Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ObSMUBHARbpUuf6p5HkcQ7aCgdQ.roa
File:                     ObSMUBHARbpUuf6p5HkcQ7aCgdQ.roa (raw, json)
Hash identifier:          wjmuj5LsPMF0ij3wsyWthtIVJ8bA5xVlLMAqhsgphQg=
Subject key identifier:   39:B4:8C:50:11:C0:45:BA:54:B9:FE:A9:E4:79:1C:43:B6:82:81:D4
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       289F
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ObSMUBHARbpUuf6p5HkcQ7aCgdQ.roa
Signing time:             Fri 01 Sep 2023 10:05:35 +0000
ROA not before:           Fri 01 Sep 2023 10:05:35 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38841
IP address blocks:        123.192.112.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10399 (0x289f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep  1 10:05:35 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=39B48C5011C045BA54B9FEA9E4791C43B68281D4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:14:24:6b:ab:ea:1a:30:ab:e2:1b:af:07:73:
                    24:c4:be:14:e7:5b:db:93:07:5c:3f:ac:19:b1:7b:
                    f8:f3:27:d7:13:ad:04:61:41:1c:59:d3:a5:a9:ad:
                    e5:c2:1b:0f:3d:88:53:34:f7:43:a1:a1:47:a1:b4:
                    86:d2:80:e9:1a:71:47:38:ea:32:18:0d:30:09:3c:
                    c7:2a:5d:b4:45:c6:ea:97:9d:04:9f:03:3d:f0:6e:
                    4c:16:c3:ff:29:d8:eb:7e:c7:82:91:58:c9:29:d1:
                    b0:1a:fa:22:65:2f:91:5e:a8:35:3a:ff:6f:84:b0:
                    e2:12:0f:51:8d:5e:28:3a:34:8f:e0:8b:d5:4c:dd:
                    8b:9c:f7:c3:b4:de:b8:99:84:e9:08:92:a3:22:b3:
                    d8:c6:e8:8c:b6:6d:7a:6a:ba:8a:ed:3e:84:4a:73:
                    cc:08:dc:ed:4d:78:53:5f:e9:d7:2a:aa:bb:ca:a0:
                    cc:cf:d5:b4:de:b4:cc:76:63:dd:d8:2d:a0:a2:23:
                    47:bc:20:6d:24:62:e5:e5:f7:4b:8f:36:a2:5f:5e:
                    b5:84:76:9f:00:10:ca:b2:d9:a9:99:e0:84:b0:4d:
                    aa:d5:77:c8:b4:1d:b6:57:bd:20:eb:b4:c1:b5:52:
                    cc:f4:88:56:9c:23:cb:81:7f:0e:8f:fa:c0:f2:94:
                    5f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:B4:8C:50:11:C0:45:BA:54:B9:FE:A9:E4:79:1C:43:B6:82:81:D4
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ObSMUBHARbpUuf6p5HkcQ7aCgdQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.192.112.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1b:d9:6b:c2:62:e4:48:ce:7d:82:88:fe:07:a8:ce:93:d1:3e:
         d2:72:44:ce:8e:66:f3:0e:d6:78:3a:af:e3:fe:9b:bb:85:e2:
         91:53:93:c3:da:51:03:79:70:41:c1:92:80:a7:9f:2e:85:d5:
         c1:f9:04:ec:1b:35:51:78:96:a7:c9:5f:e0:dd:29:c6:a8:87:
         eb:b8:5b:e7:12:cf:85:0b:ee:b7:02:79:6b:95:da:c6:e3:75:
         47:af:62:e9:e7:94:16:50:0c:3c:72:8c:f3:bd:bf:67:6d:6a:
         26:0a:c1:6d:68:25:4c:c7:7f:f4:ab:c4:ec:72:dc:f4:26:2c:
         a6:d7:3a:b9:a7:c3:2f:5c:fc:9c:3c:39:d5:13:e4:5c:ca:21:
         51:1e:6c:ed:06:54:f8:d2:d6:40:ca:2a:82:5b:67:d3:ca:6b:
         48:fd:45:a2:20:90:84:ce:a5:8f:8b:05:14:3a:a5:c5:ad:5b:
         b9:f3:cb:de:8e:5b:ba:9b:e4:71:2b:8a:34:57:51:96:23:1c:
         01:fe:e8:b4:0e:1a:ee:3e:fa:02:42:42:6a:c3:74:65:49:20:
         23:6c:b1:35:59:04:f1:4d:dd:9b:eb:f6:9c:76:a5:f2:e4:a8:
         9c:1b:ad:dd:93:1a:c9:0b:57:02:c5:91:30:81:03:3d:22:41:
         98:df:5c:ab
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKJ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA1MzVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM5QjQ4QzUwMTFDMDQ1
QkE1NEI5RkVBOUU0NzkxQzQzQjY4MjgxRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1FCRrq+oaMKviG68HcyTEvhTnW9uTB1w/rBmxe/jzJ9cTrQRh
QRxZ06WpreXCGw89iFM090OhoUehtIbSgOkacUc46jIYDTAJPMcqXbRFxuqXnQSf
Az3wbkwWw/8p2Ot+x4KRWMkp0bAa+iJlL5FeqDU6/2+EsOISD1GNXig6NI/gi9VM
3Yuc98O03riZhOkIkqMis9jG6Iy2bXpquortPoRKc8wI3O1NeFNf6dcqqrvKoMzP
1bTetMx2Y93YLaCiI0e8IG0kYuXl90uPNqJfXrWEdp8AEMqy2amZ4ISwTarVd8i0
HbZXvSDrtMG1Usz0iFacI8uBfw6P+sDylF95AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUObSMUBHARbpUuf6p5HkcQ7aCgdQwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL09iU01VQkhBUmJwVXVmNnA1
SGtjUTdhQ2dkUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wHAwDQYJKoZIhvcNAQELBQADggEBABvZa8Ji5EjOfYKI/geozpPRPtJyRM6OZvMO
1ng6r+P+m7uF4pFTk8PaUQN5cEHBkoCnny6F1cH5BOwbNVF4lqfJX+DdKcaoh+u4
W+cSz4UL7rcCeWuV2sbjdUevYunnlBZQDDxyjPO9v2dtaiYKwW1oJUzHf/SrxOxy
3PQmLKbXOrmnwy9c/Jw8OdUT5FzKIVEebO0GVPjS1kDKKoJbZ9PKa0j9RaIgkITO
pY+LBRQ6pcWtW7nzy96OW7qb5HErijRXUZYjHAH+6LQOGu4++gJCQmrDdGVJICNs
sTVZBPFN3Zvr9px2pfLkqJwbrd2TGskLVwLFkTCBAz0iQZjfXKs=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:18 2024 by rpki-client on console-ams.rpki-client.org