Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/YGQT2KOe2Z8HMzdFajwiG04_Zs4.roa
File:                     YGQT2KOe2Z8HMzdFajwiG04_Zs4.roa (raw, json)
Hash identifier:          mkC36ZfQyZr74i2X7or1w2C6enaNLS+9GNVD838mo/o=
Subject key identifier:   60:64:13:D8:A3:9E:D9:9F:07:33:37:45:6A:3C:22:1B:4E:3F:66:CE
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12B3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YGQT2KOe2Z8HMzdFajwiG04_Zs4.roa
Signing time:             Fri 01 Sep 2023 08:04:52 +0000
ROA not before:           Fri 01 Sep 2023 08:04:52 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9311
IP address blocks:        210.63.253.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4787 (0x12b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:04:52 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=606413D8A39ED99F073337456A3C221B4E3F66CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:62:40:6b:a7:23:25:b9:b0:c4:84:24:bc:65:
                    09:90:21:3f:28:fc:b5:84:b7:a8:ce:8e:c6:10:11:
                    ec:c3:0d:d9:6c:3c:15:f2:0b:dc:e6:cc:ec:13:40:
                    f6:ed:88:49:40:e2:5b:f8:35:3d:78:b1:1e:26:06:
                    9e:d2:5f:6b:20:10:e0:3c:3c:0f:73:f5:d9:ec:2a:
                    f0:6b:e7:81:f4:46:33:dd:40:78:28:62:82:82:18:
                    09:7d:8b:7c:48:52:39:6a:68:41:bd:59:ad:e2:10:
                    e7:df:d4:f7:3b:74:2f:be:d1:55:eb:93:2e:af:64:
                    02:10:e6:96:65:11:cd:78:d4:14:53:67:dd:03:a4:
                    62:94:c3:6f:65:1f:2b:77:f5:90:cc:9d:0f:24:42:
                    00:63:8f:ea:c2:ea:91:1a:ec:69:14:a0:a6:c4:bd:
                    7a:a5:3a:92:fc:5e:f4:d7:4d:ca:e0:21:84:1e:62:
                    ad:9d:e7:fd:37:3f:24:a4:49:57:51:57:11:22:f0:
                    04:c0:65:e1:c2:7a:84:32:a4:43:1e:a9:a1:a3:2d:
                    73:4d:c6:00:9b:07:71:a0:e7:d8:45:35:c9:d6:99:
                    78:8c:21:93:be:b1:77:c4:7f:33:3e:b1:33:48:7c:
                    8c:6a:55:df:07:9a:91:a0:fd:0e:59:f0:c0:aa:2b:
                    26:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:64:13:D8:A3:9E:D9:9F:07:33:37:45:6A:3C:22:1B:4E:3F:66:CE
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YGQT2KOe2Z8HMzdFajwiG04_Zs4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.63.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:b4:b2:98:c4:b6:c1:e7:eb:b6:d9:70:4c:79:b9:93:65:7c:
         e7:0e:0f:52:6e:a9:5f:76:d5:80:2e:4e:4f:71:dc:30:c8:c6:
         6e:60:d0:63:16:02:6f:5a:9a:6a:6c:28:cf:27:64:90:b5:96:
         34:59:6f:4d:d7:68:a2:1a:ce:6d:d6:a4:30:06:f8:f7:b1:dd:
         c0:36:b2:71:7b:55:cf:7a:cc:1f:41:fe:54:77:f4:0c:9f:7d:
         8c:72:39:d4:82:ad:cf:1d:b9:bc:8c:7c:aa:e6:b8:0b:fe:48:
         3e:03:0a:ed:77:c4:f1:98:cd:22:63:51:98:b4:10:cb:50:4c:
         92:6e:36:a2:23:6a:e3:03:0a:26:11:36:17:c8:45:00:14:ae:
         a3:6e:f5:0c:41:f4:5a:50:60:a4:1a:1c:f8:50:ea:41:1e:b5:
         51:27:37:f8:11:7c:6f:71:49:9c:1a:a1:95:cd:d9:38:b9:c8:
         08:81:e1:f8:15:24:07:d0:1e:b7:2e:68:da:2f:9f:68:49:aa:
         bb:cb:10:39:91:de:29:e7:a4:8c:55:3a:3c:3d:88:d9:9c:23:
         d8:0c:f6:62:8d:45:66:40:44:75:da:ef:38:d9:69:15:aa:c6:
         ea:bb:e0:ad:d0:5b:cb:ea:14:fe:7c:c2:5a:31:5a:ec:52:b1:
         52:c3:d1:5a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICErMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDYwNjQxM0Q4QTM5RUQ5
OUYwNzMzMzc0NTZBM0MyMjFCNEUzRjY2Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkYkBrpyMlubDEhCS8ZQmQIT8o/LWEt6jOjsYQEezDDdlsPBXy
C9zmzOwTQPbtiElA4lv4NT14sR4mBp7SX2sgEOA8PA9z9dnsKvBr54H0RjPdQHgo
YoKCGAl9i3xIUjlqaEG9Wa3iEOff1Pc7dC++0VXrky6vZAIQ5pZlEc141BRTZ90D
pGKUw29lHyt39ZDMnQ8kQgBjj+rC6pEa7GkUoKbEvXqlOpL8XvTXTcrgIYQeYq2d
5/03PySkSVdRVxEi8ATAZeHCeoQypEMeqaGjLXNNxgCbB3Gg59hFNcnWmXiMIZO+
sXfEfzM+sTNIfIxqVd8HmpGg/Q5Z8MCqKyafAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYGQT2KOe2Z8HMzdFajwiG04/Zs4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWUdRVDJLT2UyWjhITXpkRmFqd2lH
MDRfWnM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI//TAN
BgkqhkiG9w0BAQsFAAOCAQEAOrSymMS2wefrttlwTHm5k2V85w4PUm6pX3bVgC5O
T3HcMMjGbmDQYxYCb1qaamwozydkkLWWNFlvTddoohrObdakMAb497HdwDaycXtV
z3rMH0H+VHf0DJ99jHI51IKtzx25vIx8qua4C/5IPgMK7XfE8ZjNImNRmLQQy1BM
km42oiNq4wMKJhE2F8hFABSuo271DEH0WlBgpBoc+FDqQR61USc3+BF8b3FJnBqh
lc3ZOLnICIHh+BUkB9Aety5o2i+faEmqu8sQOZHeKeekjFU6PD2I2Zwj2Az2Yo1F
ZkBEddrvONlpFarG6rvgrdBby+oU/nzCWjFa7FKxUsPRWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org