Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/fde444332fd83d4648fa29482681ff70688e1410.roa
File: fde444332fd83d4648fa29482681ff70688e1410.roa (raw, json)
Hash identifier: BwSuVkufNqDFfU6X/GS3hQmmTWCz+CYbUcqRtIUUS30=
Subject key identifier: 5B:1C:A4:B9:D9:14:80:2F:AC:33:3D:D9:94:D8:84:4C:AB:3D:E0:DA
Certificate issuer: /CN=8a34b88edc7711ba98c357c0cd7c26b4d31bbe13
Certificate serial: 26D43A
Authority key identifier: AC:7D:06:CC:8D:9C:83:2B:CF:18:0B:CB:6C:01:5E:C2:4A:6D:A7:8F
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/fde444332fd83d4648fa29482681ff70688e1410.roa
Signing time: Tue 05 Dec 2023 20:28:37 +0000
ROA not before: Tue 05 Dec 2023 20:28:36 +0000
ROA not after: Fri 05 Dec 2025 20:28:36 +0000
asID: 28027
IP address blocks: 200.9.176.0/24 maxlen: 24
192.188.59.0/24 maxlen: 24
200.10.147.0/24 maxlen: 24
200.10.148.0/22 maxlen: 24
200.126.0.0/19 maxlen: 24
2801:0:20::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2544698 (0x26d43a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a34b88edc7711ba98c357c0cd7c26b4d31bbe13
Validity
Not Before: Dec 5 20:28:36 2023 GMT
Not After : Dec 5 20:28:36 2025 GMT
Subject: CN=fde444332fd83d4648fa29482681ff70688e1410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:03:72:45:f9:89:64:56:6c:c1:61:5c:c2:6d:
1e:be:22:b2:9b:27:cc:83:24:31:c0:40:87:be:1e:
10:7a:df:63:2c:6d:bd:75:9a:39:72:f4:ed:60:e2:
d8:d4:1b:60:09:c4:3f:bf:7d:a1:40:e3:76:d5:eb:
0a:6a:a0:30:c9:33:0c:93:71:8b:6f:04:ca:0c:61:
99:3a:72:6f:79:16:aa:78:c7:fe:50:d1:aa:7b:6d:
3e:5c:d5:92:92:50:db:e7:27:38:f9:6b:27:f7:57:
93:c3:b8:a3:06:f5:0b:4b:51:44:62:ec:fd:e3:57:
64:16:8f:55:35:c8:44:c0:d5:26:c8:8a:6d:94:d4:
36:75:99:2d:11:be:e6:63:89:0f:ca:f6:b9:d3:c5:
05:56:b0:7d:2a:4f:23:d0:49:fc:6a:bc:c6:3a:64:
d8:4c:24:cc:42:2e:67:65:a9:d2:c6:56:6f:1d:ec:
3b:0d:64:b1:0b:98:81:e6:72:87:dc:ca:cf:3c:82:
c8:48:2e:ed:67:49:7c:a4:84:11:a3:63:5b:93:85:
13:01:38:83:d2:ce:1d:c0:e9:e2:f5:e8:37:6e:cf:
f3:ec:7e:81:95:ef:09:cb:05:a7:9d:36:8f:7d:48:
04:53:82:c0:eb:ec:cd:8d:07:05:bc:24:0e:9f:d6:
9a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:1C:A4:B9:D9:14:80:2F:AC:33:3D:D9:94:D8:84:4C:AB:3D:E0:DA
X509v3 Authority Key Identifier:
keyid:AC:7D:06:CC:8D:9C:83:2B:CF:18:0B:CB:6C:01:5E:C2:4A:6D:A7:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/fde444332fd83d4648fa29482681ff70688e1410.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.188.59.0/24
200.9.176.0/24
200.10.147.0-200.10.151.255
200.126.0.0/19
IPv6:
2801:0:20::/48
Signature Algorithm: sha256WithRSAEncryption
4a:8a:20:d5:14:fa:20:b2:82:54:c1:18:4e:62:f5:59:05:19:
