Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h0qMsBY3_UYgLCrxsJ8cuWVxAvQ.roa
File:                     h0qMsBY3_UYgLCrxsJ8cuWVxAvQ.roa (raw, json)
Hash identifier:          6RxOJxh15RcvjmrdS6iwtBQYwk0zX5pg8x1otvn0+nM=
Subject key identifier:   87:4A:8C:B0:16:37:FD:46:20:2C:2A:F1:B0:9F:1C:B9:65:71:02:F4
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       2996
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h0qMsBY3_UYgLCrxsJ8cuWVxAvQ.roa
Signing time:             Fri 01 Sep 2023 10:06:47 +0000
ROA not before:           Fri 01 Sep 2023 10:06:47 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38841
IP address blocks:        106.1.238.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10646 (0x2996)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep  1 10:06:47 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=874A8CB01637FD46202C2AF1B09F1CB9657102F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:5b:10:1b:81:cc:19:e6:4b:a4:ee:bb:48:15:
                    20:f4:c4:74:fc:63:a5:59:1c:4a:ba:44:d4:1e:e1:
                    07:d3:a1:60:ad:2c:ee:45:3a:29:f4:7a:e9:3c:5d:
                    24:09:c2:9d:7a:4b:9e:e4:56:99:30:2a:46:db:ee:
                    aa:67:7d:b1:9a:59:5e:9b:be:6a:08:93:92:47:45:
                    d1:df:08:5b:cc:9c:90:e2:19:f5:fe:21:89:b2:89:
                    b1:d5:dd:2c:3a:71:fc:0b:48:54:d3:e3:3a:15:c5:
                    a3:37:bc:2e:b3:02:41:b9:4d:8f:80:c5:a7:bb:3b:
                    db:92:7d:b3:6b:fd:c0:71:c5:2d:8e:8b:04:44:42:
                    b2:14:81:24:cf:da:6e:25:04:79:af:8b:82:4c:56:
                    9e:aa:7b:9f:8d:7a:a2:66:1f:a0:48:f2:7f:7d:d7:
                    cd:e1:db:cf:4d:e5:37:98:be:d9:65:53:e1:cd:18:
                    a5:57:bc:ea:97:0c:10:7c:33:45:71:17:2d:dd:10:
                    e9:4c:b5:31:57:24:5c:e5:fb:a9:ab:b6:f5:64:aa:
                    41:39:e5:30:4a:8e:a9:44:dd:49:2f:36:ac:91:dd:
                    32:6c:d6:a6:81:42:11:8b:24:a5:65:c8:a3:65:57:
                    14:6a:93:f1:17:46:08:2f:5c:c1:ff:2d:f5:72:00:
                    be:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:4A:8C:B0:16:37:FD:46:20:2C:2A:F1:B0:9F:1C:B9:65:71:02:F4
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h0qMsBY3_UYgLCrxsJ8cuWVxAvQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.1.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:63:a4:77:c0:40:0c:b7:40:ee:1f:a5:c5:d5:1b:11:11:40:
         ee:45:af:9c:e3:1b:f8:73:be:71:17:da:99:3c:79:68:f8:95:
         85:39:2b:c8:83:0b:3a:19:a7:9b:3e:04:33:b9:d9:63:73:2b:
         ca:60:e3:0f:79:f2:43:ca:d3:0b:bd:aa:23:4c:86:f9:b2:b7:
         d2:ab:96:ff:15:bd:69:8c:91:83:e5:70:08:7f:47:de:54:72:
         23:27:27:19:ce:e7:06:3b:52:6a:de:13:43:5b:5a:01:b9:93:
         9a:b0:98:eb:2f:3f:d0:eb:c4:43:39:26:e1:f2:79:bd:53:12:
         d3:eb:2a:a9:90:7c:50:58:95:0f:16:c2:ae:f4:cd:bb:2e:6a:
         12:2a:15:46:1e:11:69:8b:84:d4:44:fd:f7:f6:c9:f4:ef:10:
         67:d5:b3:c5:61:73:e3:3f:b6:6b:1d:55:f4:50:a2:44:12:52:
         e9:89:c8:19:71:4e:79:03:2b:5e:60:c9:e7:35:30:5f:e3:6d:
         b4:2c:97:a8:e6:2e:19:80:a4:b2:dd:f3:66:1d:66:1b:26:ae:
         47:5e:96:ae:09:9a:6e:bc:4d:a1:52:62:08:3e:94:41:62:61:
         a3:ff:97:1d:8a:08:2d:5a:0f:05:8b:9c:1d:bc:03:8a:9c:20:
         cb:90:a6:82
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA2NDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg3NEE4Q0IwMTYzN0ZE
NDYyMDJDMkFGMUIwOUYxQ0I5NjU3MTAyRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjWxAbgcwZ5kuk7rtIFSD0xHT8Y6VZHEq6RNQe4QfToWCtLO5F
Oin0euk8XSQJwp16S57kVpkwKkbb7qpnfbGaWV6bvmoIk5JHRdHfCFvMnJDiGfX+
IYmyibHV3Sw6cfwLSFTT4zoVxaM3vC6zAkG5TY+Axae7O9uSfbNr/cBxxS2OiwRE
QrIUgSTP2m4lBHmvi4JMVp6qe5+NeqJmH6BI8n99183h289N5TeYvtllU+HNGKVX
vOqXDBB8M0VxFy3dEOlMtTFXJFzl+6mrtvVkqkE55TBKjqlE3UkvNqyR3TJs1qaB
QhGLJKVlyKNlVxRqk/EXRggvXMH/LfVyAL6RAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUh0qMsBY3/UYgLCrxsJ8cuWVxAvQwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2gwcU1zQlkzX1VZZ0xDcnhz
SjhjdVdWeEF2US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFq
Ae4wDQYJKoZIhvcNAQELBQADggEBAGFjpHfAQAy3QO4fpcXVGxERQO5Fr5zjG/hz
vnEX2pk8eWj4lYU5K8iDCzoZp5s+BDO52WNzK8pg4w958kPK0wu9qiNMhvmyt9Kr
lv8VvWmMkYPlcAh/R95UciMnJxnO5wY7UmreE0NbWgG5k5qwmOsvP9DrxEM5JuHy
eb1TEtPrKqmQfFBYlQ8Wwq70zbsuahIqFUYeEWmLhNRE/ff2yfTvEGfVs8Vhc+M/
tmsdVfRQokQSUumJyBlxTnkDK15gyec1MF/jbbQsl6jmLhmApLLd82YdZhsmrkde
lq4Jmm68TaFSYgg+lEFiYaP/lx2KCC1aDwWLnB28A4qcIMuQpoI=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:26 2024 by rpki-client on console-fra.rpki-client.org