Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/8qlo6AyuCOy1BoPShi3bzj6Rw-s.roa
File:                     8qlo6AyuCOy1BoPShi3bzj6Rw-s.roa (raw, json)
Hash identifier:          D0gHuvnyf0fpNXA99GtQLs5dQ6zWqJPWEm/B4PKx20Q=
Subject key identifier:   F2:A9:68:E8:0C:AE:08:EC:B5:06:83:D2:86:2D:DB:CE:3E:91:C3:EB
Certificate issuer:       /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial:       0BBE
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/8qlo6AyuCOy1BoPShi3bzj6Rw-s.roa
Signing time:             Fri 01 Sep 2023 09:45:02 +0000
ROA not before:           Fri 01 Sep 2023 09:45:02 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18419
IP address blocks:        150.129.72.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3006 (0xbbe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
        Validity
            Not Before: Sep  1 09:45:02 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=F2A968E80CAE08ECB50683D2862DDBCE3E91C3EB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e3:51:a7:83:83:34:5e:ab:68:bb:f5:1d:86:
                    17:70:14:ef:60:6f:32:aa:39:b0:6c:49:b3:b7:a5:
                    77:92:83:fe:4b:29:95:c6:c7:5c:40:fa:66:55:3d:
                    6e:65:a7:5c:c0:67:bc:6c:5b:8f:61:e1:f3:45:57:
                    ef:5c:e9:6d:ae:c8:66:57:ea:74:91:fc:73:72:dc:
                    5e:bd:64:1b:65:88:a7:c6:07:19:e4:23:20:66:1d:
                    9b:49:5f:e5:36:bd:22:5b:30:fa:2e:7f:47:a1:56:
                    d4:8f:d7:3b:96:1f:77:58:ba:e1:2f:62:59:ea:92:
                    61:29:cc:91:1e:fd:3d:ad:70:fc:22:8e:ce:86:46:
                    d5:9c:c2:d3:d9:18:76:af:7a:b3:79:83:12:44:db:
                    f3:d4:4a:bc:5b:a2:4e:e7:5d:89:30:26:04:c0:7c:
                    e7:94:47:25:60:93:98:7c:29:d9:e6:00:e6:c3:16:
                    de:37:1c:b1:95:47:6a:fd:a8:39:9b:ae:a9:d4:17:
                    02:2a:f1:25:ae:de:4a:b2:df:ed:e1:2b:53:ce:98:
                    56:6b:a8:04:e0:60:41:3d:c4:be:a0:6e:a1:56:1f:
                    37:b6:30:e3:59:fc:d0:53:6e:28:69:2a:85:0e:21:
                    56:44:77:94:18:1f:11:ed:d9:5e:d7:ff:50:26:9d:
                    6e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:A9:68:E8:0C:AE:08:EC:B5:06:83:D2:86:2D:DB:CE:3E:91:C3:EB
            X509v3 Authority Key Identifier:
                keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/8qlo6AyuCOy1BoPShi3bzj6Rw-s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.129.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:82:bf:81:31:e7:8b:aa:d3:6a:9f:92:17:98:b8:b3:1a:c7:
         34:82:44:19:69:42:75:d3:f1:07:8c:c2:7e:0b:46:97:7a:0b:
         5c:a6:bf:5d:76:20:dd:b1:76:8b:fa:c8:17:e2:6e:e5:c4:70:
         8d:6c:df:ac:96:9f:9e:49:f5:0c:d7:7c:59:c6:ee:e9:7c:98:
         43:7f:38:a5:a8:a3:4b:c5:93:48:c7:d4:93:aa:8b:e5:53:ce:
         4b:63:63:54:72:e0:2f:7a:34:a6:0d:b6:e7:b3:06:5b:8f:1d:
         77:15:1d:c5:4b:52:1a:aa:8f:f3:2a:3e:43:9a:cb:d5:3c:9c:
         a5:48:eb:9e:c4:04:79:a8:58:60:8a:dc:29:e3:fe:26:fe:0f:
         b0:15:cd:c6:4a:58:5c:42:fd:cd:1d:61:b8:a3:83:f4:c8:1d:
         87:0f:07:d1:6b:0c:86:fb:90:81:c1:16:8f:37:21:bc:d9:97:
         37:e9:4a:aa:9b:d7:25:e7:8d:25:ee:d9:fe:25:e7:8f:96:a5:
         2d:80:6d:0b:23:94:de:a3:bd:25:88:6c:d2:f2:ac:d6:6f:54:
         7a:0d:eb:59:59:25:4d:51:77:23:84:0d:49:4c:57:ce:25:78:
         fa:f8:40:fe:19:d8:10:71:c8:41:db:74:84:6d:a5:65:57:83:
         9e:0a:40:4b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMzA5MDEw
OTQ1MDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEYyQTk2OEU4MENBRTA4
RUNCNTA2ODNEMjg2MkREQkNFM0U5MUMzRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt41Gng4M0Xqtou/UdhhdwFO9gbzKqObBsSbO3pXeSg/5LKZXG
x1xA+mZVPW5lp1zAZ7xsW49h4fNFV+9c6W2uyGZX6nSR/HNy3F69ZBtliKfGBxnk
IyBmHZtJX+U2vSJbMPouf0ehVtSP1zuWH3dYuuEvYlnqkmEpzJEe/T2tcPwijs6G
RtWcwtPZGHaverN5gxJE2/PUSrxbok7nXYkwJgTAfOeURyVgk5h8KdnmAObDFt43
HLGVR2r9qDmbrqnUFwIq8SWu3kqy3+3hK1POmFZrqATgYEE9xL6gbqFWHze2MONZ
/NBTbihpKoUOIVZEd5QYHxHt2V7X/1AmnW5XAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU8qlo6AyuCOy1BoPShi3bzj6Rw+swHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS84cWxvNkF5dUNPeTFCb1BTaGkz
YnpqNlJ3LXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloFI
MA0GCSqGSIb3DQEBCwUAA4IBAQCfgr+BMeeLqtNqn5IXmLizGsc0gkQZaUJ10/EH
jMJ+C0aXegtcpr9ddiDdsXaL+sgX4m7lxHCNbN+slp+eSfUM13xZxu7pfJhDfzil
qKNLxZNIx9STqovlU85LY2NUcuAvejSmDbbnswZbjx13FR3FS1Iaqo/zKj5DmsvV
PJylSOuexAR5qFhgitwp4/4m/g+wFc3GSlhcQv3NHWG4o4P0yB2HDwfRawyG+5CB
wRaPNyG82Zc36Uqqm9cl540l7tn+JeePlqUtgG0LI5Teo70liGzS8qzWb1R6DetZ
WSVNUXcjhA1JTFfOJXj6+ED+GdgQcchB23SEbaVlV4OeCkBL
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org