bf:d4:60:af:b9:18:95:6d:88:4f:97:60:07:9a:1e:71:aa:80:
14:9c:47:42:27:98:1e:d6:23:bb:ae:b5:c1:f4:90:ff:11:e4:
f6:07:b0:4b:3b:7d:0c:6a:6d:d8:a9:1a:f5:2a:e2:1c:a9:2d:
27:e6:ed:f8:a0:f4:81:ae:32:a0:ad:f4:c2:21:8a:8e:42:50:
b4:39:db:5e:0d:7f:b8:fd:50:b7:cf:19:cc:9a:6e:18:c9:2a:
f1:50:0d:db:bd:5a:bf:b4:44:db:df:bd:30:ff:fe:a0:a2:c2:
a0:d8:74:dd:97:20:73:80:39:96:9c:28:35:75:d1:8a:41:0c:
d4:9b:f1:01:d8:0e:4b:e7:81:6b:4a:9e:6e:bf:53:d1:a1:c0:
9a:50:a9:a4:d7:84:cf:f9:bf:f7:13:d8:31:30:04:c9:b3:59:
ff:c3:72:a4:76:35:25:fe:f2:7c:29:38:f1:4e:04:81:86:4c:
7a:e9:39:68:f9:d4:c3:69:2c:e2:00:04:09:31:b7:35:6e:d8:
33:d2:cd:82:81:6f:1c:a9:d3:58:d8:6f:3d:6a:43:de:21:76:
72:3a:03:b8:06:b7:69:99:e4:fb:1c:dc:ac:19:62:d5:d8:52:
24:ee:82:b0
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIDJtQ6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhh
MzRiODhlZGM3NzExYmE5OGMzNTdjMGNkN2MyNmI0ZDMxYmJlMTMwHhcNMjMxMjA1
MjAyODM2WhcNMjUxMjA1MjAyODM2WjAzMTEwLwYDVQQDEyhmZGU0NDQzMzJmZDgz
ZDQ2NDhmYTI5NDgyNjgxZmY3MDY4OGUxNDEwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkQNyRfmJZFZswWFcwm0eviKymyfMgyQxwECHvh4Qet9jLG29
dZo5cvTtYOLY1BtgCcQ/v32hQON21esKaqAwyTMMk3GLbwTKDGGZOnJveRaqeMf+
UNGqe20+XNWSklDb5yc4+Wsn91eTw7ijBvULS1FEYuz941dkFo9VNchEwNUmyIpt
lNQ2dZktEb7mY4kPyva508UFVrB9Kk8j0En8arzGOmTYTCTMQi5nZanSxlZvHew7
DWSxC5iB5nKH3MrPPILISC7tZ0l8pIQRo2Nbk4UTATiD0s4dwOni9eg3bs/z7H6B
le8JywWnnTaPfUgEU4LA6+zNjQcFvCQOn9aaLwIDAQABo4IChjCCAoIwHQYDVR0O
BBYEFFscpLnZFIAvrDM92ZTYhEyrPeDaMB8GA1UdIwQYMBaAFKx9BsyNnIMrzxgL
y2wBXsJKbaePMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGEzNGI4
OGVkYzc3MTFiYTk4YzM1N2MwY2Q3YzI2YjRkMzFiYmUxMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDlhOWI2ODUtMzk3ZC00ZDRmLTg3MzQtNmU4ZmI5
NjUxZjIxL2ZkZTQ0NDMzMmZkODNkNDY0OGZhMjk0ODI2ODFmZjcwNjg4ZTE0MTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wOWE5YjY4NS0zOTdkLTRkNGYtODczNC02ZThm
Yjk2NTFmMjEvOGEzNGI4OGVkYzc3MTFiYTk4YzM1N2MwY2Q3YzI2YjRkMzFiYmUx
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBKBggrBgEFBQcBBwEB/wQ7
MDkwJgQCAAEwIAMEAMC8OwMEAMgJsDAMAwQAyAqTAwQDyAqQAwQFyH4AMA8EAgAC
MAkDBwAoAQAAACAwDQYJKoZIhvcNAQELBQADggEBAEqKINUU+iCyglTBGE5i9VkF
Gb/UYK+5GJVtiE+XYAeaHnGqgBScR0InmB7WI7uutcH0kP8R5PYHsEs7fQxqbdip
GvUq4hypLSfm7fig9IGuMqCt9MIhio5CULQ5214Nf7j9ULfPGcyabhjJKvFQDdu9
Wr+0RNvfvTD//qCiwqDYdN2XIHOAOZacKDV10YpBDNSb8QHYDkvngWtKnm6/U9Gh
wJpQqaTXhM/5v/cT2DEwBMmzWf/DcqR2NSX+8nwpOPFOBIGGTHrpOWj51MNpLOIA
BAkxtzVu2DPSzYKBbxyp01jYbz1qQ94hdnI6A7gGt2mZ5Psc3KwZYtXYUiTugrA=
-----END CERTIFICATE-----
Generated at Sun Dec 31 09:07:11 2023 by rpki-client on console-ams.rpki-client.org