Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/lMVZrt1D3EJFkW8QVzdhe6Fj_Ig.roa
File:                     lMVZrt1D3EJFkW8QVzdhe6Fj_Ig.roa (raw, json)
Hash identifier:          KDrUqQUZ0TxR3tgK9bXozfQQmIRFkOJE7X5Wxw7cF+4=
Subject key identifier:   94:C5:59:AE:DD:43:DC:42:45:91:6F:10:57:37:61:7B:A1:63:FC:88
Certificate issuer:       /CN=390A0412F8B5EC4F3F9FDBB3A61270DBD0EA9E6B
Certificate serial:       0B8D
Authority key identifier: 39:0A:04:12:F8:B5:EC:4F:3F:9F:DB:B3:A6:12:70:DB:D0:EA:9E:6B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/OQoEEvi17E8_n9uzphJw29Dqnms.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/lMVZrt1D3EJFkW8QVzdhe6Fj_Ig.roa
Signing time:             Fri 08 Dec 2023 08:59:29 +0000
ROA not before:           Fri 08 Dec 2023 08:59:29 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18419
IP address blocks:        103.130.96.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2957 (0xb8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=390A0412F8B5EC4F3F9FDBB3A61270DBD0EA9E6B
        Validity
            Not Before: Dec  8 08:59:29 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=94C559AEDD43DC4245916F105737617BA163FC88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4c:63:5e:10:1d:24:e9:e2:bc:26:51:99:8e:
                    91:fa:19:f8:ff:d0:a1:a2:c8:63:46:3e:56:f8:3e:
                    a7:c4:3d:4c:6b:e0:51:db:c3:8f:fe:53:3b:c9:52:
                    f1:5c:e4:ee:c6:5e:00:73:28:1b:d4:76:78:b3:7c:
                    90:d1:19:06:c8:1c:92:13:84:e6:78:c0:86:87:c1:
                    d8:93:4b:fd:ad:8b:cc:b1:39:84:99:78:45:8a:4d:
                    77:6e:5b:80:1d:d2:d2:84:a7:c9:a3:ac:9d:d2:22:
                    f0:1e:56:f3:2d:a2:ee:40:76:a6:d5:2c:b4:24:e8:
                    ae:71:ba:84:80:8c:43:0d:b9:25:7c:37:46:4b:b4:
                    14:d6:a6:39:61:ac:4a:62:0a:71:9d:92:a9:07:6a:
                    77:b1:ef:60:9e:5b:e6:07:35:d6:a6:a6:cd:7a:e1:
                    8a:d2:9a:88:e3:52:1e:b9:a5:bc:56:12:3c:14:21:
                    93:bd:ae:cf:74:1e:3d:03:e4:c7:32:82:13:af:62:
                    dc:8f:6b:96:65:53:8f:f5:ed:02:bf:9a:6a:4c:5d:
                    b6:70:58:57:f2:a5:12:2b:20:05:b6:13:12:b2:c0:
                    b1:d9:d6:0b:4e:e8:0d:44:c7:19:77:77:7a:29:42:
                    c3:72:1c:95:9c:69:c2:07:fd:ab:e9:d2:73:7f:a9:
                    f0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:C5:59:AE:DD:43:DC:42:45:91:6F:10:57:37:61:7B:A1:63:FC:88
            X509v3 Authority Key Identifier:
