Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/UKsREdJ0-XUtCR7Gsm5ST7P5C8o.roa
File:                     UKsREdJ0-XUtCR7Gsm5ST7P5C8o.roa (raw, json)
Hash identifier:          dSHmexC680mEdk0WUiAFAD0k32+9+DfjhMdYITX/MXE=
Subject key identifier:   50:AB:11:11:D2:74:F9:75:2D:09:1E:C6:B2:6E:52:4F:B3:F9:0B:CA
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0F5F
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/UKsREdJ0-XUtCR7Gsm5ST7P5C8o.roa
Signing time:             Fri 01 Sep 2023 08:29:03 +0000
ROA not before:           Fri 01 Sep 2023 08:29:03 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131627
IP address blocks:        150.116.232.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3935 (0xf5f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Sep  1 08:29:03 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=50AB1111D274F9752D091EC6B26E524FB3F90BCA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:af:b1:b4:9b:97:b5:dd:26:62:ce:25:9c:a4:
                    3c:39:a4:cb:c5:79:48:bf:bc:de:14:8e:f1:36:79:
                    80:40:23:ad:f7:3b:28:3a:36:90:95:bf:a8:9d:87:
                    cf:0f:35:c3:cb:0c:2b:62:3c:7d:19:44:d4:d5:b7:
                    16:b0:a8:a8:34:2f:6c:bc:1e:bf:47:0a:42:41:65:
                    88:8b:0b:88:9e:2d:43:56:d6:ce:ae:a6:f7:ba:07:
                    5b:8b:01:22:7f:e9:7f:cc:6d:2e:52:11:e9:13:ac:
                    5e:63:f7:cd:ad:69:5d:5a:7d:70:ff:6b:18:af:89:
                    0e:53:d9:be:20:bf:f9:a4:9f:f5:ae:5e:48:3d:be:
                    dc:c1:8f:9b:2b:95:00:ff:f8:a0:70:c5:78:2b:86:
                    d8:bb:9e:4f:d1:d2:56:a3:b6:6e:a8:a8:1a:e3:7e:
                    d5:1f:76:4b:bf:be:24:bb:45:fc:07:5f:46:fc:c6:
                    05:43:66:20:55:2a:67:b9:74:b0:4b:78:16:7e:a8:
                    44:3b:21:1f:4c:98:f7:41:e7:62:2d:41:6c:b2:0b:
                    f2:ab:2e:c3:2d:15:99:a6:e4:d4:9b:d2:a6:2d:15:
                    32:32:4f:38:43:bf:b2:cb:87:a2:c6:b2:f7:ad:5a:
                    fd:7f:24:9a:e8:4e:89:cd:b6:a4:34:c2:a8:41:6c:
                    c2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:AB:11:11:D2:74:F9:75:2D:09:1E:C6:B2:6E:52:4F:B3:F9:0B:CA
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/UKsREdJ0-XUtCR7Gsm5ST7P5C8o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b6:5a:ac:83:ba:c5:e3:61:27:d4:d7:4e:78:40:2b:94:0e:fb:
         43:78:1a:a0:65:b2:1d:a0:27:e2:4a:31:07:cc:98:fb:73:cc:
         c0:dd:65:5a:73:b8:de:cb:cf:a9:17:bf:c3:bc:5d:d0:dd:d3:
         7a:fd:19:b8:ec:f8:54:d0:8c:ef:ac:f3:4f:3b:ea:a2:96:15:
         25:c8:cb:57:3c:f3:35:19:75:6b:eb:fa:7c:a7:29:24:95:eb:
         a8:54:9d:ef:52:ec:d8:80:e0:c6:34:44:41:28:0e:bf:d0:4d:
         7b:7f:8a:39:99:67:f5:5d:4c:3d:54:14:a2:f2:dc:39:87:10:
         d7:78:98:59:c8:00:80:28:d2:22:aa:58:ec:8e:5d:59:be:f0:
         4a:e1:3b:88:5b:70:2b:6f:ca:bd:55:fd:1b:03:b4:f0:98:54:
         67:f8:54:6e:4f:20:a0:6b:e7:b3:ad:27:42:4d:ec:48:cc:a7:
         9f:12:65:d6:63:ca:36:5b:e0:91:36:d3:c2:d6:a4:64:f5:e5:
         26:a9:ab:18:d0:d2:65:67:50:db:a3:15:57:b4:bc:2f:63:b3:
         e7:da:7c:c3:fb:4d:09:2d:05:61:a2:e5:50:0f:51:57:56:35:
         d3:ba:62:00:6c:78:d7:7d:09:4e:f6:b7:40:7a:69:db:80:e3:
         2f:4d:5e:80
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDUwQUIxMTExRDI3NEY5
NzUyRDA5MUVDNkIyNkU1MjRGQjNGOTBCQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfr7G0m5e13SZiziWcpDw5pMvFeUi/vN4UjvE2eYBAI633Oyg6
NpCVv6idh88PNcPLDCtiPH0ZRNTVtxawqKg0L2y8Hr9HCkJBZYiLC4ieLUNW1s6u
pve6B1uLASJ/6X/MbS5SEekTrF5j982taV1afXD/axiviQ5T2b4gv/mkn/WuXkg9
vtzBj5srlQD/+KBwxXgrhti7nk/R0lajtm6oqBrjftUfdku/viS7RfwHX0b8xgVD
ZiBVKme5dLBLeBZ+qEQ7IR9MmPdB52ItQWyyC/KrLsMtFZmm5NSb0qYtFTIyTzhD
v7LLh6LGsvetWv1/JJroTonNtqQ0wqhBbMIbAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUUKsREdJ0+XUtCR7Gsm5ST7P5C8owHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9VS3NSRWRKMC1YVXRD
UjdHc201U1Q3UDVDOG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQClnToMA0GCSqGSIb3DQEBCwUAA4IBAQC2WqyDusXjYSfU1054QCuUDvtDeBqg
ZbIdoCfiSjEHzJj7c8zA3WVac7jey8+pF7/DvF3Q3dN6/Rm47PhU0IzvrPNPO+qi
lhUlyMtXPPM1GXVr6/p8pykkleuoVJ3vUuzYgODGNERBKA6/0E17f4o5mWf1XUw9
VBSi8tw5hxDXeJhZyACAKNIiqljsjl1ZvvBK4TuIW3Arb8q9Vf0bA7TwmFRn+FRu
TyCga+ezrSdCTexIzKefEmXWY8o2W+CRNtPC1qRk9eUmqasY0NJlZ1DboxVXtLwv
Y7Pn2nzD+00JLQVhouVQD1FXVjXTumIAbHjXfQlO9rdAemnbgOMvTV6A
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org