Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/rg1UaB14u8ChVZZ5b2hPK5Yj08Y.roa
File:                     rg1UaB14u8ChVZZ5b2hPK5Yj08Y.roa (raw, json)
Hash identifier:          OS95Gxw+586G6vwPeXi+PXJTMWOjko0LD/3IqFbH4rc=
Subject key identifier:   AE:0D:54:68:1D:78:BB:C0:A1:55:96:79:6F:68:4F:2B:96:23:D3:C6
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1066
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rg1UaB14u8ChVZZ5b2hPK5Yj08Y.roa
Signing time:             Tue 16 May 2023 08:36:09 +0000
ROA not before:           Tue 16 May 2023 08:36:09 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24154
IP address blocks:        210.202.0.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4198 (0x1066)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:09 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=AE0D54681D78BBC0A15596796F684F2B9623D3C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:be:38:7e:fe:bc:08:72:9e:73:af:34:3e:8a:
                    30:c3:63:83:46:5a:cd:0f:65:c4:26:2c:6f:07:52:
                    d2:0f:09:7c:f3:e9:0c:43:5c:49:b3:2f:91:db:ea:
                    13:e6:3b:5d:88:ce:25:10:3e:3c:be:10:0d:77:25:
                    ab:84:aa:32:15:f2:22:ae:25:59:78:e0:b3:e6:3b:
                    03:b4:8a:1d:83:09:21:d6:c2:d9:cd:15:63:1e:fd:
                    d3:5f:14:68:12:ed:6e:34:a7:f5:dc:94:3c:40:3c:
                    51:9d:2d:e9:45:35:86:1c:e4:5c:52:42:ad:3b:69:
                    b1:32:2a:a2:f3:b9:42:04:63:b7:b5:7d:51:f0:27:
                    c0:fe:ab:f7:4b:e6:61:c5:d8:98:92:19:08:d9:b4:
                    8c:bb:02:f1:89:84:ef:fe:cc:60:27:41:b0:3b:9d:
                    2a:2a:71:06:f2:16:45:61:45:99:74:a5:ae:77:fc:
                    b2:ac:b2:2b:55:c1:ee:cb:35:e4:5a:6b:53:58:c4:
                    13:48:53:72:7f:53:0e:ce:6e:2d:79:e8:b5:f0:bc:
                    1b:bb:37:47:98:c7:7f:90:18:b7:30:90:4f:c0:45:
                    cd:12:68:c8:8c:2e:fa:09:ee:be:00:48:51:02:a2:
                    3b:6a:6b:bf:4b:61:d2:8d:87:57:73:30:e9:d1:be:
                    de:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:0D:54:68:1D:78:BB:C0:A1:55:96:79:6F:68:4F:2B:96:23:D3:C6
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rg1UaB14u8ChVZZ5b2hPK5Yj08Y.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.202.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         1f:d4:40:c8:ab:f8:79:e4:5a:a9:53:63:40:9d:ba:97:05:71:
         fe:4b:61:49:05:d8:27:eb:d0:31:dd:94:61:2b:06:ee:ac:da:
         d7:c3:b0:55:ff:f2:c4:5d:7c:da:43:4d:bd:21:a9:d1:82:5a:
         8a:4f:7d:87:ad:48:8f:7a:e2:e9:f3:00:bf:4b:4c:db:86:5d:
         6e:ea:3a:29:8c:0b:bd:c6:6b:cb:2c:ad:3e:fa:a1:49:ed:8f:
         aa:61:1a:21:66:95:ce:33:ca:1c:0f:87:e0:58:69:53:50:4e:
         e2:22:a8:b8:fc:66:7b:f7:68:58:a8:e7:da:c6:08:78:89:77:
         1c:b8:e3:fe:e9:b7:c8:ed:05:15:a7:c0:0d:c2:e2:c8:b5:f1:
         98:5d:32:d5:20:08:17:8b:e7:34:35:b7:8b:e0:fb:8b:e1:f0:
         44:2f:63:fa:3a:e4:84:34:96:8a:6c:14:44:02:29:43:26:5c:
         c5:61:51:31:c6:3e:5c:b5:b5:22:de:03:8f:51:9d:9f:f4:a9:
         ff:38:47:48:bd:7d:38:7b:04:8c:79:c0:ca:a9:8f:8b:b9:33:
         c3:0c:dd:d1:62:b8:4e:89:b1:d7:bd:3b:f4:a3:dd:5d:12:b8:
         7f:a8:10:05:e4:29:e8:15:95:a4:06:26:07:d0:b7:91:82:fa:
         36:bd:45:74
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFFMEQ1NDY4MUQ3OEJC
QzBBMTU1OTY3OTZGNjg0RjJCOTYyM0QzQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtvjh+/rwIcp5zrzQ+ijDDY4NGWs0PZcQmLG8HUtIPCXzz6QxD
XEmzL5Hb6hPmO12IziUQPjy+EA13JauEqjIV8iKuJVl44LPmOwO0ih2DCSHWwtnN
FWMe/dNfFGgS7W40p/XclDxAPFGdLelFNYYc5FxSQq07abEyKqLzuUIEY7e1fVHw
J8D+q/dL5mHF2JiSGQjZtIy7AvGJhO/+zGAnQbA7nSoqcQbyFkVhRZl0pa53/LKs
sitVwe7LNeRaa1NYxBNIU3J/Uw7Obi156LXwvBu7N0eYx3+QGLcwkE/ARc0SaMiM
LvoJ7r4ASFECojtqa79LYdKNh1dzMOnRvt4PAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUrg1UaB14u8ChVZZ5b2hPK5Yj08YwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcmcxVWFCMTR1OENoVlpaNWIyaFBL
NVlqMDhZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdLKADAN
BgkqhkiG9w0BAQsFAAOCAQEAH9RAyKv4eeRaqVNjQJ26lwVx/kthSQXYJ+vQMd2U
YSsG7qza18OwVf/yxF182kNNvSGp0YJaik99h61Ij3ri6fMAv0tM24Zdbuo6KYwL
vcZryyytPvqhSe2PqmEaIWaVzjPKHA+H4FhpU1BO4iKouPxme/doWKjn2sYIeIl3
HLjj/um3yO0FFafADcLiyLXxmF0y1SAIF4vnNDW3i+D7i+HwRC9j+jrkhDSWimwU
RAIpQyZcxWFRMcY+XLW1It4Dj1Gdn/Sp/zhHSL19OHsEjHnAyqmPi7kzwwzd0WK4
Tomx17079KPdXRK4f6gQBeQp6BWVpAYmB9C3kYL6Nr1FdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org