Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/127e4095-2f45-4ec9-8f75-e799385fbad0/c9b2035a47c07a791a7f9d589b9d1a8a71fd11f9.roa
File:                     c9b2035a47c07a791a7f9d589b9d1a8a71fd11f9.roa (raw, json)
Hash identifier:          UJufv71/i9mSn8pXaP1z8CPqf9FNIKKUauBECrz39/I=
Subject key identifier:   4E:2D:AF:81:1B:38:E6:C1:E0:9E:62:30:2A:EB:32:4D:B0:A3:9E:3A
Certificate issuer:       /CN=797fbc6cdda2f3661b2a335060cb84d808706659
Certificate serial:       0E297D
Authority key identifier: 2B:62:77:3F:02:D2:1B:26:DA:9D:06:63:62:D0:AC:29:75:5F:69:49
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/797fbc6cdda2f3661b2a335060cb84d808706659.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/127e4095-2f45-4ec9-8f75-e799385fbad0/c9b2035a47c07a791a7f9d589b9d1a8a71fd11f9.roa
Signing time:             Wed 24 Mar 2021 14:30:55 +0000
ROA not before:           Wed 24 Mar 2021 14:30:53 +0000
ROA not after:            Tue 24 Mar 2026 14:30:53 +0000
asID:                     13591
IP address blocks:        200.32.65.0/24 maxlen: 24
                          200.32.66.0/23 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 928125 (0xe297d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=797fbc6cdda2f3661b2a335060cb84d808706659
        Validity
            Not Before: Mar 24 14:30:53 2021 GMT
            Not After : Mar 24 14:30:53 2026 GMT
        Subject: CN=c9b2035a47c07a791a7f9d589b9d1a8a71fd11f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:12:14:a0:55:61:8c:b5:42:cd:0e:77:11:78:
                    03:12:eb:05:af:17:16:36:3b:7e:c5:55:bd:29:35:
                    3a:fd:c0:b9:b2:72:c6:c5:6a:a5:c4:8a:58:46:26:
                    a2:24:3b:5a:4c:94:af:98:13:97:6c:29:26:1d:ca:
                    d9:10:33:a5:37:00:30:11:84:fd:62:49:15:81:7c:
                    f3:a0:f6:42:02:f1:86:30:1d:c2:21:3e:24:93:d7:
                    7b:4e:25:eb:51:de:55:37:a8:58:7a:d7:52:7b:84:
                    9f:b4:d4:e9:dc:87:b1:9a:7c:72:eb:2f:b6:cf:c8:
                    67:ed:ae:9c:a9:f5:4a:60:50:a3:ee:d2:d0:8b:82:
                    c6:f0:d6:88:3e:fb:f4:aa:35:80:c0:25:88:23:f5:
                    02:a2:25:bb:59:18:76:d8:62:21:cf:43:2a:35:c8:
                    77:9a:e6:c5:3a:be:70:dc:f8:dd:2e:52:e8:9f:0e:
                    fb:06:16:6f:90:af:aa:2d:d7:aa:0f:51:62:75:92:
                    71:52:a2:d3:9c:3b:e4:0c:be:90:70:ef:a7:c7:41:
                    e3:28:fa:9b:1e:b6:20:7d:12:b8:f2:6f:6a:9d:27:
                    50:a6:38:b9:8e:f5:b7:90:25:5f:3a:45:fe:26:78:
                    63:e2:4d:e1:a9:a2:90:81:52:91:a8:ed:da:44:4c:
                    cb:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:2D:AF:81:1B:38:E6:C1:E0:9E:62:30:2A:EB:32:4D:B0:A3:9E:3A
            X509v3 Authority Key Identifier:
