Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ASNET/VjmDKKlgs4IhnIF-usUKuBmFVGQ.roa
File:                     VjmDKKlgs4IhnIF-usUKuBmFVGQ.roa (raw, json)
Hash identifier:          KAjWIEJMlOFrtNx99cFaTElHnxYcqr7xoEiL34P3MOg=
Subject key identifier:   56:39:83:28:A9:60:B3:82:21:9C:81:7E:BA:C5:0A:B8:19:85:54:64
Certificate issuer:       /CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
Certificate serial:       0B2F
Authority key identifier: 70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/VjmDKKlgs4IhnIF-usUKuBmFVGQ.roa
Signing time:             Fri 01 Sep 2023 08:24:03 +0000
ROA not before:           Fri 01 Sep 2023 08:24:03 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9264
IP address blocks:        2403:c240::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2863 (0xb2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
        Validity
            Not Before: Sep  1 08:24:03 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=56398328A960B382219C817EBAC50AB819855464
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:77:e2:90:35:e8:03:e9:99:5e:f6:51:7f:2d:
                    70:9d:c8:ed:49:4a:6d:c1:84:99:1b:c1:21:69:23:
                    6c:f7:d7:ec:83:d5:07:46:0b:d6:9e:e4:db:1f:dc:
                    3e:8d:5b:3c:09:d7:1c:e9:88:7a:1b:4c:80:5f:e4:
                    bf:5b:6f:04:94:e9:18:de:1a:2c:81:89:4e:a8:31:
                    a6:7e:f6:de:84:b5:62:d0:e0:ce:24:95:ec:3f:ba:
                    c7:82:33:59:c3:b1:b3:e3:19:75:6c:21:ff:67:9b:
                    d6:53:7d:27:db:8c:7e:64:e9:36:d7:2d:19:d9:ba:
                    e5:65:20:4b:90:8e:e1:28:b7:f4:ab:c5:a4:e6:fd:
                    b9:8d:19:ce:ca:a4:76:d1:98:d6:99:b8:45:77:9a:
                    28:e2:ed:fc:dd:9a:a6:a1:2f:b8:b4:ed:a8:0c:47:
                    fc:01:29:f3:cc:2b:a9:34:e8:0d:ed:8e:f5:8f:75:
                    f4:b5:43:7b:10:91:d3:31:cb:1a:0c:05:cb:d7:0a:
                    eb:03:ec:98:b0:c5:39:80:d4:e1:b0:11:dd:29:33:
                    b7:76:3c:5b:53:5e:8b:39:40:19:6a:69:0b:87:8c:
                    9f:0a:35:0b:dd:02:29:9d:d0:8b:14:71:b1:e3:ae:
                    cc:89:da:0e:90:1b:1f:a6:78:4e:fd:39:11:52:f1:
                    1d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:39:83:28:A9:60:B3:82:21:9C:81:7E:BA:C5:0A:B8:19:85:54:64
            X509v3 Authority Key Identifier:
                keyid:70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/cJhPAIyij2R120JjU7_RxDPYvBo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/VjmDKKlgs4IhnIF-usUKuBmFVGQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:c240::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:12:04:c6:93:c3:d1:16:2a:0b:e7:bd:77:ba:74:ba:29:41:
         3c:ab:47:14:eb:e3:58:2b:9f:47:36:4c:84:e0:63:3b:b6:c2:
         ca:0d:90:90:27:f8:6f:e7:0a:c5:2f:b1:3e:08:0c:f6:af:9b:
         51:69:db:60:81:88:39:c5:62:8d:da:40:83:ad:d3:57:3f:f8:
         d6:32:cc:93:14:32:95:c0:2f:61:c8:d3:56:47:04:9c:60:2d:
         69:c7:53:fa:1e:7f:a2:24:01:9f:0d:1f:77:19:45:6e:71:07:
         8a:e6:7d:57:3b:0c:36:4b:f6:c7:e2:b1:28:36:01:db:94:fe:
         1b:6d:e4:2b:56:ab:71:0a:75:97:24:a7:72:84:e0:b3:22:39:
         94:bd:7b:a3:7b:87:27:29:66:fa:dd:e0:dd:49:9e:ad:bd:0e:
         c6:4b:1a:7a:de:8a:3a:5b:72:0d:b3:3f:24:e3:3e:4d:d0:ea:
         59:96:18:43:01:8f:3f:c5:a1:63:23:5d:ea:c7:e8:c7:b0:66:
         5c:a0:85:8c:85:16:7a:3d:a9:63:ff:ef:24:53:b4:05:17:ba:
         1d:b8:17:11:5f:e2:98:75:b7:3d:47:c9:f7:66:92:00:d0:f9:
         5c:4e:01:8a:7f:a3:0c:02:3d:8c:c2:a1:7b:2b:5d:2c:2a:c6:
         e5:8b:6c:50
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCy8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA5
ODRGMDA4Q0EyOEY2NDc1REI0MjYzNTNCRkQxQzQzM0Q4QkMxQTAeFw0yMzA5MDEw
ODI0MDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDU2Mzk4MzI4QTk2MEIz
ODIyMTlDODE3RUJBQzUwQUI4MTk4NTU0NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrd+KQNegD6Zle9lF/LXCdyO1JSm3BhJkbwSFpI2z31+yD1QdG
C9ae5Nsf3D6NWzwJ1xzpiHobTIBf5L9bbwSU6RjeGiyBiU6oMaZ+9t6EtWLQ4M4k
lew/useCM1nDsbPjGXVsIf9nm9ZTfSfbjH5k6TbXLRnZuuVlIEuQjuEot/SrxaTm
/bmNGc7KpHbRmNaZuEV3miji7fzdmqahL7i07agMR/wBKfPMK6k06A3tjvWPdfS1
Q3sQkdMxyxoMBcvXCusD7JiwxTmA1OGwEd0pM7d2PFtTXos5QBlqaQuHjJ8KNQvd
Aimd0IsUcbHjrsyJ2g6QGx+meE79ORFS8R05AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUVjmDKKlgs4IhnIF+usUKuBmFVGQwHwYDVR0jBBgwFoAUcJhPAIyij2R120Jj
U7/RxDPYvBowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVNORVQv
Y0poUEFJeWlqMlIxMjBKalU3X1J4RFBZdkJvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9jSmhQQUl5aWoyUjEyMEpqVTdfUnhEUFl2Qm8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BU05FVC9Wam1ES0tsZ3M0SWhuSUYtdXNV
S3VCbUZWR1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAPC
QDANBgkqhkiG9w0BAQsFAAOCAQEAZRIExpPD0RYqC+e9d7p0uilBPKtHFOvjWCuf
RzZMhOBjO7bCyg2QkCf4b+cKxS+xPggM9q+bUWnbYIGIOcVijdpAg63TVz/41jLM
kxQylcAvYcjTVkcEnGAtacdT+h5/oiQBnw0fdxlFbnEHiuZ9VzsMNkv2x+KxKDYB
25T+G23kK1arcQp1lySncoTgsyI5lL17o3uHJylm+t3g3Umerb0Oxksaet6KOlty
DbM/JOM+TdDqWZYYQwGPP8WhYyNd6sfox7BmXKCFjIUWej2pY//vJFO0BRe6HbgX
EV/imHW3PUfJ92aSAND5XE4Bin+jDAI9jMKheytdLCrG5YtsUA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org