Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/GSE-ADC4FHBQFibI4bOpvw9cVXg.roa
File:                     GSE-ADC4FHBQFibI4bOpvw9cVXg.roa (raw, json)
Hash identifier:          ++5mrXdO47HZMpKb6cJmCgmM0Ui5S4cIf3L3WV/UgdY=
Subject key identifier:   19:21:3E:00:30:B8:14:70:50:16:26:C8:E1:B3:A9:BF:0F:5C:55:78
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       102A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/GSE-ADC4FHBQFibI4bOpvw9cVXg.roa
Signing time:             Tue 16 May 2023 08:35:49 +0000
ROA not before:           Tue 16 May 2023 08:35:49 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24154
IP address blocks:        222.156.246.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4138 (0x102a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:35:49 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=19213E0030B81470501626C8E1B3A9BF0F5C5578
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:fb:02:eb:01:5f:80:48:2c:aa:30:e2:3e:48:
                    80:5b:ef:05:73:51:a1:b7:33:3b:a6:1e:aa:b7:35:
                    a3:4a:e6:8a:a0:bf:0e:27:a3:0a:15:d5:7a:17:36:
                    bf:6c:9b:37:af:4b:10:33:6d:52:51:fa:d8:ee:ed:
                    88:c8:33:26:47:62:90:9f:6a:31:b1:49:18:e6:51:
                    6f:76:62:49:f6:10:3d:c1:0f:e9:58:5a:9f:a2:9b:
                    26:3e:86:5d:db:ab:fb:a9:d8:7d:00:73:50:84:f1:
                    3e:f7:a1:2c:82:ef:06:24:a4:9e:1d:f9:2d:02:71:
                    96:2c:3f:39:d7:a8:71:59:8a:ef:ca:21:0d:3e:c7:
                    70:6c:fd:99:c5:e7:b0:34:0f:b1:64:b4:71:ca:0e:
                    b3:d1:ef:b3:0c:d3:37:18:6d:53:06:75:64:9b:1b:
                    5c:64:b4:28:2b:b5:ff:1a:c3:48:e2:e2:e4:1e:43:
                    e3:45:18:47:e8:f7:3f:48:11:dc:46:dc:a3:88:bf:
                    07:34:12:58:0d:f0:c0:90:e2:fc:d5:d6:4c:df:dc:
                    bd:71:0c:39:62:2c:a9:a2:8f:01:13:b2:c4:a2:c5:
                    55:6f:27:7f:2f:c9:59:40:47:cf:96:57:93:ea:92:
                    2b:60:43:54:a0:41:af:12:17:b8:84:76:07:f2:7c:
                    f0:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:21:3E:00:30:B8:14:70:50:16:26:C8:E1:B3:A9:BF:0F:5C:55:78
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/GSE-ADC4FHBQFibI4bOpvw9cVXg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.156.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:af:29:0a:42:88:69:3d:99:a0:d9:3e:59:bd:0b:4c:1e:25:
         b9:e9:1b:6e:6a:ea:21:aa:94:25:c8:2e:6e:1e:c5:47:7e:84:
         a1:b6:41:66:67:5e:92:06:0c:12:03:e2:45:e0:79:56:b9:d5:
         ef:50:92:de:ea:97:74:92:f0:8f:b2:e6:9e:8a:60:7f:09:97:
         ba:e1:95:d4:64:cc:3d:fa:77:1f:b8:fa:8f:b1:af:2b:a2:88:
         79:f3:f7:80:a8:88:70:6e:66:22:2c:c7:e0:0b:96:75:a8:a7:
         22:7d:e5:82:fc:a0:82:85:de:65:b0:5d:17:fd:12:3e:f6:f1:
         9b:24:ec:a6:93:76:77:fd:30:dc:19:ae:00:7a:6c:78:28:51:
         5b:b3:d1:23:2e:ae:37:e2:f5:75:11:e8:6a:4f:d3:d9:3d:d3:
         ae:cf:d2:42:94:9b:87:d0:0b:6a:4c:fb:10:17:33:a6:6a:15:
         9a:cc:5f:62:16:6f:7e:c4:1c:fd:f8:57:8a:ef:f0:b6:a0:66:
         cb:8a:e3:1e:c4:c4:1c:7d:12:2e:4d:a0:40:b5:e9:ec:47:12:
         4c:47:bc:bb:5e:99:67:7d:ec:b1:8b:4d:2d:df:c5:9f:eb:18:
         a2:10:c9:86:35:0a:5b:6d:e6:42:92:fb:f1:54:92:4d:77:a4:
         2d:11:b8:6b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICECowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM1NDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDE5MjEzRTAwMzBCODE0
NzA1MDE2MjZDOEUxQjNBOUJGMEY1QzU1NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDW+wLrAV+ASCyqMOI+SIBb7wVzUaG3MzumHqq3NaNK5oqgvw4n
owoV1XoXNr9smzevSxAzbVJR+tju7YjIMyZHYpCfajGxSRjmUW92Ykn2ED3BD+lY
Wp+imyY+hl3bq/up2H0Ac1CE8T73oSyC7wYkpJ4d+S0CcZYsPznXqHFZiu/KIQ0+
x3Bs/ZnF57A0D7FktHHKDrPR77MM0zcYbVMGdWSbG1xktCgrtf8aw0ji4uQeQ+NF
GEfo9z9IEdxG3KOIvwc0ElgN8MCQ4vzV1kzf3L1xDDliLKmijwETssSixVVvJ38v
yVlAR8+WV5PqkitgQ1SgQa8SF7iEdgfyfPDFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUGSE+ADC4FHBQFibI4bOpvw9cVXgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvR1NFLUFEQzRGSEJRRmliSTRiT3B2
dzljVlhnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN6c9jAN
BgkqhkiG9w0BAQsFAAOCAQEAdq8pCkKIaT2ZoNk+Wb0LTB4luekbbmrqIaqUJcgu
bh7FR36EobZBZmdekgYMEgPiReB5VrnV71CS3uqXdJLwj7LmnopgfwmXuuGV1GTM
Pfp3H7j6j7GvK6KIefP3gKiIcG5mIizH4AuWdainIn3lgvyggoXeZbBdF/0SPvbx
myTsppN2d/0w3BmuAHpseChRW7PRIy6uN+L1dRHoak/T2T3Trs/SQpSbh9ALakz7
EBczpmoVmsxfYhZvfsQc/fhXiu/wtqBmy4rjHsTEHH0SLk2gQLXp7EcSTEe8u16Z
Z33ssYtNLd/Fn+sYohDJhjUKW23mQpL78VSSTXekLRG4aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org