Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Xbqa8SLM8U8MnY9NXzHTlZh1ZJ4.roa
File:                     Xbqa8SLM8U8MnY9NXzHTlZh1ZJ4.roa (raw, json)
Hash identifier:          rOsnSvnvZAyfYpfqgEa14lTFgB+Y7Wz8AQojCUsfhE0=
Subject key identifier:   5D:BA:9A:F1:22:CC:F1:4F:0C:9D:8F:4D:5F:31:D3:95:98:75:64:9E
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0D22
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Xbqa8SLM8U8MnY9NXzHTlZh1ZJ4.roa
Signing time:             Mon 15 Jan 2024 21:24:54 +0000
ROA not before:           Mon 15 Jan 2024 21:24:54 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     7482
IP address blocks:        210.58.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3362 (0xd22)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:24:54 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=5DBA9AF122CCF14F0C9D8F4D5F31D3959875649E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:0d:2e:38:ce:3a:e0:7e:22:5b:97:44:81:55:
                    53:d1:d8:77:6a:62:fa:cf:8d:44:a0:78:b2:d0:f1:
                    60:74:8f:8e:6f:00:28:65:f1:ad:b8:fb:97:bd:b6:
                    da:08:ba:1d:e3:b9:9b:4f:cf:39:97:11:90:35:ba:
                    99:59:ed:56:1f:4d:eb:f8:b3:18:9a:3a:aa:30:7c:
                    3a:29:0c:98:b5:bb:4c:c0:11:14:e6:02:eb:b7:b1:
                    28:96:22:46:eb:35:0b:aa:d1:5f:f0:2a:f5:16:cd:
                    55:eb:77:17:b4:89:35:b0:85:7c:00:be:c6:09:14:
                    67:44:cf:f9:68:49:93:7a:93:16:f3:b5:50:70:9f:
                    16:f0:2e:01:f7:b4:a8:1c:63:93:84:17:91:4a:7b:
                    b6:2d:df:06:9e:47:c6:84:ab:28:40:c6:2c:71:67:
                    49:15:cb:a0:73:37:e9:f0:7e:cc:d3:28:a5:c9:10:
                    1c:e9:96:e7:95:b6:cd:d9:12:e9:80:22:a6:aa:75:
                    f0:fc:91:b9:92:26:c5:a3:0a:51:ca:46:57:24:dc:
                    58:ce:39:65:13:a7:77:15:d1:80:42:0a:a0:97:03:
                    6d:b3:46:bf:55:93:89:e5:d2:18:24:9c:22:b1:33:
                    53:29:40:ef:c8:ab:a0:fc:e2:44:0e:05:c5:25:53:
                    13:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:BA:9A:F1:22:CC:F1:4F:0C:9D:8F:4D:5F:31:D3:95:98:75:64:9E
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Xbqa8SLM8U8MnY9NXzHTlZh1ZJ4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9b:8e:ae:e7:5a:bc:72:e6:f7:5e:a4:66:97:37:79:03:3d:41:
         0a:59:2b:40:da:77:43:f5:f9:1a:b0:15:d2:4d:58:ea:83:a0:
         41:74:c5:db:0c:14:13:59:67:3a:d4:73:5e:9d:39:b7:ef:83:
         b2:ee:ea:53:8a:a7:88:20:c9:dd:8e:19:67:62:34:90:c5:95:
         7d:4f:c3:eb:37:fe:c6:40:0d:af:20:41:95:2f:5d:42:d0:b2:
         67:77:47:95:86:23:1d:4c:fa:b8:11:78:9b:1d:96:60:5f:aa:
         38:c2:df:e3:d8:e6:b2:bf:1f:be:5d:9a:ad:07:9f:de:86:f0:
         27:af:5c:26:cc:32:40:a9:44:d3:65:1a:a3:39:30:4e:35:c8:
         af:45:71:24:5d:af:59:fd:e5:8c:17:88:d2:57:3a:b1:6f:04:
         e1:e8:22:8a:1b:45:6d:d2:da:1f:fb:f3:29:b4:8e:98:97:23:
         a2:6e:89:0a:04:f1:b8:03:55:e2:f7:09:c9:75:d7:98:62:96:
         e3:45:7d:54:b6:a9:fc:6c:20:26:34:08:78:6c:85:5f:54:f5:
         6a:26:c7:0f:1a:96:b6:1f:a7:8b:ae:20:be:5e:84:fa:43:2c:
         ba:69:56:8b:2e:37:4b:74:37:3d:c0:df:65:fe:66:8b:3d:48:
         ab:a7:36:0a
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICDSIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTI0NTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDVEQkE5QUYxMjJDQ0Yx
NEYwQzlEOEY0RDVGMzFEMzk1OTg3NTY0OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWDS44zjrgfiJbl0SBVVPR2HdqYvrPjUSgeLLQ8WB0j45vAChl
8a24+5e9ttoIuh3juZtPzzmXEZA1uplZ7VYfTev4sxiaOqowfDopDJi1u0zAERTm
Auu3sSiWIkbrNQuq0V/wKvUWzVXrdxe0iTWwhXwAvsYJFGdEz/loSZN6kxbztVBw
nxbwLgH3tKgcY5OEF5FKe7Yt3waeR8aEqyhAxixxZ0kVy6BzN+nwfszTKKXJEBzp
lueVts3ZEumAIqaqdfD8kbmSJsWjClHKRlck3FjOOWUTp3cV0YBCCqCXA22zRr9V
k4nl0hgknCKxM1MpQO/Iq6D84kQOBcUlUxMFAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUXbqa8SLM8U8MnY9NXzHTlZh1ZJ4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1hicWE4U0xNOFU4TW5ZOU5YekhUbFpo
MVpKNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDSOjANBgkq
hkiG9w0BAQsFAAOCAQEAm46u51q8cub3XqRmlzd5Az1BClkrQNp3Q/X5GrAV0k1Y
6oOgQXTF2wwUE1lnOtRzXp05t++Dsu7qU4qniCDJ3Y4ZZ2I0kMWVfU/D6zf+xkAN
ryBBlS9dQtCyZ3dHlYYjHUz6uBF4mx2WYF+qOMLf49jmsr8fvl2arQef3obwJ69c
JswyQKlE02UaozkwTjXIr0VxJF2vWf3ljBeI0lc6sW8E4egiihtFbdLaH/vzKbSO
mJcjom6JCgTxuANV4vcJyXXXmGKW40V9VLap/GwgJjQIeGyFX1T1aibHDxqWth+n
i64gvl6E+kMsumlWiy43S3Q3PcDfZf5miz1Iq6c2Cg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org