Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/12c5a44c-f23f-4488-976e-f3b7d7828ebd/bffaee9661e00421d450ebb8a98a4735d9a0674f.roa
File:                     bffaee9661e00421d450ebb8a98a4735d9a0674f.roa (raw, json)
Hash identifier:          3Wf7RzEWKXGB+b9p5GqbS1nr2nLVwwnNi2jIX8vE8bM=
Subject key identifier:   9B:C2:64:F6:E8:EC:11:CC:2B:77:11:40:BE:9A:59:A1:AC:51:2C:F1
Certificate issuer:       /CN=4ac5ea16ad07d29d2d29db8fbd5b3893571bb631
Certificate serial:       0B0CC9
Authority key identifier: 3A:C6:E4:AF:88:56:EC:CF:11:EB:BE:CA:5C:8E:50:5A:5C:19:11:26
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ac5ea16ad07d29d2d29db8fbd5b3893571bb631.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/12c5a44c-f23f-4488-976e-f3b7d7828ebd/bffaee9661e00421d450ebb8a98a4735d9a0674f.roa
Signing time:             Fri 14 Oct 2022 15:14:32 +0000
ROA not before:           Mon 16 Aug 2021 03:00:00 +0000
ROA not after:            Thu 17 Aug 2023 03:00:00 +0000
asID:                     52362
IP address blocks:        190.14.128.0/24 maxlen: 24
                          190.14.129.0/24 maxlen: 24
                          190.14.130.0/24 maxlen: 24
                          190.14.131.0/24 maxlen: 24
                          190.14.135.0/24 maxlen: 24
                          190.14.136.0/24 maxlen: 24
                          190.14.137.0/24 maxlen: 24
                          190.14.138.0/24 maxlen: 24
                          190.14.139.0/24 maxlen: 24
                          190.14.140.0/24 maxlen: 24
                          190.14.141.0/24 maxlen: 24
                          190.14.143.0/24 maxlen: 24
                          190.104.112.0/24 maxlen: 24
                          190.104.114.0/24 maxlen: 24
                          190.104.116.0/24 maxlen: 24
                          190.104.119.0/24 maxlen: 24
                          190.104.120.0/24 maxlen: 24
                          190.104.121.0/24 maxlen: 24
                          190.104.124.0/24 maxlen: 24
                          190.104.125.0/24 maxlen: 24
                          190.104.126.0/24 maxlen: 24
                          190.104.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 724169 (0xb0cc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ac5ea16ad07d29d2d29db8fbd5b3893571bb631
        Validity
            Not Before: Aug 16 03:00:00 2021 GMT
            Not After : Aug 17 03:00:00 2023 GMT
        Subject: CN=bffaee9661e00421d450ebb8a98a4735d9a0674f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:78:82:a4:da:7c:d7:8b:be:63:e8:fd:05:e8:
                    35:36:c2:4c:e7:81:39:4a:91:7c:77:4a:9a:cc:37:
                    d2:97:ee:7f:4a:7b:f3:36:5d:85:49:54:0b:dd:a1:
                    dd:f6:51:01:05:08:c8:4b:2a:cb:07:4e:e7:11:cd:
                    fc:e8:1f:cc:90:46:92:0f:3a:45:e9:9c:af:ef:23:
                    cc:6a:9e:d7:ec:a7:a7:16:5c:cd:69:e3:a6:0e:a7:
                    49:d1:3e:66:c4:bb:43:4e:21:8d:8e:64:5b:1d:e1:
                    78:46:24:c6:f0:9d:f3:12:00:bd:b8:e8:4d:6b:5e:
                    60:30:3d:39:53:e1:cb:13:7f:0d:83:7d:f2:19:12:
                    06:1b:48:90:0a:0d:b5:4b:77:06:05:4f:bf:10:8b:
                    d1:86:3b:0c:25:17:69:43:15:b7:05:f3:3f:92:2c:
                    27:50:ad:5d:0e:fd:37:d7:5d:cf:7c:68:c9:01:81:
                    99:98:cc:01:71:fb:e2:75:6e:93:c6:78:da:ed:f5:
                    39:56:4a:04:a2:ac:6c:97:3a:a8:22:7f:55:7a:ee:
                    c5:2b:c9:6e:b9:41:64:12:14:f2:c5:f6:9c:5c:37:
                    e5:8b:b7:e1:c6:ed:17:27:2c:76:02:80:7a:99:74:
                    0f:b8:ab:54:42:ef:de:f0:7d:2e:0d:34:4c:7c:a2:
