Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/vG-oP5AZQiTmF0_wIjuAN3_u-hY.roa
File:                     vG-oP5AZQiTmF0_wIjuAN3_u-hY.roa (raw, json)
Hash identifier:          01fF8H5LDqxydsd5M4dzbWBt8EqHESAQe5wpR1WZvqA=
Subject key identifier:   BC:6F:A8:3F:90:19:42:24:E6:17:4F:F0:22:3B:80:37:7F:EE:FA:16
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0C84
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/vG-oP5AZQiTmF0_wIjuAN3_u-hY.roa
Signing time:             Mon 15 Jan 2024 21:09:53 +0000
ROA not before:           Mon 15 Jan 2024 21:09:53 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131142
IP address blocks:        210.200.80.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3204 (0xc84)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:09:53 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=BC6FA83F90194224E6174FF0223B80377FEEFA16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:66:86:ec:04:35:17:fc:27:09:7f:a8:d0:d9:
                    e7:ab:9e:80:ec:fb:06:8d:21:46:5e:2b:59:9c:2e:
                    ac:d8:10:2b:02:fd:ff:09:f4:42:40:e4:8a:5a:83:
                    36:7f:4c:4b:55:5c:75:5c:46:88:2f:91:36:93:29:
                    1e:cd:eb:b0:24:7f:a8:02:41:ca:cf:ee:13:00:73:
                    b1:41:2f:41:c8:ad:0e:f1:d6:14:3b:41:39:db:7f:
                    2d:f6:a6:59:8f:1e:78:88:8a:71:db:fb:50:2e:ea:
                    d9:6b:2a:39:10:44:77:46:53:2e:0b:46:0b:f9:b3:
                    49:f3:96:fc:be:d5:79:f8:3e:fe:c3:9d:e8:76:a7:
                    7d:c3:94:71:39:dc:d4:41:c4:59:57:87:2a:01:87:
                    bf:b3:9c:28:11:3e:db:6d:a2:32:42:0f:62:cc:5f:
                    4e:a2:d8:e8:5d:00:15:8e:76:3b:a3:7e:f2:63:4c:
                    47:e4:05:27:1d:7b:c0:72:d1:83:48:a6:82:cd:97:
                    31:a8:e9:1a:49:05:29:74:91:d7:76:f3:13:41:ea:
                    c1:5f:3f:ad:3f:34:cb:d2:0d:ff:d8:83:5c:ea:97:
                    4e:e8:7f:88:6b:d0:e9:ee:d0:66:52:90:6b:b1:5b:
                    0a:a9:35:5c:a6:e0:ef:0a:9b:35:71:c5:46:ec:1d:
                    1a:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:6F:A8:3F:90:19:42:24:E6:17:4F:F0:22:3B:80:37:7F:EE:FA:16
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/vG-oP5AZQiTmF0_wIjuAN3_u-hY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:db:d2:8b:b1:57:95:51:4f:80:f3:f2:ca:6f:b1:12:dc:21:
         8d:bb:31:be:b2:6f:fc:13:d4:a9:ee:f5:c8:a7:ee:f9:3f:e5:
         bf:47:44:ed:1a:c9:7a:51:90:1e:95:75:95:5c:f8:e4:a2:a3:
         bb:a3:9f:52:e3:d9:fc:7c:be:d7:d6:ad:9c:0a:1e:5f:9f:84:
         eb:18:94:0b:b2:01:f3:68:b7:05:66:0c:4f:fa:86:b6:1d:42:
         d9:c3:1d:54:fa:83:2b:32:6f:d9:01:8f:58:e5:c0:81:b9:25:
         e1:e0:d3:eb:33:0f:3b:4e:c4:1b:98:d3:90:93:c1:3c:3f:dd:
         27:f6:93:77:9c:f4:51:40:f4:ed:f4:d2:e3:de:95:b4:fb:c7:
         62:00:46:8f:01:d2:61:5f:e8:54:10:25:ca:2b:2d:59:5a:0c:
         aa:df:65:02:1f:90:ef:fc:0b:47:6a:2a:82:1a:22:d5:71:78:
         41:c6:c8:7b:e9:61:a7:45:51:ae:0e:14:f2:90:6a:8e:6c:0c:
         29:42:a5:47:d1:c0:06:1c:c4:a1:1e:85:30:36:61:3c:6a:f3:
         96:0a:0d:c9:8b:f0:a8:68:40:46:05:10:9a:97:af:8b:aa:22:
         01:af:93:57:10:cc:05:2f:b3:85:f5:ff:ae:f0:1a:f6:22:c4:
         88:4d:c8:23
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTA5NTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEJDNkZBODNGOTAxOTQy
MjRFNjE3NEZGMDIyM0I4MDM3N0ZFRUZBMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5ZobsBDUX/CcJf6jQ2eernoDs+waNIUZeK1mcLqzYECsC/f8J
9EJA5IpagzZ/TEtVXHVcRogvkTaTKR7N67Akf6gCQcrP7hMAc7FBL0HIrQ7x1hQ7
QTnbfy32plmPHniIinHb+1Au6tlrKjkQRHdGUy4LRgv5s0nzlvy+1Xn4Pv7Dneh2
p33DlHE53NRBxFlXhyoBh7+znCgRPtttojJCD2LMX06i2OhdABWOdjujfvJjTEfk
BScde8By0YNIpoLNlzGo6RpJBSl0kdd28xNB6sFfP60/NMvSDf/Yg1zql07of4hr
0Onu0GZSkGuxWwqpNVym4O8KmzVxxUbsHRpRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUvG+oP5AZQiTmF0/wIjuAN3/u+hYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3ZHLW9QNUFaUWlUbUYwX3dJanVBTjNf
dS1oWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSyFAwDQYJ
KoZIhvcNAQELBQADggEBAGDb0ouxV5VRT4Dz8spvsRLcIY27Mb6yb/wT1Knu9cin
7vk/5b9HRO0ayXpRkB6VdZVc+OSio7ujn1Lj2fx8vtfWrZwKHl+fhOsYlAuyAfNo
twVmDE/6hrYdQtnDHVT6gysyb9kBj1jlwIG5JeHg0+szDztOxBuY05CTwTw/3Sf2
k3ec9FFA9O300uPelbT7x2IARo8B0mFf6FQQJcorLVlaDKrfZQIfkO/8C0dqKoIa
ItVxeEHGyHvpYadFUa4OFPKQao5sDClCpUfRwAYcxKEehTA2YTxq85YKDcmL8Kho
QEYFEJqXr4uqIgGvk1cQzAUvs4X1/67wGvYixIhNyCM=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org