Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/TR3EMlES0KBKVLBXb8TVyQk_X-Q.roa
File:                     TR3EMlES0KBKVLBXb8TVyQk_X-Q.roa (raw, json)
Hash identifier:          bbY64dK5pyrEBR8VPAiKJkRXeuwKw7999fmR7U4lHGQ=
Subject key identifier:   4D:1D:C4:32:51:12:D0:A0:4A:54:B0:57:6F:C4:D5:C9:09:3F:5F:E4
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0D1A
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/TR3EMlES0KBKVLBXb8TVyQk_X-Q.roa
Signing time:             Fri 01 Sep 2023 09:59:36 +0000
ROA not before:           Fri 01 Sep 2023 09:59:36 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     1659
IP address blocks:        210.62.64.0/19 maxlen: 19

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3354 (0xd1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep  1 09:59:36 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=4D1DC4325112D0A04A54B0576FC4D5C9093F5FE4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:62:01:af:7f:6b:ce:70:ac:32:7b:ec:22:17:
                    3b:79:1e:9d:e9:5f:8d:27:cc:7b:05:a9:d1:7a:98:
                    67:37:b9:01:65:7f:db:c6:d2:fa:c2:13:42:e2:27:
                    7f:1f:06:02:9a:fb:15:1a:1e:24:fe:a7:3a:a2:53:
                    8b:eb:03:88:a9:53:ed:25:1a:95:89:a1:ae:e7:79:
                    3b:2f:f2:f8:91:ae:5c:b2:71:25:a7:5c:b6:02:28:
                    83:d8:ad:7a:1f:ba:39:21:22:57:9a:80:56:30:90:
                    1a:b3:42:33:d7:53:14:73:e1:65:9b:72:1a:a8:3f:
                    e7:78:fc:44:0e:8a:1e:7d:b8:e5:74:da:b4:4f:56:
                    14:65:66:9a:29:4c:25:25:ed:e1:c0:2b:ec:e3:2e:
                    fc:9b:54:33:f7:b1:b5:50:5e:0c:c5:d0:d6:8f:28:
                    db:39:ae:0e:2a:5a:00:6b:02:7f:3b:9b:14:4e:f1:
                    f6:d2:52:f1:43:90:3c:64:dc:2a:5f:5a:ca:36:7b:
                    ff:5a:0f:be:0b:18:f8:8e:3d:7e:e1:93:d6:59:eb:
                    d9:3d:a9:69:4f:a7:a6:ac:e5:42:81:11:fb:cf:67:
                    31:6f:c8:83:55:d3:9b:03:62:3d:95:70:d1:25:e4:
                    c3:c2:64:1a:49:4f:7d:ea:ef:38:41:e3:8f:5c:32:
                    b3:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:1D:C4:32:51:12:D0:A0:4A:54:B0:57:6F:C4:D5:C9:09:3F:5F:E4
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/TR3EMlES0KBKVLBXb8TVyQk_X-Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.62.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         14:38:6e:2d:15:9c:53:b3:61:21:aa:bc:84:24:3a:9e:01:97:
         04:ee:60:d6:e3:35:9b:12:c3:32:d9:3c:22:59:ea:a5:5a:52:
         54:e8:e6:7c:43:48:80:e3:d3:24:39:74:cf:87:90:9a:53:47:
         f1:49:ec:cb:51:c2:40:a9:1f:23:3d:5f:41:0e:fd:db:70:bb:
         5c:af:d2:e3:4b:b1:f5:56:eb:77:b9:d8:1d:b9:fe:44:19:ce:
         bb:e7:40:3d:eb:ec:a8:e8:77:1f:d9:da:8b:f6:c0:0f:c8:91:
         30:01:f0:cb:76:b6:72:11:f9:01:aa:86:08:65:a2:7b:21:f7:
         32:8f:a5:9b:5c:a2:84:b4:f2:e3:58:00:26:06:d4:81:38:f1:
         ca:80:b4:5a:c8:6e:ec:6e:4a:c1:36:b5:0c:6b:1c:6b:20:28:
         ea:01:a2:bf:97:5e:c1:6c:40:ed:9a:cb:96:6e:a0:fc:0f:9f:
         bf:4a:48:7a:f4:44:ef:f2:dc:93:59:2b:ed:2b:a5:c5:af:fc:
         56:31:33:fc:ec:8f:55:81:13:24:a5:95:44:d7:6e:b7:d5:72:
         f6:e5:dc:94:94:70:1e:59:49:f3:4b:18:93:2e:a9:f5:a6:0e:
         ef:84:c6:41:63:fe:c5:67:a6:04:01:14:8f:df:7a:b0:22:06:
         a2:30:f7:a4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDRowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMzA5MDEw
OTU5MzZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDREMURDNDMyNTExMkQw
QTA0QTU0QjA1NzZGQzRENUM5MDkzRjVGRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvYgGvf2vOcKwye+wiFzt5Hp3pX40nzHsFqdF6mGc3uQFlf9vG
0vrCE0LiJ38fBgKa+xUaHiT+pzqiU4vrA4ipU+0lGpWJoa7neTsv8viRrlyycSWn
XLYCKIPYrXofujkhIleagFYwkBqzQjPXUxRz4WWbchqoP+d4/EQOih59uOV02rRP
VhRlZpopTCUl7eHAK+zjLvybVDP3sbVQXgzF0NaPKNs5rg4qWgBrAn87mxRO8fbS
UvFDkDxk3CpfWso2e/9aD74LGPiOPX7hk9ZZ69k9qWlPp6as5UKBEfvPZzFvyINV
05sDYj2VcNEl5MPCZBpJT33q7zhB449cMrNzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUTR3EMlES0KBKVLBXb8TVyQk/X+QwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9UUjNFTWxFUzBLQktWTEJYYjhU
VnlRa19YLVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF0j5A
MA0GCSqGSIb3DQEBCwUAA4IBAQAUOG4tFZxTs2EhqryEJDqeAZcE7mDW4zWbEsMy
2TwiWeqlWlJU6OZ8Q0iA49MkOXTPh5CaU0fxSezLUcJAqR8jPV9BDv3bcLtcr9Lj
S7H1Vut3udgduf5EGc6750A96+yo6Hcf2dqL9sAPyJEwAfDLdrZyEfkBqoYIZaJ7
Ifcyj6WbXKKEtPLjWAAmBtSBOPHKgLRayG7sbkrBNrUMaxxrICjqAaK/l17BbEDt
msuWbqD8D5+/Skh69ETv8tyTWSvtK6XFr/xWMTP87I9VgRMkpZVE12631XL25dyU
lHAeWUnzSxiTLqn1pg7vhMZBY/7FZ6YEARSP33qwIgaiMPek
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org