Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/k0q2OmfLId25HAVZlDwa9zg0kXA.roa
File:                     k0q2OmfLId25HAVZlDwa9zg0kXA.roa (raw, json)
Hash identifier:          prz2URakpQC6saQZkmr+5Io9X0o5V+8kPw3axTV04BQ=
Subject key identifier:   93:4A:B6:3A:67:CB:21:DD:B9:1C:05:59:94:3C:1A:F7:38:34:91:70
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       2A20
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/k0q2OmfLId25HAVZlDwa9zg0kXA.roa
Signing time:             Fri 01 Sep 2023 10:07:31 +0000
ROA not before:           Fri 01 Sep 2023 10:07:31 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38841
IP address blocks:        211.76.112.0/20 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10784 (0x2a20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep  1 10:07:31 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=934AB63A67CB21DDB91C0559943C1AF738349170
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:8b:6f:06:62:2c:be:d9:16:58:54:45:74:78:
                    98:be:6c:14:5c:cf:6e:f6:32:4f:02:76:c8:d5:ad:
                    13:33:49:b7:5d:38:47:50:52:91:19:7d:c2:3e:30:
                    49:cf:01:d6:df:6d:7f:9f:fe:17:2c:8d:09:66:33:
                    13:f1:75:af:bd:0d:2b:da:24:20:2a:28:15:40:ef:
                    f6:78:3b:20:97:9a:19:0b:b2:1f:d8:f1:e4:a2:e6:
                    0b:bb:c8:5b:a9:18:93:77:b3:c0:fc:85:a0:45:3e:
                    73:8e:99:7b:83:88:2b:42:ed:19:1f:91:33:f2:c4:
                    e7:41:64:11:9a:66:30:c3:59:ee:aa:b7:ef:c9:44:
                    f8:1b:80:38:b8:ff:45:57:b5:42:67:3c:c9:06:1b:
                    52:ab:01:9b:fa:74:46:8d:15:6c:3d:27:3f:ba:d1:
                    5f:b7:62:7e:ce:d1:a4:19:7f:6d:72:91:11:32:d0:
                    d8:69:a4:80:4f:89:5a:62:1e:3a:ad:5e:88:64:6b:
                    96:47:50:e5:0d:09:ed:94:c8:81:36:66:9b:78:fa:
                    ec:c4:83:90:75:6f:72:4b:26:0e:10:1f:76:a8:b3:
                    cd:f8:97:92:04:6b:7a:26:a7:cb:bf:24:e0:bf:0c:
                    92:69:92:e4:c0:78:bf:e4:0a:f0:fb:c4:4a:18:62:
                    a7:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:4A:B6:3A:67:CB:21:DD:B9:1C:05:59:94:3C:1A:F7:38:34:91:70
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/k0q2OmfLId25HAVZlDwa9zg0kXA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.76.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a6:a6:17:58:23:f2:43:ea:51:90:32:d8:6a:5c:6e:5e:32:9b:
         d1:23:9b:24:60:f1:d9:5d:d8:b6:65:81:62:0e:78:d2:7e:03:
         de:7a:12:ad:78:f2:d9:e5:e3:86:9c:30:59:09:97:29:3f:a5:
         9b:af:4e:32:28:c3:a8:31:cd:6d:cb:9e:3c:83:e7:06:34:6d:
         c0:e5:9f:10:b6:75:fd:9e:f3:a8:a7:e8:22:fa:22:f4:48:a3:
         db:e6:37:93:b4:ce:b7:d7:33:a1:18:44:03:3e:9a:93:d6:b0:
         bc:07:7f:b8:12:b0:51:46:5f:a8:e4:7e:69:d7:5d:10:48:4a:
         89:90:c2:c3:05:2a:ab:cb:f7:e4:21:95:13:43:96:22:2d:e2:
         5d:dd:7e:ce:6e:9d:b2:31:6b:cb:67:95:62:38:f8:8f:a7:73:
         df:28:3f:f1:1a:d3:c0:fc:3c:86:da:e3:1d:d0:30:f1:91:53:
         d0:4c:3f:b5:46:8b:61:7d:c9:26:4c:40:80:47:28:f6:c3:fa:
         e9:7e:8b:9a:05:2f:98:a6:50:33:c1:97:7f:3a:e7:0b:f6:bc:
         e3:97:7d:2f:de:8e:04:ad:f2:9a:08:e2:cd:38:94:a0:e8:73:
         42:67:0c:17:b8:6d:cf:08:e7:6e:16:86:9c:7c:e8:2d:09:fe:
         c0:b7:6b:fa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA3MzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkzNEFCNjNBNjdDQjIx
RERCOTFDMDU1OTk0M0MxQUY3MzgzNDkxNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7i28GYiy+2RZYVEV0eJi+bBRcz272Mk8CdsjVrRMzSbddOEdQ
UpEZfcI+MEnPAdbfbX+f/hcsjQlmMxPxda+9DSvaJCAqKBVA7/Z4OyCXmhkLsh/Y
8eSi5gu7yFupGJN3s8D8haBFPnOOmXuDiCtC7RkfkTPyxOdBZBGaZjDDWe6qt+/J
RPgbgDi4/0VXtUJnPMkGG1KrAZv6dEaNFWw9Jz+60V+3Yn7O0aQZf21ykREy0Nhp
pIBPiVpiHjqtXohka5ZHUOUNCe2UyIE2Zpt4+uzEg5B1b3JLJg4QH3aos834l5IE
a3omp8u/JOC/DJJpkuTAeL/kCvD7xEoYYqdFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUk0q2OmfLId25HAVZlDwa9zg0kXAwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2swcTJPbWZMSWQyNUhBVlps
RHdhOXpnMGtYQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATT
THAwDQYJKoZIhvcNAQELBQADggEBAKamF1gj8kPqUZAy2Gpcbl4ym9EjmyRg8dld
2LZlgWIOeNJ+A956Eq148tnl44acMFkJlyk/pZuvTjIow6gxzW3LnjyD5wY0bcDl
nxC2df2e86in6CL6IvRIo9vmN5O0zrfXM6EYRAM+mpPWsLwHf7gSsFFGX6jkfmnX
XRBISomQwsMFKqvL9+QhlRNDliIt4l3dfs5unbIxa8tnlWI4+I+nc98oP/Ea08D8
PIba4x3QMPGRU9BMP7VGi2F9ySZMQIBHKPbD+ul+i5oFL5imUDPBl3865wv2vOOX
fS/ejgSt8poI4s04lKDoc0JnDBe4bc8I524Whpx86C0J/sC3a/o=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:26 2024 by rpki-client on console-fra.rpki-client.org