Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/12c5a44c-f23f-4488-976e-f3b7d7828ebd/67ec9b1c71bec2ed58533abb5b43e508aafc4163.roa
File:                     67ec9b1c71bec2ed58533abb5b43e508aafc4163.roa (raw, json)
Hash identifier:          1i3vbagjK7xX29JUKV8NSkH35UPuxphWFUnuXe7XtWc=
Subject key identifier:   5E:23:34:17:4F:EE:7A:46:97:96:75:2B:5B:A2:BD:E6:04:37:8C:9D
Certificate issuer:       /CN=4ac5ea16ad07d29d2d29db8fbd5b3893571bb631
Certificate serial:       95AB
Authority key identifier: 3A:C6:E4:AF:88:56:EC:CF:11:EB:BE:CA:5C:8E:50:5A:5C:19:11:26
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ac5ea16ad07d29d2d29db8fbd5b3893571bb631.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/12c5a44c-f23f-4488-976e-f3b7d7828ebd/67ec9b1c71bec2ed58533abb5b43e508aafc4163.roa
Signing time:             Wed 18 Aug 2021 00:29:10 +0000
ROA not before:           Tue 17 Aug 2021 03:00:00 +0000
ROA not after:            Thu 17 Aug 2023 03:00:00 +0000
asID:                     52362
IP address blocks:        190.14.128.0/24 maxlen: 24
                          190.14.129.0/24 maxlen: 24
                          190.14.130.0/24 maxlen: 24
                          190.14.135.0/24 maxlen: 24
                          190.14.136.0/24 maxlen: 24
                          190.14.137.0/24 maxlen: 24
                          190.14.138.0/24 maxlen: 24
                          190.14.139.0/24 maxlen: 24
                          190.14.140.0/24 maxlen: 24
                          190.14.141.0/24 maxlen: 24
                          190.14.143.0/24 maxlen: 24
                          190.104.112.0/24 maxlen: 24
                          190.104.114.0/24 maxlen: 24
                          190.104.116.0/24 maxlen: 24
                          190.104.119.0/24 maxlen: 24
                          190.104.120.0/24 maxlen: 24
                          190.104.121.0/24 maxlen: 24
                          190.104.124.0/24 maxlen: 24
                          190.104.125.0/24 maxlen: 24
                          190.104.126.0/24 maxlen: 24
                          190.104.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38315 (0x95ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ac5ea16ad07d29d2d29db8fbd5b3893571bb631
        Validity
            Not Before: Aug 17 03:00:00 2021 GMT
            Not After : Aug 17 03:00:00 2023 GMT
        Subject: CN=67ec9b1c71bec2ed58533abb5b43e508aafc4163
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:02:e0:5a:6a:31:d0:2a:e1:8a:0f:40:56:a6:
                    c9:a8:03:bb:b0:d3:bf:c3:b5:c5:1c:5c:a2:c7:e7:
                    1c:ef:bb:3f:54:40:79:b4:e8:91:bd:af:c4:37:1d:
                    1d:c2:b6:86:6e:9a:78:1f:93:5a:6a:39:62:3f:85:
                    5a:cb:96:64:a7:1b:11:c7:79:f4:f8:23:7e:3a:3b:
                    8f:6f:7d:1a:fc:36:75:10:13:ff:34:79:d0:97:d8:
                    07:f0:d2:28:cb:77:05:8f:cc:df:e5:b2:d9:6b:5b:
                    00:2b:99:2c:26:f6:88:75:9a:70:55:1b:81:2c:bd:
                    b6:0d:a5:c8:ac:d3:cb:2c:26:80:01:66:5f:e5:0b:
                    ff:bf:92:c5:4b:e0:f3:e8:1a:c0:5a:f1:87:b8:cf:
                    c4:79:36:51:37:2a:b8:9c:d8:f8:6a:ac:d3:1f:6d:
                    b5:f1:77:1a:af:36:4f:01:fd:8c:08:f6:fc:9a:72:
                    30:9c:c8:11:8c:e6:0d:13:12:a4:1c:b5:65:ba:56:
                    e8:29:00:34:a4:7c:d1:cb:35:97:7a:cf:7f:16:04:
                    15:a0:ae:29:c6:0e:80:10:39:fc:b4:94:3e:53:f9:
                    a3:e6:09:c5:a9:3d:4e:1a:76:18:05:f8:66:fa:03:
                    61:9d:77:7e:0c:1e:e6:12:9d:fb:1c:b1:45:86:b4:
                    c3:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5E:23:34:17:4F:EE:7A:46:97:96:75:2B:5B:A2:BD:E6:04:37:8C:9D