                    46:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:C2:64:F6:E8:EC:11:CC:2B:77:11:40:BE:9A:59:A1:AC:51:2C:F1
            X509v3 Authority Key Identifier:
                keyid:3A:C6:E4:AF:88:56:EC:CF:11:EB:BE:CA:5C:8E:50:5A:5C:19:11:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ac5ea16ad07d29d2d29db8fbd5b3893571bb631.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/12c5a44c-f23f-4488-976e-f3b7d7828ebd/bffaee9661e00421d450ebb8a98a4735d9a0674f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/12c5a44c-f23f-4488-976e-f3b7d7828ebd/4ac5ea16ad07d29d2d29db8fbd5b3893571bb631.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.14.128.0/22
                  190.14.135.0-190.14.141.255
                  190.14.143.0/24
                  190.104.112.0/24
                  190.104.114.0/24
                  190.104.116.0/24
                  190.104.119.0-190.104.121.255
                  190.104.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2c:da:a3:dc:68:4c:9a:58:c4:c1:66:f2:91:91:9a:8d:7b:83:
         59:62:39:e8:1a:58:78:e1:0d:8c:64:e8:64:d9:22:eb:73:85:
         e7:5a:51:da:7f:6d:0c:11:ab:11:d9:fa:e8:b8:78:88:42:38:
         84:e5:02:df:07:4a:a8:78:5d:91:3e:69:43:90:ef:a4:cc:0b:
         bb:47:10:74:fa:b2:1b:f1:73:2d:52:0c:10:5f:b2:13:28:49:
         6b:05:4f:4b:24:f0:15:c9:45:f3:fd:e7:12:1f:48:62:0e:89:
         1f:b1:db:94:ab:66:ea:8f:57:af:8c:c4:e4:d0:52:fe:7f:86:
         4a:fb:12:ca:ef:99:da:79:e4:5a:d4:1d:03:7e:27:c8:40:5d:
         e3:bc:bf:53:fc:3b:d5:e8:3f:20:bd:73:1c:15:e3:1c:8a:f5:
         7e:d4:0e:75:ce:93:14:79:e2:23:33:e1:ff:13:36:b2:e7:69:
         de:ad:82:3a:31:45:8d:dd:32:47:de:48:3d:57:67:ad:d7:25:
         1b:7e:b4:a2:f6:72:89:0c:e5:bf:01:97:3a:b3:97:c0:37:99:
         e6:08:a0:45:0e:b0:78:d8:ea:96:39:8f:a6:07:4d:2b:9f:8e:
         10:5e:c8:32:4c:b4:b1:b8:5a:89:b8:d8:ae:b3:5e:11:d4:5c:
         19:e3:05:6e
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIDCwzJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRh
YzVlYTE2YWQwN2QyOWQyZDI5ZGI4ZmJkNWIzODkzNTcxYmI2MzEwHhcNMjEwODE2
MDMwMDAwWhcNMjMwODE3MDMwMDAwWjAzMTEwLwYDVQQDEyhiZmZhZWU5NjYxZTAw
NDIxZDQ1MGViYjhhOThhNDczNWQ5YTA2NzRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn3iCpNp814u+Y+j9Beg1NsJM54E5SpF8d0qazDfSl+5/Snvz
Nl2FSVQL3aHd9lEBBQjISyrLB07nEc386B/MkEaSDzpF6Zyv7yPMap7X7KenFlzN
aeOmDqdJ0T5mxLtDTiGNjmRbHeF4RiTG8J3zEgC9uOhNa15gMD05U+HLE38Ng33y
GRIGG0iQCg21S3cGBU+/EIvRhjsMJRdpQxW3BfM/kiwnUK1dDv03113PfGjJAYGZ
mMwBcfvidW6Txnja7fU5VkoEoqxslzqoIn9Veu7FK8luuUFkEhTyxfacXDfli7fh
xu0XJyx2AoB6mXQPuKtUQu/e8H0uDTRMfKJGgwIDAQABo4IClTCCApEwHQYDVR0O
BBYEFJvCZPbo7BHMK3cRQL6aWaGsUSzxMB8GA1UdIwQYMBaAFDrG5K+IVuzPEeu+
ylyOUFpcGREmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGFjNWVh
MTZhZDA3ZDI5ZDJkMjlkYjhmYmQ1YjM4OTM1NzFiYjYzMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTJjNWE0NGMtZjIzZi00NDg4LTk3NmUtZjNiN2Q3
ODI4ZWJkL2JmZmFlZTk2NjFlMDA0MjFkNDUwZWJiOGE5OGE0NzM1ZDlhMDY3NGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xMmM1YTQ0Yy1mMjNmLTQ0ODgtOTc2ZS1mM2I3
ZDc4MjhlYmQvNGFjNWVhMTZhZDA3ZDI5ZDJkMjlkYjhmYmQ1YjM4OTM1NzFiYjYz
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBggrBgEFBQcBBwEB/wRK
MEgwRgQCAAEwQAMEAr4OgDAMAwQAvg6HAwQBvg6MAwQAvg6PAwQAvmhwAwQAvmhy
AwQAvmh0MAwDBAC+aHcDBAG+aHgDBAK+aHwwDQYJKoZIhvcNAQELBQADggEBACza
o9xoTJpYxMFm8pGRmo17g1liOegaWHjhDYxk6GTZIutzhedaUdp/bQwRqxHZ+ui4
eIhCOITlAt8HSqh4XZE+aUOQ76TMC7tHEHT6shvxcy1SDBBfshMoSWsFT0sk8BXJ
RfP95xIfSGIOiR+x25SrZuqPV6+MxOTQUv5/hkr7Esrvmdp55FrUHQN+J8hAXeO8
v1P8O9XoPyC9cxwV4xyK9X7UDnXOkxR54iMz4f8TNrLnad6tgjoxRY3dMkfeSD1X
Z63XJRt+tKL2cokM5b8Blzqzl8A3meYIoEUOsHjY6pY5j6YHTSufjhBeyDJMtLG4
Wom42K6zXhHUXBnjBW4=
-----END CERTIFICATE-----
Generated at Wed Aug 16 09:06:17 2023 by rpki-client on console-ams.rpki-client.org