Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/uWS4kFNude_T2tT82q5-nfo0H6g.roa
File:                     uWS4kFNude_T2tT82q5-nfo0H6g.roa (raw, json)
Hash identifier:          s1Q+Hv8c7/diJ7Ap53zp6srO9AcPcuYA/PKSSMMxNuE=
Subject key identifier:   B9:64:B8:90:53:6E:75:EF:D3:DA:D4:FC:DA:AE:7E:9D:FA:34:1F:A8
Certificate issuer:       /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial:       0CE5
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/uWS4kFNude_T2tT82q5-nfo0H6g.roa
Signing time:             Fri 01 Sep 2023 09:39:55 +0000
ROA not before:           Fri 01 Sep 2023 09:39:55 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     13335
IP address blocks:        223.27.48.0/20 maxlen: 20

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3301 (0xce5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
        Validity
            Not Before: Sep  1 09:39:55 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=B964B890536E75EFD3DAD4FCDAAE7E9DFA341FA8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:cf:c3:e2:80:91:a2:b8:b5:b6:d0:81:ee:66:
                    f3:f7:f7:4e:a6:11:14:ca:c0:07:90:11:61:bc:f3:
                    cd:08:95:f1:88:68:74:20:4a:12:d0:4a:46:c3:89:
                    54:51:93:9f:94:3c:fc:18:a9:4c:f0:cd:75:ca:35:
                    12:fd:76:c6:76:24:63:c6:4f:94:db:74:fb:d6:ef:
                    89:b5:97:1e:18:dc:ac:e0:fb:b1:c0:74:c7:a9:dd:
                    c2:fe:ed:3d:6f:11:02:5a:51:39:ca:34:ff:ee:a7:
                    5f:b3:46:10:53:7a:57:54:70:ec:93:03:e7:e2:2f:
                    f7:36:05:3a:39:6d:f8:8d:70:75:da:a1:d2:99:27:
                    ad:da:57:c4:ac:6e:df:37:9c:64:0c:b4:fd:c4:cb:
                    61:28:1e:34:9f:5c:c2:2c:00:64:06:f8:7f:05:9c:
                    c6:c7:44:47:bf:63:69:f5:c2:3c:3d:0c:77:0b:6e:
                    79:a5:6d:25:f6:70:b4:15:a3:79:0c:f8:02:df:31:
                    59:a6:17:b1:ee:61:16:b5:65:7f:72:73:46:c5:db:
                    62:e9:96:3f:6a:ec:02:a1:4d:21:95:97:15:3b:7e:
                    02:8f:aa:da:e9:eb:76:9a:87:40:43:ce:2a:fb:3e:
                    c2:1b:bd:7b:2b:56:41:7b:33:f1:14:1a:41:f2:bc:
                    03:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:64:B8:90:53:6E:75:EF:D3:DA:D4:FC:DA:AE:7E:9D:FA:34:1F:A8
            X509v3 Authority Key Identifier:
                keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/uWS4kFNude_T2tT82q5-nfo0H6g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         02:e8:f9:9d:ad:05:d9:3a:bf:f7:c3:b1:09:ef:e0:6f:7e:7e:
         31:fa:fe:cf:6e:6c:72:8a:8e:c5:18:42:10:b1:0c:ed:10:14:
         9f:5d:e3:70:41:b0:ae:a4:4e:1d:5c:9e:59:ff:b8:6d:92:85:
         75:a5:5f:a6:3b:9c:e7:c5:19:fd:2a:64:ef:4b:fe:39:ad:6d:
         0e:bf:0f:b5:29:02:c5:8d:4c:b9:9b:a9:7e:db:42:42:c2:52:
         10:02:57:1a:01:8c:e5:d9:37:f5:40:46:85:c2:aa:1a:c2:cd:
         29:22:37:a9:98:fa:f5:0b:4b:31:c2:8d:22:79:9c:14:30:e5:
         dd:53:ad:78:c5:8e:54:74:6d:eb:d8:e2:bd:48:39:99:06:1c:
         83:75:cb:d7:20:1c:19:77:9f:67:92:ea:9d:a1:8b:2f:95:77:
         ba:48:03:13:ed:4e:17:9d:ea:e1:f3:11:38:07:e3:3a:5d:a3:
         cf:fc:d2:15:db:90:c4:f3:cf:63:26:70:7d:e9:27:dc:a6:66:
         c7:50:11:43:c8:7c:b3:ce:00:58:fb:36:ae:b5:a1:89:86:49:
         6d:81:f5:10:04:34:1d:6b:97:ac:22:90:f0:c3:8c:16:7c:22:
         34:7c:f4:7c:0f:1d:c0:ee:41:bb:e3:e6:cf:ae:ee:51:3d:21:
         d8:69:7e:bb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI5NjRCODkwNTM2RTc1
RUZEM0RBRDRGQ0RBQUU3RTlERkEzNDFGQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnz8PigJGiuLW20IHuZvP3906mERTKwAeQEWG8880IlfGIaHQg
ShLQSkbDiVRRk5+UPPwYqUzwzXXKNRL9dsZ2JGPGT5TbdPvW74m1lx4Y3Kzg+7HA
dMep3cL+7T1vEQJaUTnKNP/up1+zRhBTeldUcOyTA+fiL/c2BTo5bfiNcHXaodKZ
J63aV8Ssbt83nGQMtP3Ey2EoHjSfXMIsAGQG+H8FnMbHREe/Y2n1wjw9DHcLbnml
bSX2cLQVo3kM+ALfMVmmF7HuYRa1ZX9yc0bF22Lplj9q7AKhTSGVlxU7fgKPqtrp
63aah0BDzir7PsIbvXsrVkF7M/EUGkHyvANlAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUuWS4kFNude/T2tT82q5+nfo0H6gwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vdVdTNGtGTnVkZV9UMnRUODJxNS1u
Zm8wSDZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBN8bMDAN
BgkqhkiG9w0BAQsFAAOCAQEAAuj5na0F2Tq/98OxCe/gb35+Mfr+z25scoqOxRhC
ELEM7RAUn13jcEGwrqROHVyeWf+4bZKFdaVfpjuc58UZ/Spk70v+Oa1tDr8PtSkC
xY1MuZupfttCQsJSEAJXGgGM5dk39UBGhcKqGsLNKSI3qZj69QtLMcKNInmcFDDl
3VOteMWOVHRt69jivUg5mQYcg3XL1yAcGXefZ5LqnaGLL5V3ukgDE+1OF53q4fMR
OAfjOl2jz/zSFduQxPPPYyZwfekn3KZmx1ARQ8h8s84AWPs2rrWhiYZJbYH1EAQ0
HWuXrCKQ8MOMFnwiNHz0fA8dwO5Bu+Pmz67uUT0h2Gl+uw==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org