Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/rvJtu9OeUfjjcF8-2URt1i9xGdU.roa
File:                     rvJtu9OeUfjjcF8-2URt1i9xGdU.roa (raw, json)
Hash identifier:          j3EwD9yewhRYqDDrgqKzFx5MUIULLA5ktRu3IsikTZs=
Subject key identifier:   AE:F2:6D:BB:D3:9E:51:F8:E3:70:5F:3E:D9:44:6D:D6:2F:71:19:D5
Certificate issuer:       /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial:       1D72
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/rvJtu9OeUfjjcF8-2URt1i9xGdU.roa
Signing time:             Fri 01 Sep 2023 10:14:49 +0000
ROA not before:           Fri 01 Sep 2023 10:14:49 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24164
IP address blocks:        49.158.0.0/20 maxlen: 20

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7538 (0x1d72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
        Validity
            Not Before: Sep  1 10:14:49 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=AEF26DBBD39E51F8E3705F3ED9446DD62F7119D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:08:dc:a8:c5:38:b0:7d:4b:5b:08:67:bc:e2:
                    87:6d:30:4f:a8:7f:8f:60:3a:47:c0:c2:33:10:6f:
                    27:06:02:78:ed:ea:49:34:f2:e4:c4:5b:bc:2c:e7:
                    b9:9e:29:3d:1b:16:a5:85:d4:4e:19:f7:f4:fe:69:
                    80:8f:b9:5f:13:c3:04:ed:d5:a5:8a:d3:ab:79:9e:
                    fb:25:91:4b:d4:3b:84:23:2f:be:5e:b9:cd:23:5a:
                    c3:8d:f6:55:bb:80:1a:83:61:27:3c:dd:f5:d5:b2:
                    e0:96:90:57:e6:1d:0e:2a:0d:b3:cd:cc:64:d2:cd:
                    80:44:f0:09:82:0a:86:50:d0:f4:ab:16:10:f2:9d:
                    5a:d2:45:cb:8c:d6:ff:c1:f1:1d:53:c1:f5:0c:01:
                    ec:4d:e7:0d:0b:db:c6:c5:b0:d8:d4:25:25:f4:8b:
                    98:d3:c0:19:2f:b6:9e:59:ec:74:89:fa:a9:44:d8:
                    8e:8e:82:72:e2:0a:a4:85:96:b9:f3:5f:8f:3a:3a:
                    3d:81:a5:63:b2:05:d9:28:02:64:c0:79:7e:0f:38:
                    dd:25:3c:01:fd:3f:43:e5:c9:8e:65:b3:04:70:9a:
                    6d:6b:9e:9e:22:08:2f:c0:66:65:af:b8:78:b2:8c:
                    d3:30:69:10:29:66:d9:bd:4a:f2:c2:09:c6:d7:ce:
                    57:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:F2:6D:BB:D3:9E:51:F8:E3:70:5F:3E:D9:44:6D:D6:2F:71:19:D5
            X509v3 Authority Key Identifier:
                keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/rvJtu9OeUfjjcF8-2URt1i9xGdU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.158.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         02:ec:3c:97:7a:dc:9f:9e:1a:2f:3b:c2:7a:4c:8f:8b:56:fe:
         fd:d7:14:35:a3:5e:fd:47:c5:ad:29:8d:21:d0:7f:0f:29:56:
         ef:c8:1a:0e:55:c3:08:cf:d3:19:5e:9f:5e:08:38:68:65:5b:
         d2:cd:13:ad:04:9b:14:8f:3b:bc:8c:ba:17:7f:f4:47:3a:2d:
         74:5c:15:1a:a0:39:95:83:e3:3c:1c:06:c0:dd:34:82:72:c7:
         06:7e:56:5e:ae:f6:8b:d6:85:b5:68:69:35:fe:b4:2c:a2:a4:
         80:09:7c:89:c5:90:72:a3:6a:58:53:32:86:99:72:a4:a4:20:
         bd:77:0d:93:a5:83:25:23:7a:44:9b:1a:ab:f3:23:25:09:e4:
         6d:8a:72:e7:26:15:15:12:f1:f9:92:ea:2b:2e:7a:15:b3:c7:
         fb:b6:ca:d9:f9:3f:b5:c6:3d:de:c3:78:08:01:18:95:11:d5:
         a5:a2:3a:83:c3:ab:ef:b2:12:24:b0:34:cb:19:90:d7:29:fa:
         0e:2d:79:ff:38:b3:e8:df:99:a2:8e:3a:80:77:53:cd:b5:63:
         65:85:89:86:fd:da:bc:eb:f5:ff:5d:6c:56:8b:09:04:fe:a9:
         78:19:9f:e6:ca:f2:95:39:ae:bf:2a:64:a3:5d:2d:7d:69:b3:
         dc:9c:cb:75
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMzA5MDEx
MDE0NDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFFRjI2REJCRDM5RTUx
RjhFMzcwNUYzRUQ5NDQ2REQ2MkY3MTE5RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDECNyoxTiwfUtbCGe84odtME+of49gOkfAwjMQbycGAnjt6kk0
8uTEW7ws57meKT0bFqWF1E4Z9/T+aYCPuV8TwwTt1aWK06t5nvslkUvUO4QjL75e
uc0jWsON9lW7gBqDYSc83fXVsuCWkFfmHQ4qDbPNzGTSzYBE8AmCCoZQ0PSrFhDy
nVrSRcuM1v/B8R1TwfUMAexN5w0L28bFsNjUJSX0i5jTwBkvtp5Z7HSJ+qlE2I6O
gnLiCqSFlrnzX486Oj2BpWOyBdkoAmTAeX4PON0lPAH9P0PlyY5lswRwmm1rnp4i
CC/AZmWvuHiyjNMwaRApZtm9SvLCCcbXzldnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrvJtu9OeUfjjcF8+2URt1i9xGdUwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3J2SnR1OU9lVWZqamNGOC0y
VVJ0MWk5eEdkVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQx
ngAwDQYJKoZIhvcNAQELBQADggEBAALsPJd63J+eGi87wnpMj4tW/v3XFDWjXv1H
xa0pjSHQfw8pVu/IGg5VwwjP0xlen14IOGhlW9LNE60EmxSPO7yMuhd/9Ec6LXRc
FRqgOZWD4zwcBsDdNIJyxwZ+Vl6u9ovWhbVoaTX+tCyipIAJfInFkHKjalhTMoaZ
cqSkIL13DZOlgyUjekSbGqvzIyUJ5G2KcucmFRUS8fmS6isuehWzx/u2ytn5P7XG
Pd7DeAgBGJUR1aWiOoPDq++yEiSwNMsZkNcp+g4tef84s+jfmaKOOoB3U821Y2WF
iYb92rzr9f9dbFaLCQT+qXgZn+bK8pU5rr8qZKNdLX1ps9ycy3U=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:21 2024 by rpki-client on console-ams.rpki-client.org