Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/O2M29SVdv-eCeFLKR8nLCVoAk1k.roa
File:                     O2M29SVdv-eCeFLKR8nLCVoAk1k.roa (raw, json)
Hash identifier:          oZsesBBKRoIZup0+FfPlaO1vnBtNaQJN5qQY4tpnHMc=
Subject key identifier:   3B:63:36:F5:25:5D:BF:E7:82:78:52:CA:47:C9:CB:09:5A:00:93:59
Certificate issuer:       /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial:       0B57
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/O2M29SVdv-eCeFLKR8nLCVoAk1k.roa
Signing time:             Fri 01 Sep 2023 10:00:08 +0000
ROA not before:           Fri 01 Sep 2023 10:00:08 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131590
IP address blocks:        2400:c780:fffe:1d03::/64 maxlen: 64

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2903 (0xb57)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
        Validity
            Not Before: Sep  1 10:00:08 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=3B6336F5255DBFE7827852CA47C9CB095A009359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:87:4f:fe:5f:b7:bc:a1:a5:44:df:15:5e:f6:
                    46:14:88:b8:b8:53:b6:5f:24:38:87:57:af:d9:38:
                    73:25:14:f9:35:3a:20:77:9b:b2:40:0e:bf:92:48:
                    c2:43:ab:c4:c2:13:51:59:54:bc:62:9a:e0:f0:a6:
                    2b:34:ec:73:95:ca:60:b4:f6:a2:95:a3:4f:4a:6d:
                    61:66:b0:7c:de:a0:c1:98:ce:a7:43:72:35:a1:3d:
                    83:1a:10:61:c7:1d:8c:a4:e4:a3:86:b3:33:b0:46:
                    28:53:a0:b6:8c:e7:48:ee:74:a3:7c:be:b4:c5:90:
                    6c:20:63:8b:cf:2c:2e:b5:31:72:53:ca:fb:e8:1d:
                    07:39:08:6c:2d:65:5d:9b:5a:27:03:1f:0b:a7:89:
                    39:b8:aa:93:ae:b4:db:f5:7e:59:f0:9c:43:38:87:
                    d4:7d:6a:ed:72:1f:20:34:9c:6f:eb:8f:14:08:33:
                    1c:19:a3:2d:ea:a1:b2:0a:eb:ba:4f:d8:20:c0:d4:
                    11:60:ee:75:d2:c3:c4:36:9c:4b:3e:4b:9f:f4:c1:
                    15:9e:b6:2c:ac:75:c4:79:fa:36:e3:4e:3e:4f:2d:
                    44:ca:15:a6:7d:43:c1:da:97:b5:d7:a2:70:44:82:
                    30:35:15:a7:eb:fa:d9:aa:46:b6:21:15:88:52:5e:
                    7d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:63:36:F5:25:5D:BF:E7:82:78:52:CA:47:C9:CB:09:5A:00:93:59
            X509v3 Authority Key Identifier:
                keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/O2M29SVdv-eCeFLKR8nLCVoAk1k.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:c780:fffe:1d03::/64

    Signature Algorithm: sha256WithRSAEncryption
         4d:c5:6a:8e:c8:5c:b5:bc:04:a9:d5:47:47:96:94:99:42:eb:
         c0:d2:5a:2e:cf:6e:94:0e:af:c5:25:2d:04:c4:e8:7d:75:ec:
         5a:48:2a:1a:28:97:fa:82:2c:48:04:49:58:47:dc:a4:83:c6:
         e8:b2:d4:c6:a3:eb:ee:7a:84:9c:df:a3:86:89:d6:f8:c5:a1:
         7f:12:60:08:ce:6a:b2:dc:97:b1:e0:a4:b4:d1:67:b4:0f:3e:
         d2:c6:bc:88:3b:22:35:4c:2f:57:92:47:f1:f4:dd:5b:7f:d7:
         53:71:83:4e:8a:a6:a1:43:c1:db:64:10:3a:51:33:12:7b:7c:
         62:51:38:8e:2c:cb:c3:7d:af:2c:4a:e5:c6:e4:c8:e2:1f:65:
         30:b8:1c:f2:54:6c:82:8a:1a:b0:26:d5:09:4d:51:73:15:8e:
         f5:8d:14:34:e9:3c:8e:77:22:3c:cb:0d:f0:72:46:8b:47:e6:
         c5:61:18:1c:c9:24:1c:f0:c7:a9:7e:01:3d:d3:2c:bc:28:63:
         56:1d:c3:ad:0d:5c:90:00:9a:36:36:53:82:95:20:1b:bb:86:
         4d:2c:dc:86:1d:00:b1:2a:67:48:78:9b:14:ab:96:a2:71:87:
         6f:f3:98:74:f2:3c:c2:83:b6:0d:51:69:99:6e:eb:65:03:3f:
         1d:b6:6b:42
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICC1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMzA5MDEx
MDAwMDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNCNjMzNkY1MjU1REJG
RTc4Mjc4NTJDQTQ3QzlDQjA5NUEwMDkzNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/h0/+X7e8oaVE3xVe9kYUiLi4U7ZfJDiHV6/ZOHMlFPk1OiB3
m7JADr+SSMJDq8TCE1FZVLximuDwpis07HOVymC09qKVo09KbWFmsHzeoMGYzqdD
cjWhPYMaEGHHHYyk5KOGszOwRihToLaM50judKN8vrTFkGwgY4vPLC61MXJTyvvo
HQc5CGwtZV2bWicDHwuniTm4qpOutNv1flnwnEM4h9R9au1yHyA0nG/rjxQIMxwZ
oy3qobIK67pP2CDA1BFg7nXSw8Q2nEs+S5/0wRWetiysdcR5+jbjTj5PLUTKFaZ9
Q8Hal7XXonBEgjA1Fafr+tmqRrYhFYhSXn17AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUO2M29SVdv+eCeFLKR8nLCVoAk1kwHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL08yTTI5U1Zkdi1lQ2VGTEtSOG5MQ1Zv
QWsxay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAkAMeA//4d
AzANBgkqhkiG9w0BAQsFAAOCAQEATcVqjshctbwEqdVHR5aUmULrwNJaLs9ulA6v
xSUtBMTofXXsWkgqGiiX+oIsSARJWEfcpIPG6LLUxqPr7nqEnN+jhonW+MWhfxJg
CM5qstyXseCktNFntA8+0sa8iDsiNUwvV5JH8fTdW3/XU3GDToqmoUPB22QQOlEz
Ent8YlE4jizLw32vLErlxuTI4h9lMLgc8lRsgooasCbVCU1RcxWO9Y0UNOk8jnci
PMsN8HJGi0fmxWEYHMkkHPDHqX4BPdMsvChjVh3DrQ1ckACaNjZTgpUgG7uGTSzc
hh0AsSpnSHibFKuWonGHb/OYdPI8woO2DVFpmW7rZQM/HbZrQg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:17 2024 by rpki-client on console-ams.rpki-client.org