Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/bfce678a40a0f532b33e3774fba72f7c7807c275.roa
File: bfce678a40a0f532b33e3774fba72f7c7807c275.roa (raw, json)
Hash identifier: AyGtBw7txOExMpm5Vd7QvGhlz8R2QXQ2LvLjro0d/rI=
Subject key identifier: EE:60:59:B4:EE:E1:32:39:1A:41:C5:60:05:42:00:7F:84:22:5E:C2
Certificate issuer: /CN=07a3e63d1966870c34f83b79e6705d8dc3f9b809
Certificate serial: 1327AF
Authority key identifier: E7:4F:4B:4C:08:78:4E:1A:4E:22:4C:95:7A:B5:B7:5F:81:D9:24:95
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/07a3e63d1966870c34f83b79e6705d8dc3f9b809.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/bfce678a40a0f532b33e3774fba72f7c7807c275.roa
Signing time: Sat 04 Sep 2021 00:38:12 +0000
ROA not before: Wed 24 Mar 2021 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 16732
IP address blocks: 200.59.32.0/24 maxlen: 24
200.59.33.0/24 maxlen: 24
200.59.34.0/24 maxlen: 24
200.59.35.0/24 maxlen: 24
200.59.36.0/24 maxlen: 24
200.59.36.0/22 maxlen: 22
200.59.37.0/24 maxlen: 24
200.59.38.0/24 maxlen: 24
200.59.39.0/24 maxlen: 24
200.59.40.0/24 maxlen: 24
200.59.41.0/24 maxlen: 24
200.59.42.0/24 maxlen: 24
200.59.43.0/24 maxlen: 24
200.59.44.0/24 maxlen: 24
200.59.44.0/23 maxlen: 23
200.59.45.0/24 maxlen: 24
200.59.46.0/24 maxlen: 24
200.59.47.0/24 maxlen: 24
200.59.50.0/24 maxlen: 24
200.59.51.0/24 maxlen: 24
200.59.54.0/24 maxlen: 24
200.59.55.0/24 maxlen: 24
200.59.56.0/24 maxlen: 24
200.59.57.0/24 maxlen: 24
200.59.58.0/24 maxlen: 24
200.59.59.0/24 maxlen: 24
200.59.52.0/23 maxlen: 23
200.59.53.0/24 maxlen: 24
200.59.56.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1255343 (0x1327af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a3e63d1966870c34f83b79e6705d8dc3f9b809
Validity
Not Before: Mar 24 03:00:00 2021 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=bfce678a40a0f532b33e3774fba72f7c7807c275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:35:a3:7e:3f:23:89:e9:0d:cb:43:0b:96:5b:
4a:2f:22:31:4a:07:4c:0e:1f:49:4c:cd:c5:1c:00:
3c:f7:cc:aa:4b:e8:76:7e:3d:55:dd:06:82:88:23:
7d:40:d4:d3:cc:28:fa:e7:1b:09:7f:1c:43:6a:b6:
85:49:2d:6a:d6:7f:25:cf:34:52:5a:1f:68:a2:d2:
94:5d:5d:23:e4:8f:a6:87:1a:10:af:15:d4:05:b2:
03:0b:9d:6f:b2:1e:7c:d5:de:c5:a1:6c:f4:60:42:
3e:3a:11:4c:4e:a7:b5:32:0e:0a:59:f0:81:4d:04:
27:f0:8d:f3:c8:e8:98:19:61:f5:6c:74:4c:0e:4a:
8f:68:0d:16:bc:e4:1a:8a:37:4a:80:a9:9e:d9:32:
d0:18:68:bf:e6:6c:b4:53:7e:6a:a7:09:32:23:d4:
2e:af:be:51:f0:f7:fa:76:69:22:dc:d5:27:85:a6:
db:42:97:3f:dd:c3:84:60:07:63:92:8d:6f:bd:fd:
a8:d4:49:6c:a4:41:c5:75:b4:0f:6f:d5:36:e8:5d:
f7:ea:a9:69:06:13:03:79:6f:e3:d4:fc:18:64:92:
17:36:31:e9:7a:3b:8a:b1:f0:be:83:e9:3a:c1:10:
e3:41:e8:89:be:6a:10:72:66:52:cc:48:b7:b2:9f:
cf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:60:59:B4:EE:E1:32:39:1A:41:C5:60:05:42:00:7F:84:22:5E:C2
X509v3 Authority Key Identifier:
