Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3C3zaRNrmn3ODVjESzLd88sERa8.roa
File:                     3C3zaRNrmn3ODVjESzLd88sERa8.roa (raw, json)
Hash identifier:          wwsm9CAo8pqGAIeRX5TVHr42fVhID/x738DGJRHnRPA=
Subject key identifier:   DC:2D:F3:69:13:6B:9A:7D:CE:0D:58:C4:4B:32:DD:F3:CB:04:45:AF
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       2A95
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3C3zaRNrmn3ODVjESzLd88sERa8.roa
Signing time:             Fri 01 Sep 2023 10:08:04 +0000
ROA not before:           Fri 01 Sep 2023 10:08:04 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9924
IP address blocks:        123.195.224.0/20 maxlen: 20

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10901 (0x2a95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep  1 10:08:04 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=DC2DF369136B9A7DCE0D58C44B32DDF3CB0445AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:34:5a:69:d4:12:12:9d:72:9c:2a:5e:5e:da:
                    ff:0b:73:8f:c4:2c:b9:95:19:d5:b8:d5:c5:5b:7d:
                    5a:d1:61:a4:1b:d6:7b:34:61:a7:71:a9:28:fd:a4:
                    34:f1:dc:ed:d6:3a:ae:62:b9:2c:e7:05:58:32:f0:
                    1d:f9:33:2c:c3:40:85:54:ac:64:e3:8e:5e:c1:01:
                    21:ad:9b:33:4b:e1:1e:b4:b0:a3:aa:ee:8b:1a:08:
                    34:d7:a3:f4:02:d7:e5:d9:c1:25:c5:ba:d9:76:d0:
                    00:74:78:e4:29:e6:38:bc:eb:84:10:6a:f5:99:fb:
                    ba:1f:75:eb:89:28:10:33:f0:ab:73:1d:91:03:87:
                    8b:50:06:59:4c:0f:4f:2c:00:c4:94:73:ef:92:0e:
                    da:98:67:45:3b:4b:a4:92:ac:ce:e7:af:9c:10:ab:
                    76:4f:c8:90:f6:99:e6:4c:16:e0:7f:93:39:43:c2:
                    7a:40:47:67:40:fa:ba:88:d9:4b:1b:bc:12:e1:0f:
                    02:df:52:66:67:ed:46:22:d9:45:f9:b1:9b:df:8f:
                    87:8a:de:3f:01:c8:79:c9:77:42:4f:4f:bc:7b:ef:
                    c9:f9:9c:d6:1f:4e:bd:e2:ad:99:01:eb:6b:a1:2c:
                    5a:af:44:48:72:0f:9f:27:77:45:4a:a1:7f:f8:cf:
                    5f:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:2D:F3:69:13:6B:9A:7D:CE:0D:58:C4:4B:32:DD:F3:CB:04:45:AF
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/3C3zaRNrmn3ODVjESzLd88sERa8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.195.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b9:b1:3b:b9:7e:55:85:9f:fb:33:ed:e0:66:77:d5:39:47:2b:
         69:c1:13:3f:8d:df:b3:c8:87:91:65:11:da:eb:d8:c1:ce:ad:
         cc:fa:b5:7d:eb:37:05:24:fe:1b:73:e3:b3:1b:15:88:e0:d7:
         4c:fb:21:50:90:95:9d:85:ec:7f:03:3e:2a:bc:68:79:cd:45:
         f5:fa:38:05:77:f7:cf:74:47:c8:d0:88:ff:49:ff:01:b0:1f:
         de:3e:a5:04:04:89:5e:10:d4:54:9e:96:5b:d6:35:85:bd:6a:
         bb:5d:c3:f7:53:06:74:29:2e:2b:c4:7b:36:a5:f0:e7:a5:5d:
         df:a5:ea:f2:1a:3a:22:15:b5:89:5e:33:34:47:cc:5c:ea:b2:
         36:1a:eb:43:fc:71:5d:2a:d0:be:98:33:f3:fe:39:07:26:e1:
         25:3b:5f:56:53:27:3e:01:34:b4:5c:08:ca:3b:c1:d5:01:90:
         86:7f:41:15:3c:13:87:8c:70:0d:a9:29:e2:90:31:09:f8:04:
         5b:8c:ac:6e:4a:05:a7:7c:0f:17:a3:97:aa:97:13:74:56:67:
         d9:e4:fe:e3:74:39:b2:e4:ad:a4:50:48:e3:9e:cd:55:99:4d:
         47:04:2a:b6:fe:fb:ed:13:36:20:3b:99:fd:bf:93:e9:db:2a:
         4d:ed:7f:3f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA4MDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKERDMkRGMzY5MTM2QjlB
N0RDRTBENThDNDRCMzJEREYzQ0IwNDQ1QUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcNFpp1BISnXKcKl5e2v8Lc4/ELLmVGdW41cVbfVrRYaQb1ns0
YadxqSj9pDTx3O3WOq5iuSznBVgy8B35MyzDQIVUrGTjjl7BASGtmzNL4R60sKOq
7osaCDTXo/QC1+XZwSXFutl20AB0eOQp5ji864QQavWZ+7ofdeuJKBAz8KtzHZED
h4tQBllMD08sAMSUc++SDtqYZ0U7S6SSrM7nr5wQq3ZPyJD2meZMFuB/kzlDwnpA
R2dA+rqI2UsbvBLhDwLfUmZn7UYi2UX5sZvfj4eK3j8ByHnJd0JPT7x778n5nNYf
Tr3irZkB62uhLFqvREhyD58nd0VKoX/4z1+xAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3C3zaRNrmn3ODVjESzLd88sERa8wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzNDM3phUk5ybW4zT0RWakVT
ekxkODhzRVJhOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR7
w+AwDQYJKoZIhvcNAQELBQADggEBALmxO7l+VYWf+zPt4GZ31TlHK2nBEz+N37PI
h5FlEdrr2MHOrcz6tX3rNwUk/htz47MbFYjg10z7IVCQlZ2F7H8DPiq8aHnNRfX6
OAV39890R8jQiP9J/wGwH94+pQQEiV4Q1FSellvWNYW9artdw/dTBnQpLivEezal
8OelXd+l6vIaOiIVtYleMzRHzFzqsjYa60P8cV0q0L6YM/P+OQcm4SU7X1ZTJz4B
NLRcCMo7wdUBkIZ/QRU8E4eMcA2pKeKQMQn4BFuMrG5KBad8Dxejl6qXE3RWZ9nk
/uN0ObLkraRQSOOezVWZTUcEKrb+++0TNiA7mf2/k+nbKk3tfz8=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:17 2024 by rpki-client on console-ams.rpki-client.org