                keyid:39:0A:04:12:F8:B5:EC:4F:3F:9F:DB:B3:A6:12:70:DB:D0:EA:9E:6B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/OQoEEvi17E8_n9uzphJw29Dqnms.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OQoEEvi17E8_n9uzphJw29Dqnms.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/lMVZrt1D3EJFkW8QVzdhe6Fj_Ig.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:c6:4a:29:3d:b0:ff:fd:27:7f:39:5b:c7:de:5f:ee:a2:9d:
         93:47:7f:0b:c2:de:f3:00:4c:f0:f7:f9:6b:d8:b8:1b:2d:d1:
         75:49:9b:3b:28:f7:b6:fe:5d:11:2c:2e:c1:8e:22:d0:10:c2:
         8a:eb:2e:6f:ec:7b:71:dd:9f:c4:18:a6:00:49:d7:c1:58:92:
         b3:e7:c3:09:c5:2c:b8:19:0f:96:b2:7b:e3:0f:82:74:fc:a3:
         06:c0:d2:b5:55:0c:e2:d1:db:30:d2:1f:25:0c:44:eb:dd:44:
         41:04:f8:19:ce:7c:20:75:45:be:e2:30:b7:53:e1:e5:65:c6:
         a1:24:b8:cc:c9:59:c2:ef:f7:e0:c8:e4:e2:b5:30:fd:3f:83:
         40:82:94:24:16:24:61:b6:63:1f:82:dc:a4:34:63:b8:f6:fe:
         06:a3:c7:1b:dc:4c:66:5a:ca:39:68:01:df:ce:35:e3:18:5e:
         f9:4d:a6:df:aa:42:2e:f3:54:3e:f8:be:3c:5a:f7:f6:55:e0:
         f6:3a:34:3b:15:7f:24:19:70:6a:00:39:b9:86:a1:f8:d6:71:
         13:b6:57:ce:d9:12:b2:c4:d0:3c:c8:df:48:55:c6:22:c2:32:
         68:bd:19:53:d8:62:93:79:e8:47:71:fd:a2:1d:6e:2f:3a:41:
         b7:3a:48:cc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICC40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzkw
QTA0MTJGOEI1RUM0RjNGOUZEQkIzQTYxMjcwREJEMEVBOUU2QjAeFw0yMzEyMDgw
ODU5MjlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk0QzU1OUFFREQ0M0RD
NDI0NTkxNkYxMDU3Mzc2MTdCQTE2M0ZDODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsTGNeEB0k6eK8JlGZjpH6Gfj/0KGiyGNGPlb4PqfEPUxr4FHb
w4/+UzvJUvFc5O7GXgBzKBvUdnizfJDRGQbIHJIThOZ4wIaHwdiTS/2ti8yxOYSZ
eEWKTXduW4Ad0tKEp8mjrJ3SIvAeVvMtou5AdqbVLLQk6K5xuoSAjEMNuSV8N0ZL
tBTWpjlhrEpiCnGdkqkHanex72CeW+YHNdamps164YrSmojjUh65pbxWEjwUIZO9
rs90Hj0D5McyghOvYtyPa5ZlU4/17QK/mmpMXbZwWFfypRIrIAW2ExKywLHZ1gtO
6A1Exxl3d3opQsNyHJWcacIH/avp0nN/qfBZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUlMVZrt1D3EJFkW8QVzdhe6Fj/IgwHwYDVR0jBBgwFoAUOQoEEvi17E8/n9uz
phJw29DqnmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVU5JR0FU
RS9PUW9FRXZpMTdFOF9uOXV6cGhKdzI5RHFubXMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL09Rb0VFdmkxN0U4X245dXpwaEp3MjlEcW5tcy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1VOSUdBVEUvbE1WWnJ0MUQzRUpGa1c4
UVZ6ZGhlNkZqX0lnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AmeCYDANBgkqhkiG9w0BAQsFAAOCAQEALcZKKT2w//0nfzlbx95f7qKdk0d/C8Le
8wBM8Pf5a9i4Gy3RdUmbOyj3tv5dESwuwY4i0BDCiusub+x7cd2fxBimAEnXwViS
s+fDCcUsuBkPlrJ74w+CdPyjBsDStVUM4tHbMNIfJQxE691EQQT4Gc58IHVFvuIw
t1Ph5WXGoSS4zMlZwu/34Mjk4rUw/T+DQIKUJBYkYbZjH4LcpDRjuPb+BqPHG9xM
ZlrKOWgB38414xhe+U2m36pCLvNUPvi+PFr39lXg9jo0OxV/JBlwagA5uYah+NZx
E7ZXztkSssTQPMjfSFXGIsIyaL0ZU9hik3noR3H9oh1uLzpBtzpIzA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:28 2024 by rpki-client on console-fra.rpki-client.org