Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/JJ0DNXoHh8bYW_TX1ncPfPeY6HM.roa
File:                     JJ0DNXoHh8bYW_TX1ncPfPeY6HM.roa (raw, json)
Hash identifier:          PP/n+51cpysesl3AYo4nnVr3yQuN21HMnO47vYKyWzA=
Subject key identifier:   24:9D:03:35:7A:07:87:C6:D8:5B:F4:D7:D6:77:0F:7C:F7:98:E8:73
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0C1B
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/JJ0DNXoHh8bYW_TX1ncPfPeY6HM.roa
Signing time:             Fri 05 Jan 2024 11:05:08 +0000
ROA not before:           Fri 05 Jan 2024 11:05:08 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        218.34.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3099 (0xc1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan  5 11:05:08 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=249D03357A0787C6D85BF4D7D6770F7CF798E873
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:59:68:e4:b5:bc:4f:7c:89:c5:22:f3:7b:9d:
                    72:e5:5e:54:e8:81:42:92:b1:c4:d5:8e:b5:14:3f:
                    93:c8:c7:80:da:eb:35:86:a6:21:b9:6d:6a:87:5b:
                    c0:45:0c:5c:25:5c:22:37:17:bb:11:c8:9b:f0:f2:
                    fe:63:04:2a:91:bc:d1:5e:2a:05:58:d6:94:b4:37:
                    d6:37:61:97:3b:b7:fa:3c:52:eb:bd:76:fc:0b:34:
                    d5:58:4b:9b:e1:59:fe:46:56:69:8c:0e:08:23:71:
                    59:a1:85:38:7e:06:59:3d:44:6f:1a:97:45:83:65:
                    49:68:34:95:99:f8:12:38:c0:e4:4f:cc:3b:a0:b5:
                    d8:d7:37:8a:7c:d6:5a:62:33:bd:3a:da:be:9a:da:
                    82:8d:1f:21:b2:cd:63:55:45:1e:24:17:20:b9:76:
                    be:2c:f5:72:19:04:f8:a1:7a:e3:a5:b1:aa:08:32:
                    12:d8:b5:91:e1:1c:39:23:47:94:41:4f:af:23:46:
                    de:a8:2b:84:a5:fa:59:34:c4:14:79:aa:58:56:4b:
                    c5:65:cd:f2:4f:52:6c:80:a6:de:b4:5f:43:5d:43:
                    e8:d4:2f:2e:23:61:89:28:82:20:30:03:0a:14:4b:
                    b7:43:6c:65:69:95:61:d2:b7:98:b5:20:98:4a:bd:
                    13:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:9D:03:35:7A:07:87:C6:D8:5B:F4:D7:D6:77:0F:7C:F7:98:E8:73
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/JJ0DNXoHh8bYW_TX1ncPfPeY6HM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.34.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         58:b0:e8:9a:72:cb:fb:2a:55:43:27:0c:6b:52:be:1a:d1:71:
         9f:c7:47:cb:2f:ea:cc:4e:94:e8:63:a5:ba:75:73:0c:d1:0b:
         fe:45:f2:30:7f:d8:34:78:2f:94:56:55:f2:ff:e2:11:6d:4b:
         91:dc:45:8b:f2:2b:01:03:bd:24:4f:ea:f0:20:79:13:73:47:
         10:8f:9d:02:09:7a:e5:5e:ac:07:37:f8:93:20:c4:ec:28:5d:
         df:64:e7:0b:fe:55:0b:36:c6:e1:c6:e8:1b:16:00:cb:2f:ae:
         46:ac:41:77:46:b8:ad:e6:48:c1:5e:02:75:e6:f5:71:62:b1:
         2f:97:74:6b:45:d0:0b:14:86:0b:6c:ba:90:7d:e8:0b:f2:fc:
         b3:35:64:fc:fa:e5:10:a4:44:6f:b8:23:cf:26:d7:33:74:f7:
         10:39:61:f1:2c:49:54:81:a3:28:07:fb:da:9d:32:de:29:e1:
         91:ba:26:0d:5d:63:05:71:5c:2f:cf:02:da:44:55:9e:17:3d:
         15:71:80:d8:14:c8:95:df:66:0e:28:28:5a:37:85:9f:19:d0:
         df:f3:1e:a1:6d:f6:fa:9b:01:dc:da:5b:4b:a9:73:8b:91:dc:
         6d:7b:8e:ce:35:a7:b8:f7:be:db:05:68:9d:c8:d4:74:d8:e8:
         8a:c7:08:62
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICDBswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMDUx
MTA1MDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI0OUQwMzM1N0EwNzg3
QzZEODVCRjREN0Q2NzcwRjdDRjc5OEU4NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8WWjktbxPfInFIvN7nXLlXlTogUKSscTVjrUUP5PIx4Da6zWG
piG5bWqHW8BFDFwlXCI3F7sRyJvw8v5jBCqRvNFeKgVY1pS0N9Y3YZc7t/o8Uuu9
dvwLNNVYS5vhWf5GVmmMDggjcVmhhTh+Blk9RG8al0WDZUloNJWZ+BI4wORPzDug
tdjXN4p81lpiM7062r6a2oKNHyGyzWNVRR4kFyC5dr4s9XIZBPiheuOlsaoIMhLY
tZHhHDkjR5RBT68jRt6oK4Sl+lk0xBR5qlhWS8VlzfJPUmyApt60X0NdQ+jULy4j
YYkogiAwAwoUS7dDbGVplWHSt5i1IJhKvROHAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUJJ0DNXoHh8bYW/TX1ncPfPeY6HMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0pKMEROWG9IaDhiWVdfVFgxbmNQZlBl
WTZITS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDaIjANBgkq
hkiG9w0BAQsFAAOCAQEAWLDomnLL+ypVQycMa1K+GtFxn8dHyy/qzE6U6GOlunVz
DNEL/kXyMH/YNHgvlFZV8v/iEW1LkdxFi/IrAQO9JE/q8CB5E3NHEI+dAgl65V6s
Bzf4kyDE7Chd32TnC/5VCzbG4cboGxYAyy+uRqxBd0a4reZIwV4Cdeb1cWKxL5d0
a0XQCxSGC2y6kH3oC/L8szVk/PrlEKREb7gjzybXM3T3EDlh8SxJVIGjKAf72p0y
3inhkbomDV1jBXFcL88C2kRVnhc9FXGA2BTIld9mDigoWjeFnxnQ3/MeoW32+psB
3NpbS6lzi5HcbXuOzjWnuPe+2wVoncjUdNjoiscIYg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org