Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/EwO7r7aCFL3P2z924xiXwDyzDM0.roa
File:                     EwO7r7aCFL3P2z924xiXwDyzDM0.roa (raw, json)
Hash identifier:          eB+DPqrnQSEElf+LqrYY8sdMK0/YhsWERFpqgSSM3nU=
Subject key identifier:   13:03:BB:AF:B6:82:14:BD:CF:DB:3F:76:E3:18:97:C0:3C:B3:0C:CD
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1EAE
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/EwO7r7aCFL3P2z924xiXwDyzDM0.roa
Signing time:             Fri 01 Sep 2023 10:16:20 +0000
ROA not before:           Fri 01 Sep 2023 10:16:20 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24164
IP address blocks:        49.158.248.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7854 (0x1eae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep  1 10:16:20 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=1303BBAFB68214BDCFDB3F76E31897C03CB30CCD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:95:34:57:05:cd:79:ea:bf:c1:fa:4e:f5:27:
                    85:41:93:2e:c4:1b:9e:ac:aa:39:e8:78:82:58:19:
                    92:c3:4e:6e:eb:26:e9:64:8b:bb:d2:0c:74:2e:6e:
                    95:cc:af:e8:64:3c:69:db:f5:19:f6:84:06:4a:26:
                    d0:f1:f0:a3:91:87:62:29:47:19:1e:54:a2:c0:23:
                    35:3c:72:99:6a:bf:ab:5f:bb:eb:e1:4e:92:b8:d5:
                    28:90:6c:3c:23:38:1f:44:0f:e4:aa:b8:c1:b2:56:
                    9a:76:e1:5f:fa:d4:5a:b8:af:c3:96:13:a6:d2:d7:
                    bb:93:1c:63:38:51:48:22:d0:c8:eb:6d:45:75:d3:
                    53:bf:48:8c:b5:8a:d4:11:21:ff:df:14:7f:43:7b:
                    1d:c7:3c:a4:b6:d5:27:9d:10:a8:2d:74:55:9d:ad:
                    b0:32:0c:b2:83:ab:13:ca:f6:e6:52:22:1a:84:65:
                    ff:67:94:f2:f0:8e:a7:be:d4:ee:5c:ea:b1:49:23:
                    29:36:31:14:51:5c:59:8f:9e:e3:09:29:d4:96:d0:
                    2a:f9:43:d6:d7:ea:8c:93:bf:db:40:ed:cb:f2:26:
                    00:31:05:de:91:0e:8b:e1:af:97:7c:5d:b8:4a:d0:
                    00:52:0c:d7:31:23:68:a7:97:f2:d0:1e:e4:23:4a:
                    62:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:03:BB:AF:B6:82:14:BD:CF:DB:3F:76:E3:18:97:C0:3C:B3:0C:CD
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/EwO7r7aCFL3P2z924xiXwDyzDM0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         10:df:04:19:0d:f3:1c:5d:e2:a2:15:c6:30:6a:e5:40:10:79:
         b6:b8:32:4e:24:e7:70:67:c5:2e:a4:40:f2:64:aa:8d:4c:b5:
         71:3c:66:f9:ae:bc:7e:0b:81:51:dd:c9:92:d4:64:c0:19:ed:
         90:3c:69:67:25:18:00:85:50:d8:20:c8:3b:22:9c:73:11:70:
         d8:ff:0e:af:9c:0c:7a:8a:f2:ac:72:e1:39:1a:d0:03:b1:73:
         2f:55:95:2f:79:f9:1b:fc:d4:3e:a1:5a:68:eb:3c:c9:32:92:
         bf:06:b2:98:37:e0:ac:76:ec:e6:7b:0c:45:9f:ee:e1:81:da:
         f9:e7:a3:f4:c1:20:56:b2:59:a8:68:79:2e:87:f8:e3:e4:f5:
         28:42:17:cf:86:a0:5b:30:78:ab:9b:5a:ad:0c:cf:85:fd:8e:
         23:a3:ed:07:36:cd:41:58:20:04:b5:d5:8d:57:1d:6a:0e:dd:
         ad:67:93:4a:81:9d:fe:b4:5c:02:fd:9b:49:b4:be:af:dc:c4:
         e7:9c:c7:9c:e0:5e:5e:6d:d1:ad:23:c6:0b:76:d6:d2:81:28:
         21:44:7a:fb:3b:20:c9:f2:35:b6:57:99:15:ca:88:ce:95:46:
         c5:c4:88:31:82:3f:c3:ac:cb:24:d1:5d:4b:bd:83:22:ca:04:
         d5:c7:46:f1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMzA5MDEx
MDE2MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDEzMDNCQkFGQjY4MjE0
QkRDRkRCM0Y3NkUzMTg5N0MwM0NCMzBDQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqlTRXBc156r/B+k71J4VBky7EG56sqjnoeIJYGZLDTm7rJulk
i7vSDHQubpXMr+hkPGnb9Rn2hAZKJtDx8KORh2IpRxkeVKLAIzU8cplqv6tfu+vh
TpK41SiQbDwjOB9ED+SquMGyVpp24V/61Fq4r8OWE6bS17uTHGM4UUgi0MjrbUV1
01O/SIy1itQRIf/fFH9Dex3HPKS21SedEKgtdFWdrbAyDLKDqxPK9uZSIhqEZf9n
lPLwjqe+1O5c6rFJIyk2MRRRXFmPnuMJKdSW0Cr5Q9bX6oyTv9tA7cvyJgAxBd6R
Dovhr5d8XbhK0ABSDNcxI2inl/LQHuQjSmLBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEwO7r7aCFL3P2z924xiXwDyzDM0wHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0V3TzdyN2FDRkwzUDJ6OTI0
eGlYd0R5ekRNMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
nvgwDQYJKoZIhvcNAQELBQADggEBABDfBBkN8xxd4qIVxjBq5UAQeba4Mk4k53Bn
xS6kQPJkqo1MtXE8ZvmuvH4LgVHdyZLUZMAZ7ZA8aWclGACFUNggyDsinHMRcNj/
Dq+cDHqK8qxy4Tka0AOxcy9VlS95+Rv81D6hWmjrPMkykr8Gspg34Kx27OZ7DEWf
7uGB2vnno/TBIFayWahoeS6H+OPk9ShCF8+GoFsweKubWq0Mz4X9jiOj7Qc2zUFY
IAS11Y1XHWoO3a1nk0qBnf60XAL9m0m0vq/cxOecx5zgXl5t0a0jxgt21tKBKCFE
evs7IMnyNbZXmRXKiM6VRsXEiDGCP8OsyyTRXUu9gyLKBNXHRvE=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:27 2024 by rpki-client on console-fra.rpki-client.org