Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/737b97a2e31bf137e09df8b8941a4b3c7c1d409a.roa
File:                     737b97a2e31bf137e09df8b8941a4b3c7c1d409a.roa (raw, json)
Hash identifier:          xupitYl9ytZBCrTWXKqcntVSN1YtRODROvsvpX/1KYw=
Subject key identifier:   5E:F2:1B:32:2F:A7:E8:AE:BC:46:68:CF:4C:EE:83:64:26:64:93:B4
Certificate issuer:       /CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
Certificate serial:       1A8CEC
Authority key identifier: A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/737b97a2e31bf137e09df8b8941a4b3c7c1d409a.roa
Signing time:             Mon 25 Apr 2022 16:34:32 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     10620
IP address blocks:        190.143.0.0/18 maxlen: 24
                          200.71.32.0/19 maxlen: 24
                          201.216.0.0/19 maxlen: 24
                          200.118.0.0/16 maxlen: 24
                          201.221.160.0/20 maxlen: 24
                          200.89.224.0/20 maxlen: 24
                          201.216.32.0/19 maxlen: 24
                          190.8.224.0/19 maxlen: 24
                          190.8.192.0/19 maxlen: 24
                          190.84.0.0/16 maxlen: 24
                          190.156.0.0/16 maxlen: 24
                          190.157.0.0/16 maxlen: 24
                          190.158.0.0/16 maxlen: 24
                          190.159.0.0/16 maxlen: 24
                          186.80.0.0/16 maxlen: 24
                          186.81.0.0/16 maxlen: 24
                          186.82.0.0/16 maxlen: 24
                          186.83.0.0/16 maxlen: 24
                          186.84.0.0/16 maxlen: 24
                          186.85.0.0/16 maxlen: 24
                          186.86.0.0/16 maxlen: 24
                          186.87.0.0/16 maxlen: 24
                          186.144.0.0/16 maxlen: 24
                          186.145.0.0/16 maxlen: 24
                          186.146.0.0/16 maxlen: 24
                          186.147.0.0/16 maxlen: 24
                          190.146.0.0/16 maxlen: 24
                          190.147.0.0/16 maxlen: 24
                          181.49.72.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1740012 (0x1a8cec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=737b97a2e31bf137e09df8b8941a4b3c7c1d409a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:38:60:a5:57:34:52:88:ae:0f:9f:7f:f6:63:
                    48:6d:db:81:19:9b:4a:7d:ce:1f:a4:51:49:40:e6:
                    ad:37:fd:e9:b2:16:94:97:e5:2d:ec:a6:fa:86:0f:
                    c6:de:a6:f2:0a:f1:4a:ec:64:95:ce:fe:58:17:27:
                    ea:b3:37:13:a5:ed:1b:7c:0b:5b:40:1a:75:bc:31:
                    2b:d0:d3:f2:17:fe:15:02:9a:21:15:67:0b:70:ec:
                    ba:8c:26:a8:c9:0c:ac:7f:dd:da:47:6b:eb:e2:88:
                    b2:79:96:bc:0c:db:f6:ec:07:65:90:09:4e:77:3d:
                    31:55:0d:48:8e:bc:a8:b9:8c:ce:6f:68:f2:9f:f4:
                    db:83:09:30:3f:bc:7e:a1:da:65:d5:6e:b5:2f:97:
                    7e:de:0f:0e:ee:cb:7c:3f:4d:87:cb:4b:e1:fa:cc:
                    7e:2b:fc:d9:93:09:44:6b:ca:3c:f9:f1:c9:14:e4:
                    4f:60:c3:f8:61:46:41:96:69:05:5f:99:b2:4e:0a:
                    4e:b2:84:d5:4b:ea:ac:da:ae:86:35:53:6b:3f:0e:
                    cc:17:07:64:0c:cc:5e:46:1f:b9:ee:c4:59:96:e5:
                    c4:51:75:31:db:5d:ba:69:0f:e7:75:4a:fb:48:33:
                    da:1f:f0:6e:2d:26:80:cd:4d:f8:33:62:8d:3c:5d:
