Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS26613.roa
File:                     AS26613.roa (raw, json)
Hash identifier:          QurCLhlhJfwauvPjxzuzVXz1Fo0fcmaxXI+FKayE3gk=
Subject key identifier:   6A:EB:2C:F0:13:93:6F:95:8D:B2:2B:C5:B4:03:D9:4B:D1:03:93:62
Certificate issuer:       /CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
Certificate serial:       574C60686623B2805E56C8BAC61649EB1F031780
Authority key identifier: B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS26613.roa
Signing time:             Tue 04 Feb 2025 18:44:13 +0000
ROA not before:           Tue 04 Feb 2025 18:39:13 +0000
ROA not after:            Tue 03 Feb 2026 18:44:13 +0000
asID:                     26613
IP address blocks:        181.113.192.0/24 maxlen: 24
                          186.46.168.0/24 maxlen: 24
                          190.152.95.0/24 maxlen: 24
                          190.152.110.0/24 maxlen: 24
                          190.152.251.0/24 maxlen: 24
                          190.152.252.0/24 maxlen: 24
                          190.152.253.0/24 maxlen: 24
                          190.152.254.0/24 maxlen: 24
                          190.152.255.0/24 maxlen: 24
                          190.214.220.0/22 maxlen: 24
                          190.214.250.0/24 maxlen: 24
                          190.214.252.0/24 maxlen: 24
                          190.214.253.0/24 maxlen: 24
                          200.107.34.0/24 maxlen: 24
                          200.125.206.0/24 maxlen: 24
                          201.219.56.0/24 maxlen: 24
                          2800:370:4::/48 maxlen: 64
                          2800:370:18::/48 maxlen: 64
                          2800:370:2a::/48 maxlen: 64
                          2800:370:3e::/48 maxlen: 64
                          2800:370:4007::/48 maxlen: 64
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:4c:60:68:66:23:b2:80:5e:56:c8:ba:c6:16:49:eb:1f:03:17:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
        Validity
            Not Before: Feb  4 18:39:13 2025 GMT
            Not After : Feb  3 18:44:13 2026 GMT
        Subject: CN=6AEB2CF013936F958DB22BC5B403D94BD1039362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:01:57:67:32:c1:de:bc:09:16:48:18:bd:84:
                    12:24:26:03:9d:c4:22:ac:7d:f1:ef:3d:e9:5a:09:
                    82:e7:85:c7:4d:77:84:aa:eb:ec:52:ef:fa:d9:97:
                    5a:d3:40:a3:79:68:e7:95:5e:62:d8:f2:d6:b9:aa:
                    0a:39:be:80:0b:37:b7:50:af:96:af:87:11:a2:23:
                    80:9e:74:34:ed:85:7f:20:03:3c:7f:d1:48:d7:50:
                    e5:bb:26:c2:65:04:e1:90:3b:c3:ab:71:30:e0:c9:
                    ef:17:7d:0d:22:33:4a:82:19:27:42:13:f4:2e:aa:
                    e1:d8:a0:3b:8f:ff:48:b9:52:5f:31:17:19:e4:e1:
                    e5:a5:40:a7:d5:c9:95:b3:b8:39:ba:13:4b:df:4d:
                    70:e6:22:51:c7:22:79:11:8a:88:a4:cf:4a:cf:b7:
                    b3:6d:06:16:08:48:52:24:07:7e:43:8b:47:74:e3:
                    77:a3:eb:e9:3f:55:fc:d0:63:39:0d:c7:60:06:a7:
                    9d:16:9c:b3:95:7b:f3:34:06:cb:d9:7b:65:55:c5:
                    37:31:6e:91:06:ab:88:56:54:84:1d:a4:64:4a:01:
                    f8:f8:ec:16:39:89:df:d0:41:38:eb:33:28:96:3e:
                    49:1a:eb:b7:a9:89:a5:b9:a2:7a:8a:1b:49:1c:af:
                    2e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:EB:2C:F0:13:93:6F:95:8D:B2:2B:C5:B4:03:D9:4B:D1:03:93:62
            X509v3 Authority Key Identifier:
