Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ef5686d-fc66-4c8e-be4f-da69fbc2bfb5/03c5875fb9f86bd3a8d24dade0d6280aaf806bbe.roa
File:                     03c5875fb9f86bd3a8d24dade0d6280aaf806bbe.roa (raw, json)
Hash identifier:          nFurpe2WSoYiY8d5PlLbmsCnqXm8wbtE4IynPgaXu6w=
Subject key identifier:   86:97:E5:E1:AB:C0:E0:12:DB:8F:D1:A0:78:45:8B:07:70:0D:47:B2
Certificate issuer:       /CN=c2cfc3212455464cd8f856a348b2d5caf73dcd73
Certificate serial:       18F685
Authority key identifier: ED:97:60:23:07:66:80:76:63:22:9F:6D:41:28:05:07:EF:9D:C2:29
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c2cfc3212455464cd8f856a348b2d5caf73dcd73.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ef5686d-fc66-4c8e-be4f-da69fbc2bfb5/03c5875fb9f86bd3a8d24dade0d6280aaf806bbe.roa
Signing time:             Wed 24 Aug 2022 16:15:38 +0000
ROA not before:           Wed 24 Mar 2021 14:30:56 +0000
ROA not after:            Tue 24 Mar 2026 14:30:56 +0000
asID:                     266725
IP address blocks:        181.119.41.0/24 maxlen: 24
                          181.119.69.0/24 maxlen: 24
                          181.119.71.0/24 maxlen: 24
                          181.119.72.0/24 maxlen: 24
                          181.119.73.0/24 maxlen: 24
                          181.119.74.0/24 maxlen: 24
                          181.119.75.0/24 maxlen: 24
                          181.119.76.0/24 maxlen: 24
                          181.119.77.0/24 maxlen: 24
                          181.119.78.0/24 maxlen: 24
                          181.119.79.0/24 maxlen: 24
                          181.119.80.0/24 maxlen: 24
                          181.119.81.0/24 maxlen: 24
                          181.119.82.0/24 maxlen: 24
                          181.119.158.0/24 maxlen: 24
                          181.119.169.0/24 maxlen: 24
                          181.119.170.0/24 maxlen: 24
                          181.119.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1635973 (0x18f685)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2cfc3212455464cd8f856a348b2d5caf73dcd73
        Validity
            Not Before: Mar 24 14:30:56 2021 GMT
            Not After : Mar 24 14:30:56 2026 GMT
        Subject: CN=03c5875fb9f86bd3a8d24dade0d6280aaf806bbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:52:38:af:62:a5:83:0b:9a:bb:dd:1d:3c:58:
                    51:72:88:35:a1:24:1d:64:d5:a4:f8:b2:73:8d:0b:
                    5b:6c:0f:83:3b:c5:e6:c5:66:3e:5b:4b:95:99:e7:
                    95:18:0f:49:bb:d6:fc:50:39:0d:d0:cf:b1:49:21:
                    f4:6d:39:48:9b:3f:b8:66:73:81:e1:50:98:cf:ab:
                    0a:f4:5b:ca:00:f8:e2:a6:07:37:0a:2b:77:16:2d:
                    6a:7d:e6:60:7f:27:14:2a:a7:17:b9:e4:44:03:4a:
                    50:c4:70:51:3c:3e:0c:a0:e2:96:47:b3:eb:89:7f:
                    06:02:81:8b:cc:77:dc:be:6b:17:c9:17:f7:9f:de:
                    37:bd:2f:ad:a1:1f:cc:3f:e0:b0:c7:3b:0c:53:6b:
                    35:0d:ff:76:74:f1:05:42:58:38:c4:3f:21:8f:11:
                    ea:68:0d:c1:a0:6d:af:34:ca:f0:6f:a7:1d:f3:2b:
                    c9:ff:be:96:c9:2e:d7:a0:f4:db:47:2a:41:03:5f:
                    7c:d8:0b:85:47:f7:bb:4e:3f:80:dc:46:55:c8:1a:
                    60:1c:71:ee:75:9a:c1:81:b6:df:fe:8c:06:66:de:
                    db:01:4e:74:dc:63:4e:e1:6c:68:40:15:c8:01:c4:
                    8c:20:de:7e:60:61:3f:52:cb:c9:db:26:b9:c7:16:
                    ff:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:97:E5:E1:AB:C0:E0:12:DB:8F:D1:A0:78:45:8B:07:70:0D:47:B2
