c:eb:d6:6a:d5:5d:57:68:79:37:6a:
         95:d2:46:1b:be:d1:1a:91:34:04:e3:a2:6f:f0:df:fa:82:c2:
         85:9f:f2:c7:88:eb:a8:a9:db:1d:73:75:d5:8b:98:09:aa:36:
         e9:b9:7a:57
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ4ODg5NTAxRUY2QzMz
OENGRTE1NUJFODA4Qzc3M0FFN0Y1NjgzQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeDY5OuPGEDjJUhT+VNkQ2Xne1F6NbFWtJko7VGdKSdbpjwvTJ
gEZxy6a9JcYrtirTxoVk+Q1dUhL1e5vnnKKOXEmqdfkciqQnIkK+CULkUnCcSOBy
hGI692DQx83e0SoB6q8dTFTPbfiOedTQxA4zZaG1QEuZ/Z+EjlunRrrH+N23gK5F
ww3eAVhht3ZPQpYVwlcNrvZoX8pE0J69aG/lqdh77YdE+a6NfhfO65vCjbA0UnDr
jAyrnk6HylhvgUo9MAfG+n8hzxy8VJ/+L3A/rRRchUYc1dMJzi3WB058B9a4P7Wc
XB/gJhddnCHxCpAMn6rYkeCPL/GcqdSj4QNLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2IiVAe9sM4z+FVvoCMdzrn9Wg7owHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMklpVkFlOXNNNHotRlZ2b0NNZHpy
bjlXZzdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdtbRDAN
BgkqhkiG9w0BAQsFAAOCAQEAMFWVmK3STilQ9j7ZqWs54UXjJfIiZb1qe6uzhyno
DexhktDOclYFiw1sIwad+sFq3GXCZPhT6Rc2t+nFoZWI2f5XbafPWfPFZ9g3W4Wb
vcj1zkqDP6c8VddMiDrOhmu4lRco4lRWtv86WTrMjHrhDfpIHAZ9woOBsj23eusc
bsXjo/ilUsH5UTuPg3i/11M6gh2AYLFopwsd3I3r1ne4adxwiC+WLqU0YuLsAFLZ
rE9fBks+ymTUcc8Itlkja171IKIqpZidC9xzhjvu9xzr1mrVXVdoeTdqldJGG77R
GpE0BOOib/Df+oLChZ/yx4jrqKnbHXN11YuYCao26bl6Vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org