Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/I1h1UEOltIc84ddvywgOaRyaAfc.roa
File:                     I1h1UEOltIc84ddvywgOaRyaAfc.roa (raw, json)
Hash identifier:          Fw+w35aPZ1qoFC12OOQNoc9IdcD9pf2UAYzYw6RCflM=
Subject key identifier:   23:58:75:50:43:A5:B4:87:3C:E1:D7:6F:CB:08:0E:69:1C:9A:01:F7
Certificate issuer:       /CN=01A53261B2001FA7EB57793E2E579B7322F8E76A
Certificate serial:       0BC1
Authority key identifier: 01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/I1h1UEOltIc84ddvywgOaRyaAfc.roa
Signing time:             Fri 01 Sep 2023 09:40:38 +0000
ROA not before:           Fri 01 Sep 2023 09:40:38 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9676
IP address blocks:        60.245.0.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3009 (0xbc1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01A53261B2001FA7EB57793E2E579B7322F8E76A
        Validity
            Not Before: Sep  1 09:40:38 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=2358755043A5B4873CE1D76FCB080E691C9A01F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:cf:8a:04:0e:09:1f:70:6f:4d:5a:70:34:20:
                    0c:ed:0c:92:c1:2c:f7:4c:98:6a:b2:98:8f:bf:16:
                    10:5f:d1:3e:c2:fb:db:5b:4f:ec:d6:77:bd:03:d9:
                    66:1c:ec:f2:e0:e6:f9:4d:1d:c4:ca:80:f3:2b:e5:
                    b8:68:a3:b5:1b:ed:fd:2b:68:d0:be:3c:f5:8b:bf:
                    7b:e6:4a:04:49:98:dd:9b:12:a6:93:42:cf:fc:20:
                    c3:62:1e:d6:66:77:fc:49:79:d3:4a:7c:0f:d7:4d:
                    29:e9:70:98:ff:dd:7c:02:d7:1f:87:49:df:f5:df:
                    2a:25:20:b6:f7:27:6d:26:f0:8b:7c:27:e2:7b:6e:
                    a5:79:e8:11:aa:88:12:5b:64:d1:25:71:cb:96:ef:
                    9f:de:35:af:03:ad:aa:c3:17:e4:51:e8:35:21:9e:
                    0c:46:c3:da:0e:fb:82:93:59:27:63:73:38:86:cd:
                    98:a7:62:19:12:a7:0e:81:f5:82:04:f9:e3:3f:b0:
                    42:b5:e7:9b:f9:29:10:4e:5d:19:fd:6b:31:09:ce:
                    39:10:43:6b:bc:cd:1c:d1:d6:d0:6d:f3:d2:22:30:
                    38:dd:26:dc:f5:54:78:b1:b2:e6:0d:8a:1e:2a:2a:
                    58:94:d2:5d:ed:3d:4c:21:5d:2e:92:f0:84:46:57:
                    4a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:58:75:50:43:A5:B4:87:3C:E1:D7:6F:CB:08:0E:69:1C:9A:01:F7
            X509v3 Authority Key Identifier:
                keyid:01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/I1h1UEOltIc84ddvywgOaRyaAfc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.245.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         c1:4e:9d:0e:8b:69:94:64:7a:1d:83:99:40:d8:13:c8:0e:31:
         4f:96:bf:7c:d5:b6:41:a5:bf:65:46:eb:c3:17:77:c7:ab:22:
         b9:41:d6:f5:71:47:9b:21:62:6d:77:77:3a:f7:a1:71:d8:30:
         e9:3b:0a:5e:88:63:21:a5:91:bc:4e:10:cd:8e:04:7e:ac:91:
         27:2b:48:09:92:55:0e:4b:5c:57:88:30:48:32:48:ef:56:0d:
         67:1f:83:7f:6e:d9:c5:5b:7a:92:b3:70:1b:cb:e3:97:18:a6:
         05:d6:b1:9c:bc:db:62:b7:b4:d2:ba:40:6a:3e:b6:91:f4:fb:
         06:9c:e3:d9:55:ce:15:8c:78:5c:de:cf:e2:6a:c8:ed:88:00:
         33:bf:89:1f:fd:93:38:4d:56:dd:4a:59:40:e2:6b:33:9f:38:
         31:82:39:c3:81:c9:26:e2:20:1b:d5:cb:ef:75:d5:e4:ff:28:
         3f:14:4b:39:09:f8:b9:97:05:1b:6b:bd:12:52:f5:21:ca:e7:
         e7:39:81:93:e9:64:84:bf:57:64:11:53:70:1e:e2:65:eb:31:
         72:8a:4b:9b:59:5f:79:4d:10:99:b2:2e:5a:a7:c3:cc:6b:96:
         dd:24:33:c4:91:f4:67:a1:8d:6b:74:b5:1c:8d:1d:3e:a6:6e:
         85:73:b8:9a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDFB
NTMyNjFCMjAwMUZBN0VCNTc3OTNFMkU1NzlCNzMyMkY4RTc2QTAeFw0yMzA5MDEw
OTQwMzhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIzNTg3NTUwNDNBNUI0
ODczQ0UxRDc2RkNCMDgwRTY5MUM5QTAxRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVz4oEDgkfcG9NWnA0IAztDJLBLPdMmGqymI+/FhBf0T7C+9tb
T+zWd70D2WYc7PLg5vlNHcTKgPMr5bhoo7Ub7f0raNC+PPWLv3vmSgRJmN2bEqaT
Qs/8IMNiHtZmd/xJedNKfA/XTSnpcJj/3XwC1x+HSd/13yolILb3J20m8It8J+J7
bqV56BGqiBJbZNElccuW75/eNa8DrarDF+RR6DUhngxGw9oO+4KTWSdjcziGzZin
YhkSpw6B9YIE+eM/sEK155v5KRBOXRn9azEJzjkQQ2u8zRzR1tBt89IiMDjdJtz1
VHixsuYNih4qKliU0l3tPUwhXS6S8IRGV0oZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUI1h1UEOltIc84ddvywgOaRyaAfcwHwYDVR0jBBgwFoAUAaUyYbIAH6frV3k+
LlebcyL452owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FWRUNP
TS9BYVV5WWJJQUg2ZnJWM2stTGxlYmN5TDQ1Mm8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0FhVXlZYklBSDZmclYzay1MbGViY3lMNDUyby5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBVkVDT00vSTFoMVVFT2x0SWM4NGRk
dnl3Z09hUnlhQWZjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Bjz1ADANBgkqhkiG9w0BAQsFAAOCAQEAwU6dDotplGR6HYOZQNgTyA4xT5a/fNW2
QaW/ZUbrwxd3x6siuUHW9XFHmyFibXd3Ovehcdgw6TsKXohjIaWRvE4QzY4EfqyR
JytICZJVDktcV4gwSDJI71YNZx+Df27ZxVt6krNwG8vjlximBdaxnLzbYre00rpA
aj62kfT7Bpzj2VXOFYx4XN7P4mrI7YgAM7+JH/2TOE1W3UpZQOJrM584MYI5w4HJ
JuIgG9XL73XV5P8oPxRLOQn4uZcFG2u9ElL1Icrn5zmBk+lkhL9XZBFTcB7iZesx
copLm1lfeU0QmbIuWqfDzGuW3SQzxJH0Z6GNa3S1HI0dPqZuhXO4mg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org