keyid:E7:4F:4B:4C:08:78:4E:1A:4E:22:4C:95:7A:B5:B7:5F:81:D9:24:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/07a3e63d1966870c34f83b79e6705d8dc3f9b809.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/bfce678a40a0f532b33e3774fba72f7c7807c275.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/07a3e63d1966870c34f83b79e6705d8dc3f9b809.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.59.32.0/20
200.59.50.0-200.59.59.255
Signature Algorithm: sha256WithRSAEncryption
15:14:26:ed:ff:53:2a:51:16:57:b1:f3:45:10:58:20:f8:ba:
88:73:50:0d:45:c0:52:45:fe:e2:d3:40:41:35:3e:e4:73:41:
77:e0:4b:1f:25:73:20:79:60:8a:68:98:8e:b6:3c:ff:2c:92:
a9:d7:18:f6:0b:85:58:e9:5b:34:57:f3:f2:f1:2d:37:1b:85:
49:41:53:74:58:44:eb:f5:5b:8a:33:63:4b:23:51:bf:2f:54:
3f:c5:12:62:57:17:6f:f2:34:1e:0f:69:4b:25:7e:3c:f5:2e:
c9:47:bb:65:5d:1d:bf:99:2f:c3:bc:05:49:e7:f3:fe:b3:24:
fe:e7:60:45:f0:d9:1f:f1:cd:29:c9:7c:59:53:27:50:55:62:
71:c6:1c:68:d1:8d:4c:a8:7a:c6:01:4f:8b:e9:10:aa:df:f0:
76:1f:93:56:2c:85:ee:be:08:64:e8:da:53:12:7c:e1:6e:7e:
94:00:b0:13:5c:e9:ac:1c:5c:41:92:41:e9:7a:48:ff:c2:a1:
5e:39:0b:48:eb:68:71:1d:8c:f9:64:5c:a4:4b:3a:6d:03:a5:
80:ae:a2:1e:e3:6d:a4:11:f5:10:4c:0f:01:f9:fc:d3:de:23:
72:f3:74:b8:fc:fa:ef:99:2b:c4:36:73:e6:01:69:90:01:e9:
8f:13:78:7b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIDEyevMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA3
YTNlNjNkMTk2Njg3MGMzNGY4M2I3OWU2NzA1ZDhkYzNmOWI4MDkwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhiZmNlNjc4YTQwYTBm
NTMyYjMzZTM3NzRmYmE3MmY3Yzc4MDdjMjc1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqjWjfj8jiekNy0MLlltKLyIxSgdMDh9JTM3FHAA898yqS+h2
fj1V3QaCiCN9QNTTzCj65xsJfxxDaraFSS1q1n8lzzRSWh9ootKUXV0j5I+mhxoQ
rxXUBbIDC51vsh581d7FoWz0YEI+OhFMTqe1Mg4KWfCBTQQn8I3zyOiYGWH1bHRM
DkqPaA0WvOQaijdKgKme2TLQGGi/5my0U35qpwkyI9Qur75R8Pf6dmki3NUnhabb
Qpc/3cOEYAdjko1vvf2o1ElspEHFdbQPb9U26F336qlpBhMDeW/j1PwYZJIXNjHp
ejuKsfC+g+k6wRDjQeiJvmoQcmZSzEi3sp/PKwIDAQABo4ICaTCCAmUwHQYDVR0O
BBYEFO5gWbTu4TI5GkHFYAVCAH+EIl7CMB8GA1UdIwQYMBaAFOdPS0wIeE4aTiJM
lXq1t1+B2SSVMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDdhM2U2
M2QxOTY2ODcwYzM0ZjgzYjc5ZTY3MDVkOGRjM2Y5YjgwOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGNhYzNiODItZjQ4OC00ZGY3LWJjNjctYWQ4NTZh
MTJhYTQzL2JmY2U2NzhhNDBhMGY1MzJiMzNlMzc3NGZiYTcyZjdjNzgwN2MyNzUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wY2FjM2I4Mi1mNDg4LTRkZjctYmM2Ny1hZDg1
NmExMmFhNDMvMDdhM2U2M2QxOTY2ODcwYzM0ZjgzYjc5ZTY3MDVkOGRjM2Y5Yjgw
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFAMEBMg7IDAMAwQByDsyAwQCyDs4MA0GCSqGSIb3DQEBCwUAA4IB
AQAVFCbt/1MqURZXsfNFEFgg+LqIc1ANRcBSRf7i00BBNT7kc0F34EsfJXMgeWCK
aJiOtjz/LJKp1xj2C4VY6Vs0V/Py8S03G4VJQVN0WETr9VuKM2NLI1G/L1Q/xRJi
Vxdv8jQeD2lLJX489S7JR7tlXR2/mS/DvAVJ5/P+syT+52BF8Nkf8c0pyXxZUydQ
VWJxxhxo0Y1MqHrGAU+L6RCq3/B2H5NWLIXuvghk6NpTEnzhbn6UALATXOmsHFxB
kkHpekj/wqFeOQtI62hxHYz5ZFykSzptA6WArqIe422kEfUQTA8B+fzT3iNy83S4
/PrvmSvENnPmAWmQAemPE3h7
-----END CERTIFICATE-----
Generated at Thu Nov 9 19:10:51 2023 by rpki-client on console-ams.rpki-client.org