                keyid:B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS26613.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.113.192.0/24
                  186.46.168.0/24
                  190.152.95.0/24
                  190.152.110.0/24
                  190.152.251.0-190.152.255.255
                  190.214.220.0/22
                  190.214.250.0/24
                  190.214.252.0/23
                  200.107.34.0/24
                  200.125.206.0/24
                  201.219.56.0/24
                IPv6:
                  2800:370:4::/48
                  2800:370:18::/48
                  2800:370:2a::/48
                  2800:370:3e::/48
                  2800:370:4007::/48

    Signature Algorithm: sha256WithRSAEncryption
         89:7b:d3:4a:aa:43:71:0d:14:dc:0e:98:2d:e0:97:ff:c6:e8:
         6c:50:3b:a4:59:02:1b:8e:92:b8:3b:b3:29:f4:12:29:0d:d5:
         00:86:5c:4c:a2:1d:7b:51:5e:6e:ac:9b:03:3f:41:76:c4:ea:
         08:b9:a1:4e:73:6e:53:22:b6:97:f2:2b:13:c1:b3:a9:fb:f9:
         0e:20:40:30:fd:ce:ea:b2:fd:a0:9c:e4:99:ee:13:a9:c9:41:
         7a:46:72:14:c7:06:30:01:46:92:42:b0:2c:11:47:e6:01:de:
         bd:9b:e5:98:7a:3c:8d:f0:b1:49:9a:ce:5f:ad:b0:99:a6:15:
         a8:af:aa:0c:bc:74:cc:3f:99:44:53:0f:ed:40:0d:b9:95:02:
         cd:c4:7d:db:ce:10:1c:0f:bb:5a:c2:47:a7:fc:11:fb:0f:c0:
         92:67:0e:14:b8:4d:0f:5b:0f:b4:2c:fb:f4:08:fd:da:69:6e:
         48:da:2d:b5:a1:4f:94:fd:72:f8:c6:02:91:ef:80:2a:69:ec:
         8f:ae:31:c8:73:07:52:80:58:2c:c6:91:da:b2:59:dc:48:81:
         ae:b9:57:b0:57:7d:cd:bf:31:6f:8b:d7:08:25:99:8c:a5:fa:
         58:7b:8d:fa:57:0c:b8:76:92:64:70:e1:7f:b0:34:ce:61:3e:
         0a:dc:97:73
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgIUV0xgaGYjsoBeVsi6xhZJ6x8DF4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZGOEU3RDBCRjk1MTU4M0UwOTU5QjJBOTJBODkyMDMz
MENFQkU1OTAeFw0yNTAyMDQxODM5MTNaFw0yNjAyMDMxODQ0MTNaMDMxMTAvBgNV
BAMTKDZBRUIyQ0YwMTM5MzZGOTU4REIyMkJDNUI0MDNEOTRCRDEwMzkzNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5AVdnMsHevAkWSBi9hBIkJgOd
xCKsffHvPelaCYLnhcdNd4Sq6+xS7/rZl1rTQKN5aOeVXmLY8ta5qgo5voALN7dQ
r5avhxGiI4CedDTthX8gAzx/0UjXUOW7JsJlBOGQO8OrcTDgye8XfQ0iM0qCGSdC
E/QuquHYoDuP/0i5Ul8xFxnk4eWlQKfVyZWzuDm6E0vfTXDmIlHHInkRioikz0rP
t7NtBhYISFIkB35Di0d043ej6+k/VfzQYzkNx2AGp50WnLOVe/M0BsvZe2VVxTcx
bpEGq4hWVIQdpGRKAfj47BY5id/QQTjrMyiWPkka67epiaW5onqKG0kcry61AgMB
AAGjggMTMIIDDzAdBgNVHQ4EFgQUauss8BOTb5WNsivFtAPZS9EDk2IwHwYDVR0j
BBgwFoAUtvjn0L+VFYPglZsqkqiSAzDOvlkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4
MTIzQzMxMUNEN0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQjZGOEU3RDBCRjk1MTU4
M0UwOTU5QjJBOTJBODkyMDMzMENFQkU1OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNkY4RTdEMEJGOTUxNTgzRTA5
NTlCMkE5MkE4OTIwMzMwQ0VCRTU5LmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4MTIzQzMxMUNE
N0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQVMyNjYxMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBmQYIKwYBBQUHAQcBAf8EgYkwgYYwTwQCAAEwSQMEALVx
wAMEALouqAMEAL6YXwMEAL6YbjALAwQAvpj7AwMAvpgDBAK+1twDBAC+1voDBAG+
1vwDBADIayIDBADIfc4DBADJ2zgwMwQCAAIwLQMHACgAA3AABAMHACgAA3AAGAMH
ACgAA3AAKgMHACgAA3AAPgMHACgAA3BABzANBgkqhkiG9w0BAQsFAAOCAQEAiXvT
SqpDcQ0U3A6YLeCX/8bobFA7pFkCG46SuDuzKfQSKQ3VAIZcTKIde1FebqybAz9B
dsTqCLmhTnNuUyK2l/IrE8Gzqfv5DiBAMP3O6rL9oJzkme4TqclBekZyFMcGMAFG
kkKwLBFH5gHevZvlmHo8jfCxSZrOX62wmaYVqK+qDLx0zD+ZRFMP7UANuZUCzcR9
284QHA+7WsJHp/wR+w/AkmcOFLhND1sPtCz79Aj92mluSNottaFPlP1y+MYCke+A
Kmnsj64xyHMHUoBYLMaR2rJZ3EiBrrlXsFd9zb8xb4vXCCWZjKX6WHuN+lcMuHaS
ZHDhf7A0zmE+CtyXcw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:05:05 2025 by rpki-client