                keyid:2B:62:77:3F:02:D2:1B:26:DA:9D:06:63:62:D0:AC:29:75:5F:69:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/797fbc6cdda2f3661b2a335060cb84d808706659.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/127e4095-2f45-4ec9-8f75-e799385fbad0/c9b2035a47c07a791a7f9d589b9d1a8a71fd11f9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/127e4095-2f45-4ec9-8f75-e799385fbad0/797fbc6cdda2f3661b2a335060cb84d808706659.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.32.65.0-200.32.67.255

    Signature Algorithm: sha256WithRSAEncryption
         9e:10:fe:d0:5b:86:45:aa:36:fb:91:20:87:4d:cb:b8:ba:33:
         bf:70:cc:7d:96:16:2b:c1:4d:4d:76:f0:ac:24:ac:29:e8:be:
         6b:03:1a:86:57:81:21:cc:8d:6f:e0:17:96:9e:59:cc:50:82:
         53:68:25:7b:6b:91:d1:bc:62:ba:a7:58:c7:35:70:f5:27:58:
         f0:98:53:dc:c4:d1:4c:4e:88:bf:6e:bf:49:be:74:fd:ef:9e:
         23:f8:00:b7:d9:d4:54:e0:f5:ee:72:e0:77:be:ae:f9:2c:4e:
         ff:d4:7e:07:e7:40:08:09:55:22:58:d4:36:ae:dd:88:72:35:
         24:a1:6e:c5:2a:2f:e8:1c:7d:da:d9:13:71:7d:6f:7d:51:54:
         55:96:de:96:90:d1:e3:8f:fc:11:42:6d:10:bc:74:a1:60:d6:
         22:2e:80:11:42:08:4a:4d:02:7b:75:68:ab:80:47:e9:be:aa:
         ea:b0:cd:8c:34:d2:74:85:28:b0:05:53:9c:6e:cd:3d:6c:a4:
         52:d9:85:d9:c1:8f:9d:a8:20:a1:9b:2f:5b:df:da:54:a9:01:
         25:ad:c5:e6:b6:b6:3c:31:f5:6e:c1:9f:52:a0:52:b3:2f:bd:
         95:d7:18:98:aa:fa:6c:cf:e6:74:d2:04:7e:2e:93:94:78:59:
         cb:b5:26:c6
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDDil9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc5
N2ZiYzZjZGRhMmYzNjYxYjJhMzM1MDYwY2I4NGQ4MDg3MDY2NTkwHhcNMjEwMzI0
MTQzMDUzWhcNMjYwMzI0MTQzMDUzWjAzMTEwLwYDVQQDEyhjOWIyMDM1YTQ3YzA3
YTc5MWE3ZjlkNTg5YjlkMWE4YTcxZmQxMWY5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmBIUoFVhjLVCzQ53EXgDEusFrxcWNjt+xVW9KTU6/cC5snLG
xWqlxIpYRiaiJDtaTJSvmBOXbCkmHcrZEDOlNwAwEYT9YkkVgXzzoPZCAvGGMB3C
IT4kk9d7TiXrUd5VN6hYetdSe4SftNTp3Iexmnxy6y+2z8hn7a6cqfVKYFCj7tLQ
i4LG8NaIPvv0qjWAwCWII/UCoiW7WRh22GIhz0MqNch3mubFOr5w3PjdLlLonw77
BhZvkK+qLdeqD1FidZJxUqLTnDvkDL6QcO+nx0HjKPqbHrYgfRK48m9qnSdQpji5
jvW3kCVfOkX+Jnhj4k3hqaKQgVKRqO3aREzLdQIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFE4tr4EbOObB4J5iMCrrMk2wo546MB8GA1UdIwQYMBaAFCtidz8C0hsm2p0G
Y2LQrCl1X2lJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzk3ZmJj
NmNkZGEyZjM2NjFiMmEzMzUwNjBjYjg0ZDgwODcwNjY1OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTI3ZTQwOTUtMmY0NS00ZWM5LThmNzUtZTc5OTM4
NWZiYWQwL2M5YjIwMzVhNDdjMDdhNzkxYTdmOWQ1ODliOWQxYThhNzFmZDExZjku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xMjdlNDA5NS0yZjQ1LTRlYzktOGY3NS1lNzk5
Mzg1ZmJhZDAvNzk3ZmJjNmNkZGEyZjM2NjFiMmEzMzUwNjBjYjg0ZDgwODcwNjY1
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAyCBBAwQCyCBAMA0GCSqGSIb3DQEBCwUAA4IBAQCeEP7Q
W4ZFqjb7kSCHTcu4ujO/cMx9lhYrwU1NdvCsJKwp6L5rAxqGV4EhzI1v4BeWnlnM
UIJTaCV7a5HRvGK6p1jHNXD1J1jwmFPcxNFMToi/br9JvnT9754j+AC32dRU4PXu
cuB3vq75LE7/1H4H50AICVUiWNQ2rt2IcjUkoW7FKi/oHH3a2RNxfW99UVRVlt6W
kNHjj/wRQm0QvHShYNYiLoARQghKTQJ7dWirgEfpvqrqsM2MNNJ0hSiwBVOcbs09
bKRS2YXZwY+dqCChmy9b39pUqQElrcXmtrY8MfVuwZ9SoFKzL72V1xiYqvpsz+Z0
0gR+LpOUeFnLtSbG
-----END CERTIFICATE-----
Generated at Fri Jul 21 21:29:53 2023 by rpki-client on console-ams.rpki-client.org