            X509v3 Authority Key Identifier: 
                keyid:3A:C6:E4:AF:88:56:EC:CF:11:EB:BE:CA:5C:8E:50:5A:5C:19:11:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ac5ea16ad07d29d2d29db8fbd5b3893571bb631.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/12c5a44c-f23f-4488-976e-f3b7d7828ebd/67ec9b1c71bec2ed58533abb5b43e508aafc4163.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/12c5a44c-f23f-4488-976e-f3b7d7828ebd/4ac5ea16ad07d29d2d29db8fbd5b3893571bb631.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.14.128.0-190.14.130.255
                  190.14.135.0-190.14.141.255
                  190.14.143.0/24
                  190.104.112.0/24
                  190.104.114.0/24
                  190.104.116.0/24
                  190.104.119.0-190.104.121.255
                  190.104.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:51:d1:26:05:f1:64:ad:a8:59:9b:97:5a:b5:6c:c3:aa:a4:
         a0:c3:1e:37:c1:89:5a:3b:a1:49:03:47:00:c0:80:1a:4d:0a:
         ee:2d:25:46:d7:17:3c:93:a1:a8:3c:49:70:a3:18:db:02:33:
         cc:f2:6f:35:8e:be:64:6a:a0:aa:21:ee:8a:5c:6d:d2:95:f0:
         ec:8d:0a:5f:4e:d8:97:4d:df:f4:1a:b6:41:af:2f:29:d1:9d:
         d1:e4:3a:d1:27:fa:0c:7f:57:25:66:4f:50:2e:2d:2d:8f:00:
         b1:e0:e3:1f:34:57:f7:b3:69:b6:14:8d:0e:40:39:c5:2e:6f:
         04:ce:04:85:2f:1a:30:3e:33:40:38:24:78:aa:d1:3a:4c:14:
         20:6f:78:88:77:02:1a:dd:8d:68:99:35:95:e1:72:10:db:3e:
         b9:da:4c:e1:66:d9:84:56:be:e8:bd:cc:76:f6:2f:bc:32:f6:
         91:6f:e7:33:c2:06:5e:5b:f3:94:53:77:6e:32:01:fa:93:cd:
         e6:35:c9:f4:7a:f1:a8:c9:0b:d1:9e:21:54:6c:eb:48:89:99:
         25:65:34:8d:7d:62:09:62:02:9d:be:ae:b4:8c:db:ea:14:92:
         db:42:b3:c3:58:16:b4:e9:c3:b6:08:a2:3f:88:e9:c6:3b:38:
         75:f3:76:90
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIDAJWrMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRh
YzVlYTE2YWQwN2QyOWQyZDI5ZGI4ZmJkNWIzODkzNTcxYmI2MzEwHhcNMjEwODE3
MDMwMDAwWhcNMjMwODE3MDMwMDAwWjAzMTEwLwYDVQQDEyg2N2VjOWIxYzcxYmVj
MmVkNTg1MzNhYmI1YjQzZTUwOGFhZmM0MTYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjALgWmox0Crhig9AVqbJqAO7sNO/w7XFHFyix+cc77s/VEB5
tOiRva/ENx0dwraGbpp4H5NaajliP4Vay5ZkpxsRx3n0+CN+OjuPb30a/DZ1EBP/
NHnQl9gH8NIoy3cFj8zf5bLZa1sAK5ksJvaIdZpwVRuBLL22DaXIrNPLLCaAAWZf
5Qv/v5LFS+Dz6BrAWvGHuM/EeTZRNyq4nNj4aqzTH2218XcarzZPAf2MCPb8mnIw
nMgRjOYNExKkHLVlulboKQA0pHzRyzWXes9/FgQVoK4pxg6AEDn8tJQ+U/mj5gnF
qT1OGnYYBfhm+gNhnXd+DB7mEp37HLFFhrTDnQIDAQABo4ICnTCCApkwHQYDVR0O
BBYEFF4jNBdP7npGl5Z1K1uiveYEN4ydMB8GA1UdIwQYMBaAFDrG5K+IVuzPEeu+
ylyOUFpcGREmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGFjNWVh
MTZhZDA3ZDI5ZDJkMjlkYjhmYmQ1YjM4OTM1NzFiYjYzMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTJjNWE0NGMtZjIzZi00NDg4LTk3NmUtZjNiN2Q3
ODI4ZWJkLzY3ZWM5YjFjNzFiZWMyZWQ1ODUzM2FiYjViNDNlNTA4YWFmYzQxNjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xMmM1YTQ0Yy1mMjNmLTQ0ODgtOTc2ZS1mM2I3
ZDc4MjhlYmQvNGFjNWVhMTZhZDA3ZDI5ZDJkMjlkYjhmYmQ1YjM4OTM1NzFiYjYz
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRS
MFAwTgQCAAEwSDAMAwQHvg6AAwQAvg6CMAwDBAC+DocDBAG+DowDBAC+Do8DBAC+
aHADBAC+aHIDBAC+aHQwDAMEAL5odwMEAb5oeAMEAr5ofDANBgkqhkiG9w0BAQsF
AAOCAQEANVHRJgXxZK2oWZuXWrVsw6qkoMMeN8GJWjuhSQNHAMCAGk0K7i0lRtcX
PJOhqDxJcKMY2wIzzPJvNY6+ZGqgqiHuilxt0pXw7I0KX07Yl03f9Bq2Qa8vKdGd
0eQ60Sf6DH9XJWZPUC4tLY8AseDjHzRX97NpthSNDkA5xS5vBM4EhS8aMD4zQDgk
eKrROkwUIG94iHcCGt2NaJk1leFyENs+udpM4WbZhFa+6L3MdvYvvDL2kW/nM8IG
XlvzlFN3bjIB+pPN5jXJ9HrxqMkL0Z4hVGzrSImZJWU0jX1iCWICnb6utIzb6hSS
20Kzw1gWtOnDtgiiP4jpxjs4dfN2kA==
-----END CERTIFICATE-----
Generated at Tue Mar 14 19:19:22 2023 by rpki-client on console-fra.rpki-client.org