Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/oVf6e5dNhUGlm7MW7SNC-Z-kzXM.roa
File:                     oVf6e5dNhUGlm7MW7SNC-Z-kzXM.roa (raw, json)
Hash identifier:          m6OvpVSU1R0UfWBgpze80g2RIe7TFdw0Gm+USxQ44ak=
Subject key identifier:   A1:57:FA:7B:97:4D:85:41:A5:9B:B3:16:ED:23:42:F9:9F:A4:CD:73
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       10A2
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oVf6e5dNhUGlm7MW7SNC-Z-kzXM.roa
Signing time:             Tue 16 May 2023 08:36:25 +0000
ROA not before:           Tue 16 May 2023 08:36:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131142
IP address blocks:        210.200.80.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4258 (0x10a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:25 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A157FA7B974D8541A59BB316ED2342F99FA4CD73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a4:f9:23:f8:c9:cd:d8:68:8b:f8:96:dc:60:
                    7f:fc:28:c1:7f:d9:6b:3e:8a:91:37:fb:f1:e5:86:
                    54:f1:53:76:73:22:a9:7e:f2:c7:f6:6f:a2:68:c1:
                    9f:e9:2d:90:2e:56:b0:be:ea:d6:b3:db:e7:ca:74:
                    ea:4e:b3:24:6a:f5:d7:f6:30:d8:7f:7d:14:17:76:
                    27:52:9f:60:c4:5b:16:49:74:c1:47:d0:b2:37:12:
                    fa:fe:95:3a:19:65:a5:b3:5c:e7:c0:01:dc:ee:38:
                    0d:70:29:0e:57:a7:10:1b:61:e0:0a:80:80:06:75:
                    8e:3e:36:a1:25:e0:03:be:1f:d4:f9:3a:71:6c:bb:
                    ee:d0:99:0b:b3:bc:97:92:6a:d0:43:89:a4:92:2c:
                    95:fd:00:e3:f4:8a:91:f1:bc:05:97:d3:8c:61:bb:
                    ce:8c:fd:09:d6:10:46:03:87:38:38:6b:89:34:a3:
                    33:18:33:4b:65:47:25:01:83:57:dc:52:34:83:df:
                    ac:29:90:24:60:3a:c6:fb:76:47:88:0b:f2:11:76:
                    1c:dc:f5:62:1f:10:c9:f5:6b:3a:95:df:27:a3:98:
                    70:99:13:bb:45:17:40:50:1b:ca:86:31:24:82:6b:
                    25:aa:e9:ce:5f:c6:83:bb:2c:a3:d8:ee:55:12:ee:
                    fd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:57:FA:7B:97:4D:85:41:A5:9B:B3:16:ED:23:42:F9:9F:A4:CD:73
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oVf6e5dNhUGlm7MW7SNC-Z-kzXM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ad:2a:71:af:a1:67:86:f3:78:92:5b:03:d0:f4:6f:6d:e2:e9:
         f1:98:69:a1:19:7e:66:3f:e9:14:bc:54:3e:9b:b1:fe:a9:e4:
         61:f1:df:3e:e5:68:8e:1c:ad:fc:21:ee:28:62:d4:7c:7e:1a:
         f7:5d:a0:d9:5f:c0:20:7d:65:0e:c9:1d:27:38:12:f8:b3:cd:
         7e:b0:ba:33:6c:74:30:33:1a:94:71:68:e4:cf:39:d3:61:78:
         18:d2:7b:b7:24:63:e1:ca:f8:48:ef:85:d4:b1:f2:f2:e4:e2:
         08:64:53:3d:a0:1c:53:16:ef:82:d0:7f:ae:b1:b0:b6:b5:24:
         7f:71:8b:3e:75:96:d6:b2:d8:6e:95:ea:61:f9:fa:30:a7:9d:
         fe:48:22:f1:ed:c1:1c:3f:82:17:e8:ae:08:2d:4f:1f:fa:60:
         5e:4c:33:67:05:0a:8a:69:79:e8:fe:fa:c1:36:f3:8f:dd:23:
         b3:a9:f7:62:fe:17:5c:5c:67:c9:b8:cc:36:d7:59:f7:64:7d:
         41:8a:73:d1:76:81:66:37:cd:77:a3:e5:d2:b4:7d:07:7f:15:
         75:be:73:e5:c6:69:c5:e1:7e:40:a6:a2:ff:1f:c1:2a:f4:a5:
         55:1b:b3:d6:6a:e5:25:37:9b:f4:36:88:9f:2e:f8:b8:0a:1e:
         c2:62:87:08
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEExNTdGQTdCOTc0RDg1
NDFBNTlCQjMxNkVEMjM0MkY5OUZBNENENzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+pPkj+MnN2GiL+JbcYH/8KMF/2Ws+ipE3+/HlhlTxU3ZzIql+
8sf2b6JowZ/pLZAuVrC+6taz2+fKdOpOsyRq9df2MNh/fRQXdidSn2DEWxZJdMFH
0LI3Evr+lToZZaWzXOfAAdzuOA1wKQ5XpxAbYeAKgIAGdY4+NqEl4AO+H9T5OnFs
u+7QmQuzvJeSatBDiaSSLJX9AOP0ipHxvAWX04xhu86M/QnWEEYDhzg4a4k0ozMY
M0tlRyUBg1fcUjSD36wpkCRgOsb7dkeIC/IRdhzc9WIfEMn1azqV3yejmHCZE7tF
F0BQG8qGMSSCayWq6c5fxoO7LKPY7lUS7v2FAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUoVf6e5dNhUGlm7MW7SNC+Z+kzXMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvb1ZmNmU1ZE5oVUdsbTdNVzdTTkMt
Wi1relhNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLIUDAN
BgkqhkiG9w0BAQsFAAOCAQEArSpxr6FnhvN4klsD0PRvbeLp8ZhpoRl+Zj/pFLxU
Ppux/qnkYfHfPuVojhyt/CHuKGLUfH4a912g2V/AIH1lDskdJzgS+LPNfrC6M2x0
MDMalHFo5M8502F4GNJ7tyRj4cr4SO+F1LHy8uTiCGRTPaAcUxbvgtB/rrGwtrUk
f3GLPnWW1rLYbpXqYfn6MKed/kgi8e3BHD+CF+iuCC1PH/pgXkwzZwUKiml56P76
wTbzj90js6n3Yv4XXFxnybjMNtdZ92R9QYpz0XaBZjfNd6Pl0rR9B38Vdb5z5cZp
xeF+QKai/x/BKvSlVRuz1mrlJTeb9DaIny74uAoewmKHCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org