Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/W1CDOyTIhXFwiHIQkK7d-VypVPk.roa
File:                     W1CDOyTIhXFwiHIQkK7d-VypVPk.roa (raw, json)
Hash identifier:          4ogQbaPWCgOie9cFb7RLJDgdys5cuDhrJE1whBJqpOQ=
Subject key identifier:   5B:50:83:3B:24:C8:85:71:70:88:72:10:90:AE:DD:F9:5C:A9:54:F9
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0C90
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/W1CDOyTIhXFwiHIQkK7d-VypVPk.roa
Signing time:             Mon 15 Jan 2024 21:10:06 +0000
ROA not before:           Mon 15 Jan 2024 21:10:06 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        210.200.148.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3216 (0xc90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:10:06 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=5B50833B24C885717088721090AEDDF95CA954F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:b9:af:2c:48:ef:f6:0e:13:d9:af:b1:81:c3:
                    f6:57:6d:47:61:84:3f:9b:a8:47:d3:d9:36:41:bb:
                    56:90:4d:3b:fc:3a:92:9b:df:51:d8:05:0b:c1:65:
                    0b:ba:1f:96:46:5c:7e:e0:7f:e1:dd:93:29:b5:48:
                    05:13:51:7a:d8:fd:29:76:fd:7a:e1:1c:75:f7:ac:
                    83:cd:40:66:e9:4c:11:a6:ff:3c:02:62:d7:b9:e8:
                    92:f9:fc:06:f4:a2:46:41:b5:41:88:41:30:98:dd:
                    eb:b3:a5:6b:05:3d:91:86:bd:5e:42:4b:79:a8:98:
                    70:be:b5:6a:0d:ec:2c:b8:9a:4b:23:28:7e:4b:51:
                    02:f1:32:14:9e:14:56:b7:30:1b:34:77:c8:fb:19:
                    5a:4f:8f:62:39:22:f1:fb:49:85:1f:7d:1d:21:5e:
                    96:a6:a0:d0:dd:91:a3:08:72:0d:57:58:c6:93:09:
                    60:29:aa:4c:6c:1e:75:56:ca:96:37:24:a1:61:72:
                    43:3c:e7:d5:f0:83:39:cf:a7:5c:58:59:8e:1b:f7:
                    ac:84:7b:c3:a7:0d:05:56:47:cc:8f:59:58:90:86:
                    a7:67:d7:69:94:82:22:ee:40:8c:08:3a:d0:5d:64:
                    97:cb:1e:be:d8:85:35:c7:76:56:5a:8b:eb:93:e9:
                    5a:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:50:83:3B:24:C8:85:71:70:88:72:10:90:AE:DD:F9:5C:A9:54:F9
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/W1CDOyTIhXFwiHIQkK7d-VypVPk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bf:68:28:46:20:7d:1d:f4:e0:e4:ee:1e:31:84:01:8f:c6:48:
         ac:9f:65:ec:23:9a:8c:e5:1f:6a:a0:92:b6:86:91:44:4a:71:
         17:e9:83:e8:c7:9d:00:54:29:af:95:ca:87:90:ae:e4:e2:f1:
         7a:2a:3d:ae:9f:db:11:e9:53:57:5e:1b:cd:85:04:c2:22:5c:
         ea:b5:2a:1a:ee:0b:27:86:aa:78:e0:ec:81:06:de:f3:11:02:
         e6:1c:2f:eb:b8:6d:aa:d3:91:04:fd:e2:04:ad:bb:f3:47:44:
         48:a5:7e:52:2c:9d:24:f0:90:34:97:de:3e:9d:c6:17:e0:47:
         8c:3b:dd:f2:66:38:e5:fe:6e:d2:01:62:65:c7:f2:17:90:67:
         50:86:34:5e:45:86:39:bd:b0:ef:49:d4:bb:b2:fc:7d:e6:11:
         0f:4d:05:0f:8a:72:33:15:c8:86:c8:35:59:8e:db:1b:12:b5:
         26:44:a3:01:bd:84:24:9e:1d:40:89:da:52:e5:4d:ca:7a:67:
         c2:3f:9d:5e:ac:2e:ba:d9:60:36:e3:92:13:40:a7:e9:3f:81:
         82:4c:cd:ee:b1:e4:3f:1f:86:78:46:af:e8:e5:31:58:d3:ad:
         06:81:9a:08:83:68:ea:a4:91:84:02:38:68:c8:00:ca:ef:f4:
         cb:7d:c7:2a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTEwMDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDVCNTA4MzNCMjRDODg1
NzE3MDg4NzIxMDkwQUVEREY5NUNBOTU0RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoua8sSO/2DhPZr7GBw/ZXbUdhhD+bqEfT2TZBu1aQTTv8OpKb
31HYBQvBZQu6H5ZGXH7gf+Hdkym1SAUTUXrY/Sl2/XrhHHX3rIPNQGbpTBGm/zwC
Yte56JL5/Ab0okZBtUGIQTCY3euzpWsFPZGGvV5CS3momHC+tWoN7Cy4mksjKH5L
UQLxMhSeFFa3MBs0d8j7GVpPj2I5IvH7SYUffR0hXpamoNDdkaMIcg1XWMaTCWAp
qkxsHnVWypY3JKFhckM859XwgznPp1xYWY4b96yEe8OnDQVWR8yPWViQhqdn12mU
giLuQIwIOtBdZJfLHr7YhTXHdlZai+uT6VqDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUW1CDOyTIhXFwiHIQkK7d+VypVPkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1cxQ0RPeVRJaFhGd2lISVFrSzdkLVZ5
cFZQay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSyJQwDQYJ
KoZIhvcNAQELBQADggEBAL9oKEYgfR304OTuHjGEAY/GSKyfZewjmozlH2qgkraG
kURKcRfpg+jHnQBUKa+VyoeQruTi8XoqPa6f2xHpU1deG82FBMIiXOq1KhruCyeG
qnjg7IEG3vMRAuYcL+u4barTkQT94gStu/NHREilflIsnSTwkDSX3j6dxhfgR4w7
3fJmOOX+btIBYmXH8heQZ1CGNF5Fhjm9sO9J1Luy/H3mEQ9NBQ+KcjMVyIbINVmO
2xsStSZEowG9hCSeHUCJ2lLlTcp6Z8I/nV6sLrrZYDbjkhNAp+k/gYJMze6x5D8f
hnhGr+jlMVjTrQaBmgiDaOqkkYQCOGjIAMrv9Mt9xyo=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org