Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/vvH_kWVed0AMk65NGyva7_SUp8I.roa
File:                     vvH_kWVed0AMk65NGyva7_SUp8I.roa (raw, json)
Hash identifier:          2hStsOss3cxm1v0rDulhm3fdxYt2IK3o1q6015crNzA=
Subject key identifier:   BE:F1:FF:91:65:5E:77:40:0C:93:AE:4D:1B:2B:DA:EF:F4:94:A7:C2
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1265
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/vvH_kWVed0AMk65NGyva7_SUp8I.roa
Signing time:             Fri 01 Sep 2023 08:04:24 +0000
ROA not before:           Fri 01 Sep 2023 08:04:24 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        210.63.216.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4709 (0x1265)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:04:24 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=BEF1FF91655E77400C93AE4D1B2BDAEFF494A7C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ae:fb:6e:74:02:13:fb:8f:73:49:dc:a5:86:
                    f2:a3:12:52:36:ec:c0:c5:3a:04:dc:23:20:64:38:
                    c9:de:85:27:e9:5a:ba:30:00:df:90:ba:51:46:ff:
                    77:b9:48:64:15:dd:01:8d:d2:ac:19:36:62:ed:0e:
                    92:4c:dd:cb:a0:e1:71:c3:d0:bc:ee:9c:92:53:a7:
                    e4:16:41:a4:76:fb:c7:e0:e4:18:c6:45:d4:47:88:
                    ce:59:14:81:cc:3c:3b:7e:ab:3d:60:91:fa:33:7f:
                    d0:0f:28:a0:da:33:32:09:60:2a:32:f2:e0:ac:0e:
                    52:2f:47:5f:9f:86:90:c8:e5:1f:76:86:c6:aa:fe:
                    ed:eb:04:4d:ce:25:af:8e:65:b3:45:88:f4:63:44:
                    df:f3:c5:e0:97:8f:de:e0:b7:4b:bf:8f:e9:88:1a:
                    71:72:8a:5a:a6:66:8e:42:98:02:a0:3f:e4:c6:33:
                    7a:09:65:43:62:13:8e:1f:e5:53:8a:3f:98:9d:d6:
                    5a:2d:6e:29:c0:43:fc:e3:dd:19:58:3e:78:21:17:
                    4f:5b:37:4c:4e:77:bd:25:db:ac:03:34:7d:82:1d:
                    d9:fd:6c:4b:07:8e:78:bc:c5:f3:e4:42:a1:b4:7d:
                    3b:be:66:74:80:14:8f:65:da:6a:c7:15:3f:b9:1f:
                    8c:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:F1:FF:91:65:5E:77:40:0C:93:AE:4D:1B:2B:DA:EF:F4:94:A7:C2
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/vvH_kWVed0AMk65NGyva7_SUp8I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.63.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:46:5b:23:c7:53:33:63:97:ea:0c:88:16:31:bb:40:30:ab:
         ac:59:f7:2f:72:48:3f:e9:e0:88:00:8a:fb:37:5e:b0:55:74:
         12:51:1c:dc:cd:9f:89:c3:e8:08:54:e3:21:65:bc:49:56:44:
         26:7b:16:e1:dd:03:9d:72:31:89:7b:24:58:21:0c:47:a5:47:
         46:cb:81:f9:09:54:da:ad:5a:74:c7:78:74:36:c9:e6:39:99:
         d7:ea:c0:85:54:ce:c6:ca:ae:75:a8:47:09:f9:92:00:64:15:
         3a:d0:f2:2b:5f:f3:00:8a:9b:4d:38:91:70:80:0d:09:13:db:
         29:72:a0:40:3c:31:04:89:8a:77:60:7c:61:33:4a:83:ef:4c:
         9f:88:cb:9f:4e:cf:c7:66:1c:ee:d5:9f:1c:e7:5a:34:bc:8b:
         1e:61:90:db:d5:71:5a:e5:56:21:7f:73:5b:2f:51:37:8b:34:
         da:e3:62:78:77:79:da:84:40:cf:da:7a:fd:a8:92:ec:2c:d7:
         0d:06:43:4b:97:1d:cd:2f:4f:51:b7:19:27:5d:41:b0:0b:14:
         15:a6:1d:67:27:bf:a5:e8:3c:fb:86:10:14:2d:f4:5b:62:48:
         aa:19:cb:9c:5b:40:62:e5:ca:75:25:a1:b6:71:af:60:48:d4:
         9d:7f:64:4e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEmUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEJFRjFGRjkxNjU1RTc3
NDAwQzkzQUU0RDFCMkJEQUVGRjQ5NEE3QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2rvtudAIT+49zSdylhvKjElI27MDFOgTcIyBkOMnehSfpWrow
AN+QulFG/3e5SGQV3QGN0qwZNmLtDpJM3cug4XHD0LzunJJTp+QWQaR2+8fg5BjG
RdRHiM5ZFIHMPDt+qz1gkfozf9APKKDaMzIJYCoy8uCsDlIvR1+fhpDI5R92hsaq
/u3rBE3OJa+OZbNFiPRjRN/zxeCXj97gt0u/j+mIGnFyilqmZo5CmAKgP+TGM3oJ
ZUNiE44f5VOKP5id1lotbinAQ/zj3RlYPnghF09bN0xOd70l26wDNH2CHdn9bEsH
jni8xfPkQqG0fTu+ZnSAFI9l2mrHFT+5H4xlAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUvvH/kWVed0AMk65NGyva7/SUp8IwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdnZIX2tXVmVkMEFNazY1Tkd5dmE3
X1NVcDhJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtI/2DAN
BgkqhkiG9w0BAQsFAAOCAQEAo0ZbI8dTM2OX6gyIFjG7QDCrrFn3L3JIP+ngiACK
+zdesFV0ElEc3M2ficPoCFTjIWW8SVZEJnsW4d0DnXIxiXskWCEMR6VHRsuB+QlU
2q1adMd4dDbJ5jmZ1+rAhVTOxsqudahHCfmSAGQVOtDyK1/zAIqbTTiRcIANCRPb
KXKgQDwxBImKd2B8YTNKg+9Mn4jLn07Px2Yc7tWfHOdaNLyLHmGQ29VxWuVWIX9z
Wy9RN4s02uNieHd52oRAz9p6/aiS7CzXDQZDS5cdzS9PUbcZJ11BsAsUFaYdZye/
peg8+4YQFC30W2JIqhnLnFtAYuXKdSWhtnGvYEjUnX9kTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org