Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/96d5857e4a3dd05c4c54add8a4237d1757e20006.roa
File:                     96d5857e4a3dd05c4c54add8a4237d1757e20006.roa (raw, json)
Hash identifier:          yGdErIMDVzA1rSP5/P5dYO/P6FFiA6iOE9xLkZdj3O0=
Subject key identifier:   CA:73:DE:1B:39:3C:22:4D:30:B6:8A:39:03:4E:A4:75:3A:38:07:91
Certificate issuer:       /CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
Certificate serial:       1DD856
Authority key identifier: A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/96d5857e4a3dd05c4c54add8a4237d1757e20006.roa
Signing time:             Tue 16 Aug 2022 22:13:45 +0000
ROA not before:           Fri 03 Dec 2021 03:00:00 +0000
ROA not after:            Sun 03 Dec 2023 03:00:00 +0000
asID:                     14080
IP address blocks:        186.83.29.0/24 maxlen: 24
                          186.83.31.0/24 maxlen: 30
                          186.86.125.0/24 maxlen: 29
                          186.86.124.0/24 maxlen: 29
                          190.158.204.0/22 maxlen: 24
                          201.221.172.0/22 maxlen: 24
                          181.48.176.0/24 maxlen: 24
                          181.49.106.0/24 maxlen: 24
                          190.144.130.0/24 maxlen: 24
                          190.144.174.0/24 maxlen: 24
                          190.145.103.0/24 maxlen: 24
                          181.60.225.0/24 maxlen: 24
                          181.60.226.0/24 maxlen: 24
                          181.60.227.0/24 maxlen: 24
                          181.62.208.0/22 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1955926 (0x1dd856)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
        Validity
            Not Before: Dec  3 03:00:00 2021 GMT
            Not After : Dec  3 03:00:00 2023 GMT
        Subject: CN=96d5857e4a3dd05c4c54add8a4237d1757e20006
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:d8:6f:3b:05:3a:2c:97:c2:89:40:af:6f:92:
                    2f:32:77:7e:6b:33:f9:54:f6:a9:80:22:c2:ae:04:
                    0b:ce:dc:83:14:84:17:0b:a2:6a:24:c1:f2:58:98:
                    54:40:99:07:cf:49:f7:33:31:1a:0c:ff:ac:69:41:
                    b9:90:12:bc:e8:47:c5:c5:5c:95:34:9d:b2:af:c5:
                    29:09:a8:be:19:ba:d0:28:f5:99:14:64:7a:e5:c6:
                    a8:24:3d:8d:a1:f3:66:72:d1:16:b7:a0:e3:7d:6b:
                    a5:36:56:fe:00:f6:75:b6:c1:28:48:6c:d2:5f:7e:
                    3e:36:8d:f4:37:cf:c6:da:ed:57:95:e4:08:9b:6a:
                    78:c2:a4:4e:e7:4e:46:ef:97:27:af:2b:dd:e1:1f:
                    88:e1:46:b1:f1:60:08:8d:ec:01:0e:a7:53:25:c8:
                    22:17:79:5a:dc:4e:c4:b1:d4:fc:2c:19:3a:b8:f2:
                    36:31:25:11:15:d5:35:a0:8e:22:e5:1b:aa:ea:85:
                    ad:99:7a:2e:22:44:fb:77:74:d6:2f:a4:85:f4:be:
                    45:21:df:ae:d2:a2:33:77:d4:15:b9:c6:6d:6f:ef:
                    9f:ce:5a:41:15:e4:5e:74:21:89:2b:63:16:e3:88:
                    45:fd:66:54:24:7a:e2:94:c9:f5:cb:55:9e:76:40:
                    ea:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:73:DE:1B:39:3C:22:4D:30:B6:8A:39:03:4E:A4:75:3A:38:07:91
            X509v3 Authority Key Identifier:
