Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/q_xaTiB9e29TemUAOowMQBb47lA.roa
File:                     q_xaTiB9e29TemUAOowMQBb47lA.roa (raw, json)
Hash identifier:          qM+XUTBgnN+1sYlBCgU7+9/R1YZ+Jwoii7yf2GS/h8o=
Subject key identifier:   AB:FC:5A:4E:20:7D:7B:6F:53:7A:65:00:3A:8C:0C:40:16:F8:EE:50
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1EB8
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/q_xaTiB9e29TemUAOowMQBb47lA.roa
Signing time:             Fri 01 Sep 2023 10:16:23 +0000
ROA not before:           Fri 01 Sep 2023 10:16:23 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24164
IP address blocks:        49.159.96.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7864 (0x1eb8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep  1 10:16:23 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=ABFC5A4E207D7B6F537A65003A8C0C4016F8EE50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:78:7e:11:24:69:c9:e8:50:0e:49:f8:a7:ef:
                    d6:2b:70:26:eb:87:c1:e7:97:3f:8e:2e:e6:24:ca:
                    58:c5:25:6b:1d:7b:e5:9c:60:ac:26:3b:d7:27:f9:
                    1e:3c:34:7d:d7:ad:12:48:98:1e:20:06:15:24:8f:
                    4a:c4:e7:26:7d:b3:3f:bf:e0:0c:2e:e8:9f:80:41:
                    5e:1d:0d:07:fe:9e:6c:00:b1:90:e6:7e:03:ee:4d:
                    a6:c2:89:9b:3d:69:b5:7d:d6:94:85:a8:ea:c9:cc:
                    b7:6c:12:1a:61:83:66:b0:f9:12:48:a8:f7:2e:46:
                    26:39:2f:1d:e9:12:6c:5d:07:c1:a8:0d:a7:08:65:
                    0f:17:28:21:36:3b:3a:ac:5d:23:fe:df:c1:ca:72:
                    92:4f:1e:61:ca:42:54:f8:b2:ca:59:03:2d:6d:e6:
                    41:f4:a2:6d:c7:49:39:77:ab:52:3d:69:e8:e8:95:
                    d8:d8:88:9f:cd:40:42:e1:f4:f0:45:a7:b4:6e:72:
                    95:bb:8e:6d:a6:b4:1d:a2:8c:29:11:4f:e2:7e:a2:
                    e5:41:8b:38:c1:a7:2c:78:14:08:5d:c3:14:2c:c5:
                    bf:08:1c:36:53:71:dc:0d:aa:d1:81:c1:2e:a9:35:
                    d9:f0:ec:5a:53:a6:b5:9c:61:45:fa:05:85:1a:1c:
                    cc:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:FC:5A:4E:20:7D:7B:6F:53:7A:65:00:3A:8C:0C:40:16:F8:EE:50
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/q_xaTiB9e29TemUAOowMQBb47lA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.159.96.0/21

    Signature Algorithm: sha256WithRSAEncryption
         07:38:1f:03:c9:65:cc:e0:85:a7:4f:f4:f6:c5:94:ec:f1:db:
         01:03:aa:b1:61:0d:2e:27:ea:d9:77:df:58:e6:9e:64:f8:41:
         67:e3:2c:ef:f6:81:98:f8:a2:a1:ba:e6:fd:95:15:34:67:b0:
         bc:c8:32:74:c9:b6:6c:58:1b:3a:0e:44:5b:61:f9:21:a5:5a:
         6e:d9:91:55:c2:02:ca:d5:19:d7:fd:8a:3a:e9:7c:52:93:7d:
         b9:fe:6e:32:03:0d:80:d5:80:0f:c1:40:88:63:a3:de:05:5c:
         a4:f3:19:ce:73:72:e6:d7:5c:46:91:18:63:5c:46:f2:2f:96:
         84:af:25:21:88:b1:41:ce:3a:78:15:62:34:53:7e:ed:53:f0:
         a1:46:fb:82:bf:f4:d7:cf:f7:63:c6:25:44:bb:22:89:be:8a:
         7c:fa:f0:5d:24:57:26:a4:d0:21:11:6a:5b:41:bc:7e:82:0d:
         86:c1:4e:bc:91:53:7b:64:78:50:71:a0:f8:07:1d:b6:7e:8d:
         19:02:00:b2:50:7e:67:fc:b6:22:62:2c:e9:e3:7e:d6:35:9e:
         77:66:b2:63:98:8a:4a:59:4b:3b:cd:bd:70:10:2c:98:89:3e:
         51:ad:4e:34:ec:1d:c5:41:b6:91:05:33:96:75:3b:7f:95:d6:
         e0:43:22:cb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHrgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMzA5MDEx
MDE2MjNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFCRkM1QTRFMjA3RDdC
NkY1MzdBNjUwMDNBOEMwQzQwMTZGOEVFNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHeH4RJGnJ6FAOSfin79YrcCbrh8Hnlz+OLuYkyljFJWsde+Wc
YKwmO9cn+R48NH3XrRJImB4gBhUkj0rE5yZ9sz+/4Awu6J+AQV4dDQf+nmwAsZDm
fgPuTabCiZs9abV91pSFqOrJzLdsEhphg2aw+RJIqPcuRiY5Lx3pEmxdB8GoDacI
ZQ8XKCE2OzqsXSP+38HKcpJPHmHKQlT4sspZAy1t5kH0om3HSTl3q1I9aejoldjY
iJ/NQELh9PBFp7RucpW7jm2mtB2ijCkRT+J+ouVBizjBpyx4FAhdwxQsxb8IHDZT
cdwNqtGBwS6pNdnw7FpTprWcYUX6BYUaHMz/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUq/xaTiB9e29TemUAOowMQBb47lAwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3FfeGFUaUI5ZTI5VGVtVUFP
b3dNUUJiNDdsQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n2AwDQYJKoZIhvcNAQELBQADggEBAAc4HwPJZczghadP9PbFlOzx2wEDqrFhDS4n
6tl331jmnmT4QWfjLO/2gZj4oqG65v2VFTRnsLzIMnTJtmxYGzoORFth+SGlWm7Z
kVXCAsrVGdf9ijrpfFKTfbn+bjIDDYDVgA/BQIhjo94FXKTzGc5zcubXXEaRGGNc
RvIvloSvJSGIsUHOOngVYjRTfu1T8KFG+4K/9NfP92PGJUS7Iom+inz68F0kVyak
0CERaltBvH6CDYbBTryRU3tkeFBxoPgHHbZ+jRkCALJQfmf8tiJiLOnjftY1nndm
smOYikpZSzvNvXAQLJiJPlGtTjTsHcVBtpEFM5Z1O3+V1uBDIss=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:21 2024 by rpki-client on console-ams.rpki-client.org