Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/irBWUAiakTLtpJ8PpYNv5FFidrw.roa
File:                     irBWUAiakTLtpJ8PpYNv5FFidrw.roa (raw, json)
Hash identifier:          ywSsSKF5I7Jb6gZuwpWdIBxHJvvLmrAF00EtxMr//o0=
Subject key identifier:   8A:B0:56:50:08:9A:91:32:ED:A4:9F:0F:A5:83:6F:E4:51:62:76:BC
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       0CDC
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/irBWUAiakTLtpJ8PpYNv5FFidrw.roa
Signing time:             Fri 01 Sep 2023 09:39:51 +0000
ROA not before:           Fri 01 Sep 2023 09:39:51 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38843
IP address blocks:        223.27.33.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3292 (0xcdc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Sep  1 09:39:51 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=8AB05650089A9132EDA49F0FA5836FE4516276BC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7c:26:2b:c3:8e:1e:25:53:28:24:c3:aa:da:
                    5b:54:ed:a7:a1:26:68:16:ee:70:d8:dc:c7:ba:66:
                    2e:f9:12:bf:a1:ee:fd:85:61:4d:ba:d2:b4:36:0a:
                    ba:45:bf:2e:ed:d7:21:8a:b2:a3:95:2a:eb:19:64:
                    c1:54:f1:30:14:45:87:e9:2b:2a:22:0e:ef:86:53:
                    00:01:9a:f3:01:2f:c4:0f:66:13:52:69:c5:ee:67:
                    f0:58:1d:a1:37:46:07:9d:77:7d:82:d6:82:5c:36:
                    73:29:1e:69:92:2e:06:39:1d:06:1c:c7:4d:36:56:
                    63:87:86:ed:54:ff:fa:30:25:8c:f1:f5:31:a0:a5:
                    78:b4:bd:3a:ec:b9:7d:3e:bf:49:c4:ef:76:0a:bb:
                    9d:fc:9b:93:3e:2f:36:15:f9:6a:af:50:44:6d:bf:
                    eb:d6:27:ca:0d:30:df:da:81:72:3e:bf:81:46:83:
                    8a:71:9c:e3:ee:7a:3b:79:c1:ac:7c:68:86:3f:db:
                    98:20:a8:5c:bb:01:71:c6:d7:c8:fc:45:ed:35:a0:
                    e2:fe:e2:13:26:61:d9:be:06:22:e8:99:07:5a:8e:
                    a0:18:64:13:ad:71:ad:ec:a3:19:cc:a7:3e:3f:0a:
                    e2:81:d3:6a:27:ab:8f:b1:11:49:8b:71:30:3f:10:
                    18:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:B0:56:50:08:9A:91:32:ED:A4:9F:0F:A5:83:6F:E4:51:62:76:BC
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/irBWUAiakTLtpJ8PpYNv5FFidrw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:7e:53:71:71:9c:19:72:fa:b4:0e:81:84:17:c9:f5:98:9b:
         3b:db:ff:fc:0f:ae:42:1f:a4:06:19:16:b4:e1:74:7e:30:82:
         af:ca:ac:7f:83:45:db:3a:5a:11:37:15:c2:e1:dd:72:fd:80:
         1a:1b:b8:5b:ae:b4:cb:ad:4b:60:f9:48:f2:c9:f7:dd:91:02:
         e3:cd:9f:2b:bc:9f:61:d4:c4:4a:3a:61:99:b0:7d:26:5b:63:
         a4:01:d0:29:7e:99:9a:e0:93:d9:e8:f2:be:86:b6:5f:ae:17:
         fb:44:d6:e7:c4:3a:c7:0b:50:f4:ce:8c:a1:07:cb:5d:9e:a8:
         fb:f4:bf:55:51:76:6b:4d:13:09:ce:42:0a:da:bd:c6:e6:8f:
         6d:fc:77:0c:82:af:9f:76:79:58:9e:43:c6:c7:36:e6:6f:86:
         e2:85:15:2c:b8:37:53:42:d9:9d:58:3b:a4:f9:39:90:07:3e:
         b1:c0:5e:70:52:1e:77:ef:b4:3b:40:04:81:68:44:b3:0f:92:
         77:45:25:7e:d1:09:f3:0b:37:49:28:c4:e6:8c:95:f4:9f:90:
         6e:ab:42:cc:80:d0:b2:4f:52:10:97:74:6e:3b:a5:49:b4:53:
         6d:57:1c:67:4f:27:b8:98:b8:40:41:52:01:1d:31:58:60:02:
         f8:f3:6a:e5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDhBQjA1NjUwMDg5QTkx
MzJFREE0OUYwRkE1ODM2RkU0NTE2Mjc2QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2fCYrw44eJVMoJMOq2ltU7aehJmgW7nDY3Me6Zi75Er+h7v2F
YU260rQ2CrpFvy7t1yGKsqOVKusZZMFU8TAURYfpKyoiDu+GUwABmvMBL8QPZhNS
acXuZ/BYHaE3Rgedd32C1oJcNnMpHmmSLgY5HQYcx002VmOHhu1U//owJYzx9TGg
pXi0vTrsuX0+v0nE73YKu538m5M+LzYV+WqvUERtv+vWJ8oNMN/agXI+v4FGg4px
nOPuejt5wax8aIY/25ggqFy7AXHG18j8Re01oOL+4hMmYdm+BiLomQdajqAYZBOt
ca3soxnMpz4/CuKB02onq4+xEUmLcTA/EBgVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUirBWUAiakTLtpJ8PpYNv5FFidrwwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vaXJCV1VBaWFrVEx0cEo4UHBZTnY1
RkZpZHJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bITAN
BgkqhkiG9w0BAQsFAAOCAQEAEn5TcXGcGXL6tA6BhBfJ9ZibO9v//A+uQh+kBhkW
tOF0fjCCr8qsf4NF2zpaETcVwuHdcv2AGhu4W660y61LYPlI8sn33ZEC482fK7yf
YdTESjphmbB9JltjpAHQKX6ZmuCT2ejyvoa2X64X+0TW58Q6xwtQ9M6MoQfLXZ6o
+/S/VVF2a00TCc5CCtq9xuaPbfx3DIKvn3Z5WJ5Dxsc25m+G4oUVLLg3U0LZnVg7
pPk5kAc+scBecFIed++0O0AEgWhEsw+Sd0UlftEJ8ws3SSjE5oyV9J+QbqtCzIDQ
sk9SEJd0bjulSbRTbVccZ08nuJi4QEFSAR0xWGAC+PNq5Q==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org