                keyid:A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/96d5857e4a3dd05c4c54add8a4237d1757e20006.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/c1f68ecd3896b3288f83c29a2c3da44c821c7684.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.48.176.0/24
                  181.49.106.0/24
                  181.60.225.0-181.60.227.255
                  181.62.208.0/22
                  186.83.29.0/24
                  186.83.31.0/24
                  186.86.124.0/23
                  190.144.130.0/24
                  190.144.174.0/24
                  190.145.103.0/24
                  190.158.204.0/22
                  201.221.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         65:7b:8c:ae:aa:08:fa:fa:7a:78:d3:40:2e:7f:2f:83:ac:40:
         9b:dd:9a:03:d8:d5:e5:22:c6:b3:82:a9:6e:04:47:2a:6b:89:
         4d:71:cf:05:82:00:69:70:ad:fd:37:60:03:11:57:f8:38:ac:
         80:b7:6b:a3:27:a2:ca:5d:be:5d:5a:bd:43:57:de:9b:eb:62:
         97:d2:11:9a:36:e0:c1:e1:3b:aa:3d:3c:92:67:fb:d4:88:85:
         d9:57:20:8d:ed:fd:af:c8:1e:53:89:8a:34:7e:c7:85:9b:f2:
         3a:14:0f:92:80:7f:a7:9b:5b:1c:00:d5:53:71:c7:27:38:fb:
         27:58:c9:a8:93:fc:23:4f:8a:5d:08:9f:f0:1f:a1:59:07:aa:
         ef:af:85:4c:68:3b:5a:f5:12:6a:7b:fb:59:cd:61:e4:17:80:
         72:14:25:c9:fd:67:e1:f4:10:ba:a1:b2:a6:e0:16:e6:f4:0e:
         a9:aa:56:f6:45:a4:e2:81:4e:3d:47:6c:d6:8d:9f:54:b3:2a:
         77:db:5d:a4:9d:b7:f3:6e:bb:a1:fa:e6:f2:60:d4:4b:5a:56:
         e6:15:8d:61:4f:e3:35:5a:35:67:6f:2f:91:13:12:7a:9f:1b:
         f3:7b:58:2c:92:0e:65:1d:83:39:8c:16:bd:82:a0:b0:47:34:
         a1:a3:32:80
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDHdhWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
ZjY4ZWNkMzg5NmIzMjg4ZjgzYzI5YTJjM2RhNDRjODIxYzc2ODQwHhcNMjExMjAz
MDMwMDAwWhcNMjMxMjAzMDMwMDAwWjAzMTEwLwYDVQQDEyg5NmQ1ODU3ZTRhM2Rk
MDVjNGM1NGFkZDhhNDIzN2QxNzU3ZTIwMDA2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAithvOwU6LJfCiUCvb5IvMnd+azP5VPapgCLCrgQLztyDFIQX
C6JqJMHyWJhUQJkHz0n3MzEaDP+saUG5kBK86EfFxVyVNJ2yr8UpCai+GbrQKPWZ
FGR65caoJD2NofNmctEWt6DjfWulNlb+APZ1tsEoSGzSX34+No30N8/G2u1XleQI
m2p4wqRO505G75cnryvd4R+I4Uax8WAIjewBDqdTJcgiF3la3E7EsdT8LBk6uPI2
MSURFdU1oI4i5Ruq6oWtmXouIkT7d3TWL6SF9L5FId+u0qIzd9QVucZtb++fzlpB
FeRedCGJK2MW44hF/WZUJHrilMn1y1WedkDq1QIDAQABo4ICpTCCAqEwHQYDVR0O
BBYEFMpz3hs5PCJNMLaKOQNOpHU6OAeRMB8GA1UdIwQYMBaAFKhzgywDCRS4/QD1
P69G5JXZcRs8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzFmNjhl
Y2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI0MTliOTItZmJiYS00MDRiLWEyMjktZjM4NjVk
NTdhNDZhLzk2ZDU4NTdlNGEzZGQwNWM0YzU0YWRkOGE0MjM3ZDE3NTdlMjAwMDYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjQxOWI5Mi1mYmJhLTQwNGItYTIyOS1mMzg2
NWQ1N2E0NmEvYzFmNjhlY2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRa
MFgwVgQCAAEwUAMEALUwsAMEALUxajAMAwQAtTzhAwQCtTzgAwQCtT7QAwQAulMd
AwQAulMfAwQBulZ8AwQAvpCCAwQAvpCuAwQAvpFnAwQCvp7MAwQCyd2sMA0GCSqG
SIb3DQEBCwUAA4IBAQBle4yuqgj6+np400Aufy+DrECb3ZoD2NXlIsazgqluBEcq
a4lNcc8FggBpcK39N2ADEVf4OKyAt2ujJ6LKXb5dWr1DV96b62KX0hGaNuDB4Tuq
PTySZ/vUiIXZVyCN7f2vyB5TiYo0fseFm/I6FA+SgH+nm1scANVTcccnOPsnWMmo
k/wjT4pdCJ/wH6FZB6rvr4VMaDta9RJqe/tZzWHkF4ByFCXJ/Wfh9BC6obKm4Bbm
9A6pqlb2RaTigU49R2zWjZ9Usyp3212knbfzbruh+ubyYNRLWlbmFY1hT+M1WjVn
by+RExJ6nxvze1gskg5lHYM5jBa9gqCwRzShozKA
-----END CERTIFICATE-----
Generated at Sat Dec 2 07:58:07 2023 by rpki-client on console-fra.rpki-client.org