Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TINP/jAWGozoq8t0r644oJQdIOyrewrk.roa
File:                     jAWGozoq8t0r644oJQdIOyrewrk.roa (raw, json)
Hash identifier:          rM4oPrDNqkImdW9plPBz6f5UcegPHI9W3FoRsmdHiRA=
Subject key identifier:   8C:05:86:A3:3A:2A:F2:DD:2B:EB:8E:28:25:07:48:3B:2A:DE:C2:B9
Certificate issuer:       /CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
Certificate serial:       0BAB
Authority key identifier: E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/jAWGozoq8t0r644oJQdIOyrewrk.roa
Signing time:             Fri 01 Sep 2023 10:01:10 +0000
ROA not before:           Fri 01 Sep 2023 10:01:10 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18049
IP address blocks:        58.99.64.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2987 (0xbab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
        Validity
            Not Before: Sep  1 10:01:10 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=8C0586A33A2AF2DD2BEB8E282507483B2ADEC2B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:93:a7:c7:74:48:72:44:88:86:33:6d:25:ed:
                    e8:b1:0c:c7:6c:85:68:05:39:9c:f0:3a:76:76:c0:
                    1a:53:a0:26:97:2e:21:60:58:1e:bf:a7:e7:8c:e5:
                    a7:46:a5:67:06:5d:7d:a1:d8:de:97:96:f8:4e:a9:
                    30:c2:72:3b:3f:7b:48:c4:df:e9:63:4b:15:d2:20:
                    29:19:7d:c8:a0:40:7b:b6:a3:34:21:8e:76:1e:a0:
                    5a:84:b4:8d:a1:87:f8:8b:99:ef:03:71:ad:ea:ef:
                    65:cd:ce:dc:13:ff:7a:5d:c7:04:29:92:26:8f:a1:
                    2d:ff:a1:8f:0b:1b:4c:22:a5:05:af:f6:04:75:59:
                    d8:98:a5:d2:2b:cd:84:87:dd:07:50:39:b5:ae:8b:
                    47:7c:57:33:c2:f7:6c:b6:e1:0d:96:6f:c1:3b:ab:
                    db:1f:0c:17:20:b3:fb:40:ab:71:d5:1d:7b:05:21:
                    b8:c1:81:e5:3a:ad:d7:0b:e2:2a:0b:48:99:37:59:
                    c5:f1:40:98:a3:4a:c0:d4:96:c5:d9:b1:62:1b:d1:
                    40:ae:2d:c2:b7:48:cc:63:2b:d8:1a:6f:b0:11:f0:
                    72:40:0c:7e:e7:fa:8e:6b:e6:80:03:59:a2:a4:66:
                    39:92:8a:e1:aa:2b:a9:57:fe:28:c8:78:7f:d1:3c:
                    fb:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:05:86:A3:3A:2A:F2:DD:2B:EB:8E:28:25:07:48:3B:2A:DE:C2:B9
            X509v3 Authority Key Identifier:
                keyid:E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/4CWCsCflcDjqAKPoSE1V3uouGio.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/jAWGozoq8t0r644oJQdIOyrewrk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.99.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         83:bc:ad:06:6b:bb:b0:5e:40:38:6b:0c:27:61:fa:6e:70:d0:
         84:f1:d1:64:37:ad:83:b2:1c:53:e8:f4:0c:94:71:e7:ee:32:
         b6:36:6d:62:0a:39:4b:0b:ab:24:d8:ea:52:8f:e0:ab:cc:6b:
         0b:68:e0:8d:f0:07:85:93:80:1b:51:bd:b0:15:be:46:ec:16:
         f2:53:96:1a:19:11:7e:3b:99:0a:11:40:2c:fb:ad:8b:f8:2c:
         3f:3b:b1:27:2e:ba:70:44:44:b5:6e:dd:c6:e4:9d:32:6a:68:
         11:28:d3:22:bf:54:59:21:e9:dd:e6:c4:f2:1f:a1:48:8f:7c:
         2a:b6:c9:0a:e7:9b:84:33:dc:bd:e8:58:d2:a1:58:12:4c:5c:
         e0:3c:8f:3b:be:f4:34:44:dc:e4:64:96:78:92:4c:75:22:cf:
         8d:ef:a2:e3:49:66:e7:e1:0c:89:61:15:f4:85:63:e4:b7:7e:
         86:67:27:d4:b1:96:7c:c6:06:a7:34:48:19:d6:42:03:be:1e:
         a7:f3:2d:31:9a:7a:1d:a5:4b:d2:cb:4d:35:9b:78:3f:cb:bb:
         2f:04:3f:2c:1a:79:7f:ce:99:1e:aa:fd:4f:8b:78:8a:ed:af:
         cc:a2:5b:8b:ee:94:0f:9e:a9:b2:b8:00:47:db:25:a5:35:7c:
         17:4c:75:bd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTAy
NTgyQjAyN0U1NzAzOEVBMDBBM0U4NDg0RDU1REVFQTJFMUEyQTAeFw0yMzA5MDEx
MDAxMTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDhDMDU4NkEzM0EyQUYy
REQyQkVCOEUyODI1MDc0ODNCMkFERUMyQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwk6fHdEhyRIiGM20l7eixDMdshWgFOZzwOnZ2wBpToCaXLiFg
WB6/p+eM5adGpWcGXX2h2N6XlvhOqTDCcjs/e0jE3+ljSxXSICkZfcigQHu2ozQh
jnYeoFqEtI2hh/iLme8Dca3q72XNztwT/3pdxwQpkiaPoS3/oY8LG0wipQWv9gR1
WdiYpdIrzYSH3QdQObWui0d8VzPC92y24Q2Wb8E7q9sfDBcgs/tAq3HVHXsFIbjB
geU6rdcL4ioLSJk3WcXxQJijSsDUlsXZsWIb0UCuLcK3SMxjK9gab7AR8HJADH7n
+o5r5oADWaKkZjmSiuGqK6lX/ijIeH/RPPvBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUjAWGozoq8t0r644oJQdIOyrewrkwHwYDVR0jBBgwFoAU4CWCsCflcDjqAKPo
SE1V3uouGiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElOUC80
Q1dDc0NmbGNEanFBS1BvU0UxVjN1b3VHaW8uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzRDV0NzQ2ZsY0RqcUFLUG9TRTFWM3VvdUdpby5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJTlAvakFXR296b3E4dDByNjQ0b0pRZElP
eXJld3JrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjpjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAg7ytBmu7sF5AOGsMJ2H6bnDQhPHRZDetg7IcU+j0
DJRx5+4ytjZtYgo5SwurJNjqUo/gq8xrC2jgjfAHhZOAG1G9sBW+RuwW8lOWGhkR
fjuZChFALPuti/gsPzuxJy66cEREtW7dxuSdMmpoESjTIr9UWSHp3ebE8h+hSI98
KrbJCuebhDPcvehY0qFYEkxc4DyPO770NETc5GSWeJJMdSLPje+i40lm5+EMiWEV
9IVj5Ld+hmcn1LGWfMYGpzRIGdZCA74ep/MtMZp6HaVL0stNNZt4P8u7LwQ/LBp5
f86ZHqr9T4t4iu2vzKJbi+6UD56psrgAR9slpTV8F0x1vQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org