            X509v3 Authority Key Identifier:
                keyid:ED:97:60:23:07:66:80:76:63:22:9F:6D:41:28:05:07:EF:9D:C2:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c2cfc3212455464cd8f856a348b2d5caf73dcd73.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ef5686d-fc66-4c8e-be4f-da69fbc2bfb5/03c5875fb9f86bd3a8d24dade0d6280aaf806bbe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ef5686d-fc66-4c8e-be4f-da69fbc2bfb5/c2cfc3212455464cd8f856a348b2d5caf73dcd73.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.119.3.0/24
                  181.119.41.0/24
                  181.119.69.0/24
                  181.119.71.0-181.119.82.255
                  181.119.158.0/24
                  181.119.169.0-181.119.170.255

    Signature Algorithm: sha256WithRSAEncryption
         57:23:bb:13:59:c7:80:9f:d7:d2:ce:39:92:87:74:dd:14:dc:
         8c:39:27:3c:cb:de:0d:d8:e0:83:e3:3c:ee:cb:71:6d:c9:0b:
         ee:43:a2:fc:84:6e:a2:f7:10:66:9a:22:59:0b:69:4e:15:89:
         46:fd:7f:ef:05:d2:16:16:f9:ca:be:5f:bb:71:a2:92:15:88:
         85:b5:df:30:59:49:7b:72:81:98:86:71:11:68:2a:ed:a6:20:
         55:46:4e:90:68:05:f0:86:eb:7e:ee:ca:e6:69:c6:e6:d7:1e:
         8b:8e:8b:e0:43:14:c0:ab:cd:a4:08:87:e2:44:a9:51:95:97:
         8c:52:d3:60:14:cc:62:03:e1:8c:99:20:dd:fd:a4:98:47:42:
         2f:f9:1e:c8:8f:7b:07:ff:0f:fd:d4:94:42:2f:31:4a:af:16:
         7a:33:b5:3f:52:d8:45:17:c9:fa:44:3b:af:e3:ab:14:85:7a:
         3a:e3:86:24:b5:a3:04:23:e3:56:02:16:26:59:0b:41:63:02:
         d5:ac:8e:be:19:22:e8:9d:89:ac:d6:7f:55:67:d5:e0:2d:1b:
         36:46:4b:ce:0b:3b:d3:0c:0c:7c:58:e1:06:33:b7:89:dc:30:
         69:0b:58:d9:46:36:a2:b9:57:a6:4a:82:04:bc:18:ba:96:62:
         40:16:6b:1e
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIDGPaFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMy
Y2ZjMzIxMjQ1NTQ2NGNkOGY4NTZhMzQ4YjJkNWNhZjczZGNkNzMwHhcNMjEwMzI0
MTQzMDU2WhcNMjYwMzI0MTQzMDU2WjAzMTEwLwYDVQQDEygwM2M1ODc1ZmI5Zjg2
YmQzYThkMjRkYWRlMGQ2MjgwYWFmODA2YmJlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiFI4r2Klgwuau90dPFhRcog1oSQdZNWk+LJzjQtbbA+DO8Xm
xWY+W0uVmeeVGA9Ju9b8UDkN0M+xSSH0bTlImz+4ZnOB4VCYz6sK9FvKAPjipgc3
Cit3Fi1qfeZgfycUKqcXueREA0pQxHBRPD4MoOKWR7PriX8GAoGLzHfcvmsXyRf3
n943vS+toR/MP+CwxzsMU2s1Df92dPEFQlg4xD8hjxHqaA3BoG2vNMrwb6cd8yvJ
/76WyS7XoPTbRypBA1982AuFR/e7Tj+A3EZVyBpgHHHudZrBgbbf/owGZt7bAU50
3GNO4WxoQBXIAcSMIN5+YGE/UsvJ2ya5xxb/BwIDAQABo4ICiTCCAoUwHQYDVR0O
BBYEFIaX5eGrwOAS24/RoHhFiwdwDUeyMB8GA1UdIwQYMBaAFO2XYCMHZoB2YyKf
bUEoBQfvncIpMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzJjZmMz
MjEyNDU1NDY0Y2Q4Zjg1NmEzNDhiMmQ1Y2FmNzNkY2Q3My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGVmNTY4NmQtZmM2Ni00YzhlLWJlNGYtZGE2OWZi
YzJiZmI1LzAzYzU4NzVmYjlmODZiZDNhOGQyNGRhZGUwZDYyODBhYWY4MDZiYmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZWY1Njg2ZC1mYzY2LTRjOGUtYmU0Zi1kYTY5
ZmJjMmJmYjUvYzJjZmMzMjEyNDU1NDY0Y2Q4Zjg1NmEzNDhiMmQ1Y2FmNzNkY2Q3
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBNBggrBgEFBQcBBwEB/wQ+
MDwwOgQCAAEwNAMEALV3AwMEALV3KQMEALV3RTAMAwQAtXdHAwQAtXdSAwQAtXee
MAwDBAC1d6kDBAC1d6owDQYJKoZIhvcNAQELBQADggEBAFcjuxNZx4Cf19LOOZKH
dN0U3Iw5JzzL3g3Y4IPjPO7LcW3JC+5DovyEbqL3EGaaIlkLaU4ViUb9f+8F0hYW
+cq+X7txopIViIW13zBZSXtygZiGcRFoKu2mIFVGTpBoBfCG637uyuZpxubXHouO
i+BDFMCrzaQIh+JEqVGVl4xS02AUzGID4YyZIN39pJhHQi/5HsiPewf/D/3UlEIv
MUqvFnoztT9S2EUXyfpEO6/jqxSFejrjhiS1owQj41YCFiZZC0FjAtWsjr4ZIuid
iazWf1Vn1eAtGzZGS84LO9MMDHxY4QYzt4ncMGkLWNlGNqK5V6ZKggS8GLqWYkAW
ax4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:24 2023 by rpki-client on console-ams.rpki-client.org