Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/ZsnFLyzYvP_AWDfyRCTle9JPPmg.roa
File:                     ZsnFLyzYvP_AWDfyRCTle9JPPmg.roa (raw, json)
Hash identifier:          EBeVNgHGfspqvVY+PXrTmfc+hL8NRcR181XC+4PUwaE=
Subject key identifier:   66:C9:C5:2F:2C:D8:BC:FF:C0:58:37:F2:44:24:E5:7B:D2:4F:3E:68
Certificate issuer:       /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial:       0C14
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ZsnFLyzYvP_AWDfyRCTle9JPPmg.roa
Signing time:             Fri 01 Sep 2023 09:13:57 +0000
ROA not before:           Fri 01 Sep 2023 09:13:57 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131602
IP address blocks:        211.78.4.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3092 (0xc14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
        Validity
            Not Before: Sep  1 09:13:57 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=66C9C52F2CD8BCFFC05837F24424E57BD24F3E68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:8a:1a:e0:aa:0a:ed:2c:fd:64:81:64:1f:72:
                    00:2b:0f:78:f2:37:5b:2e:72:43:54:93:40:a9:ef:
                    74:5d:6a:68:ad:a0:84:93:ec:11:52:61:21:d2:31:
                    14:02:cf:88:1f:23:84:a1:6c:7e:d9:a1:b0:1b:2d:
                    65:3d:66:a4:7b:59:02:0c:9c:b0:fe:d0:8c:5a:23:
                    d9:16:e8:14:b2:a9:7a:9e:20:ac:b9:1c:4d:bd:6e:
                    85:f0:2f:2a:d8:7c:13:33:17:51:2f:44:51:af:4a:
                    4f:fb:ee:95:67:52:2e:8a:a8:ac:51:f8:6e:0c:fa:
                    34:2f:65:50:aa:27:6c:9e:4d:32:f1:92:26:89:e4:
                    d3:b0:bc:fb:af:e6:ee:2e:41:29:e6:f5:02:b0:be:
                    f2:2e:1b:56:08:f4:82:04:06:12:e9:22:18:fe:38:
                    e1:f2:e3:ab:23:ae:05:1a:ab:5c:11:6d:bf:3b:cd:
                    70:48:13:78:cf:a3:6d:2c:d6:9b:a6:1d:ef:71:e7:
                    ca:d6:7d:72:a0:9c:7a:d8:e0:d9:cc:71:7a:6d:7b:
                    8a:1c:f1:a6:57:97:84:5d:77:68:ea:c8:24:a8:51:
                    0a:25:c9:5b:e5:7a:15:7e:9d:29:d1:13:99:18:c8:
                    e9:c4:04:42:98:d5:a0:82:a4:4e:22:90:3d:92:a8:
                    ce:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:C9:C5:2F:2C:D8:BC:FF:C0:58:37:F2:44:24:E5:7B:D2:4F:3E:68
            X509v3 Authority Key Identifier:
                keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ZsnFLyzYvP_AWDfyRCTle9JPPmg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.78.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a7:92:aa:69:42:5d:08:b1:9d:bc:ec:08:7f:9f:01:c1:98:9d:
         2d:19:62:4a:0e:52:c7:96:b2:b9:e8:5f:3d:b6:93:23:24:bd:
         f1:ef:4e:7a:47:5b:70:73:d9:b6:f4:fe:78:b0:ed:5b:ca:d1:
         dd:18:15:2e:ea:55:85:17:66:15:ed:97:ea:ef:23:cf:f0:00:
         9d:34:3f:23:58:ae:43:3a:47:b2:42:df:a0:89:26:a2:2d:1e:
         fb:72:82:b9:9c:a9:9f:f3:06:52:71:55:8f:85:ab:b5:fe:24:
         c9:33:90:c0:34:28:9f:77:7d:5d:6b:69:b3:a8:5d:b6:fa:27:
         ea:7a:c7:27:04:48:1c:60:9d:43:09:4f:52:ea:c1:e7:d9:c6:
         fd:f5:96:68:b6:e5:22:d0:a6:56:d0:e5:d9:c4:ea:a2:d2:45:
         f1:d8:4d:50:0f:10:a8:a9:4d:fd:e8:3e:b6:41:26:22:f0:00:
         35:bc:d7:53:79:dc:a8:7a:95:04:cf:97:90:3e:f7:fa:79:f1:
         c2:eb:31:02:ce:65:8f:38:77:74:63:d0:a6:b1:16:56:31:63:
         40:b3:d3:d8:f1:fa:b3:1a:32:02:27:77:a5:66:3a:88:77:47:
         a2:2f:9e:53:77:0b:9b:3b:9a:70:d7:12:a9:f5:c6:84:91:78:
         54:33:25:b8
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDBQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA5MDEw
OTEzNTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY2QzlDNTJGMkNEOEJD
RkZDMDU4MzdGMjQ0MjRFNTdCRDI0RjNFNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgihrgqgrtLP1kgWQfcgArD3jyN1suckNUk0Cp73RdamitoIST
7BFSYSHSMRQCz4gfI4ShbH7ZobAbLWU9ZqR7WQIMnLD+0IxaI9kW6BSyqXqeIKy5
HE29boXwLyrYfBMzF1EvRFGvSk/77pVnUi6KqKxR+G4M+jQvZVCqJ2yeTTLxkiaJ
5NOwvPuv5u4uQSnm9QKwvvIuG1YI9IIEBhLpIhj+OOHy46sjrgUaq1wRbb87zXBI
E3jPo20s1pumHe9x58rWfXKgnHrY4NnMcXpte4oc8aZXl4Rdd2jqyCSoUQolyVvl
ehV+nSnRE5kYyOnEBEKY1aCCpE4ikD2SqM55AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUZsnFLyzYvP/AWDfyRCTle9JPPmgwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1pzbkZMeXpZdlBfQVdEZnlSQ1RsZTlK
UFBtZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTgQwDQYJ
KoZIhvcNAQELBQADggEBAKeSqmlCXQixnbzsCH+fAcGYnS0ZYkoOUseWsrnoXz22
kyMkvfHvTnpHW3Bz2bb0/niw7VvK0d0YFS7qVYUXZhXtl+rvI8/wAJ00PyNYrkM6
R7JC36CJJqItHvtygrmcqZ/zBlJxVY+Fq7X+JMkzkMA0KJ93fV1rabOoXbb6J+p6
xycESBxgnUMJT1LqwefZxv31lmi25SLQplbQ5dnE6qLSRfHYTVAPEKipTf3oPrZB
JiLwADW811N53Kh6lQTPl5A+9/p58cLrMQLOZY84d3Rj0KaxFlYxY0Cz09jx+rMa
MgInd6VmOoh3R6IvnlN3C5s7mnDXEqn1xoSReFQzJbg=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:21 2024 by rpki-client on console-fra.rpki-client.org