                    49:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F2:1B:32:2F:A7:E8:AE:BC:46:68:CF:4C:EE:83:64:26:64:93:B4
            X509v3 Authority Key Identifier:
                keyid:A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/737b97a2e31bf137e09df8b8941a4b3c7c1d409a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/c1f68ecd3896b3288f83c29a2c3da44c821c7684.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.49.72.0/22
                  186.80.0.0/13
                  186.144.0.0/14
                  190.8.192.0/18
                  190.84.0.0/16
                  190.143.0.0/18
                  190.146.0.0/15
                  190.156.0.0/14
                  200.71.32.0/19
                  200.89.224.0/20
                  200.118.0.0/16
                  201.216.0.0/18
                  201.221.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         22:17:84:61:05:d0:1d:8e:f9:dc:dd:e2:b3:7b:37:e0:97:e8:
         30:a2:63:74:75:a5:fd:c5:86:0c:e8:17:43:19:24:8b:96:21:
         8c:20:84:57:6f:e3:d2:47:f8:4c:a6:d9:a4:43:8d:0d:21:bd:
         53:e6:c8:01:04:a0:99:4c:05:9c:38:ae:f2:b0:20:04:99:e2:
         70:e7:c3:28:c5:f5:50:6d:a7:37:6e:c1:43:09:94:52:28:18:
         25:4d:32:a8:ec:d7:70:c9:f5:5c:d6:cc:45:fa:66:a1:81:52:
         56:11:45:c9:19:cc:d2:a2:a9:4a:32:19:a2:74:58:d1:22:20:
         06:3b:28:c7:e0:99:e4:7f:7d:69:1c:23:2b:a8:26:ba:ef:5f:
         46:ab:9c:eb:ba:9f:40:2d:a9:9d:32:68:36:79:53:55:31:bb:
         0a:2d:9f:d6:ad:7f:df:e5:dd:fe:8e:e3:6c:4f:d0:50:26:2e:
         bd:ac:8f:d2:57:ac:79:9a:31:25:4e:19:58:7b:92:88:2f:51:
         2d:89:a1:37:03:a2:76:d1:80:27:70:4a:90:78:23:bd:82:f8:
         44:f1:4a:c6:ab:7d:2f:c5:d9:3f:95:36:9d:4d:87:6d:47:7a:
         1b:3f:1e:5c:d3:d0:17:65:ad:88:d1:ac:bf:54:70:d6:00:d7:
         fc:3d:74:d2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIDGozsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
ZjY4ZWNkMzg5NmIzMjg4ZjgzYzI5YTJjM2RhNDRjODIxYzc2ODQwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg3MzdiOTdhMmUzMWJm
MTM3ZTA5ZGY4Yjg5NDFhNGIzYzdjMWQ0MDlhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzDhgpVc0UoiuD59/9mNIbduBGZtKfc4fpFFJQOatN/3pshaU
l+Ut7Kb6hg/G3qbyCvFK7GSVzv5YFyfqszcTpe0bfAtbQBp1vDEr0NPyF/4VApoh
FWcLcOy6jCaoyQysf93aR2vr4oiyeZa8DNv27AdlkAlOdz0xVQ1IjryouYzOb2jy
n/TbgwkwP7x+odpl1W61L5d+3g8O7st8P02Hy0vh+sx+K/zZkwlEa8o8+fHJFORP
YMP4YUZBlmkFX5myTgpOsoTVS+qs2q6GNVNrPw7MFwdkDMxeRh+57sRZluXEUXUx
2126aQ/ndUr7SDPaH/BuLSaAzU34M2KNPF1JqQIDAQABo4ICnTCCApkwHQYDVR0O
BBYEFF7yGzIvp+iuvEZoz0zug2QmZJO0MB8GA1UdIwQYMBaAFKhzgywDCRS4/QD1
P69G5JXZcRs8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzFmNjhl
Y2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI0MTliOTItZmJiYS00MDRiLWEyMjktZjM4NjVk
NTdhNDZhLzczN2I5N2EyZTMxYmYxMzdlMDlkZjhiODk0MWE0YjNjN2MxZDQwOWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjQxOWI5Mi1mYmJhLTQwNGItYTIyOS1mMzg2
NWQ1N2E0NmEvYzFmNjhlY2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRS
MFAwTgQCAAEwSAMEArUxSAMDA7pQAwMCupADBAa+CMADAwC+VAMEBr6PAAMDAb6S
AwMCvpwDBAXIRyADBATIWeADAwDIdgMEBsnYAAMEBMndoDANBgkqhkiG9w0BAQsF
AAOCAQEAIheEYQXQHY753N3is3s34JfoMKJjdHWl/cWGDOgXQxkki5YhjCCEV2/j
0kf4TKbZpEONDSG9U+bIAQSgmUwFnDiu8rAgBJnicOfDKMX1UG2nN27BQwmUUigY
JU0yqOzXcMn1XNbMRfpmoYFSVhFFyRnM0qKpSjIZonRY0SIgBjsox+CZ5H99aRwj
K6gmuu9fRquc67qfQC2pnTJoNnlTVTG7Ci2f1q1/3+Xd/o7jbE/QUCYuvayP0les
eZoxJU4ZWHuSiC9RLYmhNwOidtGAJ3BKkHgjvYL4RPFKxqt9L8XZP5U2nU2HbUd6
Gz8eXNPQF2WtiNGsv1Rw1gDX/D100g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:22 2023 by rpki-client on console-ams.rpki-client.org