Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1c494acd-67c1-46c0-b6c5-caabcbce1d94/ff3b27afcb19fa923ae74a3c85224c7180f9f870.roa
File: ff3b27afcb19fa923ae74a3c85224c7180f9f870.roa (raw, json)
Hash identifier: jQ6gRUrJNNOheoXr6VBkRwluoJfg9Nu8waOdJiWTh3Y=
Subject key identifier: 41:B7:67:94:C8:D9:3E:F7:B4:22:BB:57:E3:18:D3:3E:44:F8:A9:EF
Certificate issuer: /CN=610a073086b39384e909786d0a194418acd0bd49
Certificate serial: 2734CB
Authority key identifier: D6:DA:C6:62:CF:C3:1A:BF:C6:77:86:7C:A6:81:8B:3F:4D:86:F0:9D
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/610a073086b39384e909786d0a194418acd0bd49.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/1c494acd-67c1-46c0-b6c5-caabcbce1d94/ff3b27afcb19fa923ae74a3c85224c7180f9f870.roa
Signing time: Wed 03 Jan 2024 20:33:02 +0000
ROA not before: Wed 03 Jan 2024 20:33:01 +0000
ROA not after: Sat 03 Jan 2026 20:33:01 +0000
asID: 52468
IP address blocks: 45.70.56.0/22 maxlen: 24
2803:a820::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2569419 (0x2734cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=610a073086b39384e909786d0a194418acd0bd49
Validity
Not Before: Jan 3 20:33:01 2024 GMT
Not After : Jan 3 20:33:01 2026 GMT
Subject: CN=ff3b27afcb19fa923ae74a3c85224c7180f9f870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:19:c7:51:88:d1:eb:35:c3:da:fc:9a:f3:f8:
5d:b4:80:fe:22:3f:42:9d:2e:ca:94:e1:8c:34:4f:
66:0e:3e:fd:32:c5:f4:98:67:9c:05:85:27:79:23:
a8:43:09:b5:49:15:e5:01:b1:94:51:cb:9a:1f:af:
52:87:a7:ae:7b:cf:42:62:6c:b7:1d:d7:bb:ab:65:
fe:6a:34:21:55:04:83:35:62:07:98:6e:fd:7b:dc:
bc:12:c4:1d:50:7c:0e:ad:e2:12:e8:5a:4f:aa:1e:
6c:39:41:7d:b3:22:50:17:13:3d:58:be:23:4b:10:
21:e6:59:ca:7b:41:61:5b:82:af:5a:9e:6a:75:a3:
24:32:96:7c:6b:4f:f5:e6:2e:b4:cf:14:6f:11:a4:
97:18:ed:83:03:90:f1:80:f3:0d:b2:eb:f7:18:de:
59:af:8f:38:80:20:a7:43:2f:ad:16:ea:8b:72:13:
30:c7:e0:1e:7e:88:a0:5d:63:ca:f8:d6:88:36:c1:
0b:49:f1:88:f4:de:9f:12:d0:b1:8d:a6:4a:ff:6d:
0d:fc:9d:c2:ef:b8:83:6f:ce:ee:97:3d:9e:64:c4:
80:de:14:7e:de:a9:0f:f7:f9:8d:75:9b:8f:0f:ac:
e0:f9:0b:bd:e2:25:56:4e:fa:e8:ff:18:b4:41:f0:
ce:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B7:67:94:C8:D9:3E:F7:B4:22:BB:57:E3:18:D3:3E:44:F8:A9:EF
X509v3 Authority Key Identifier:
keyid:D6:DA:C6:62:CF:C3:1A:BF:C6:77:86:7C:A6:81:8B:3F:4D:86:F0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/610a073086b39384e909786d0a194418acd0bd49.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1c494acd-67c1-46c0-b6c5-caabcbce1d94/ff3b27afcb19fa923ae74a3c85224c7180f9f870.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/1c494acd-67c1-46c0-b6c5-caabcbce1d94/610a073086b39384e909786d0a194418acd0bd49.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.70.56.0/22
IPv6:
2803:a820::/32
Signature Algorithm: sha256WithRSAEncryption
3e:4a:fe:44:69:a9:72:63:57:8f:4e:32:58:99:2f:67:fa:dc:
19:38:df:4c:de:ef:b8:cc:e1:d6:d1:9e:8d:6a:63:2f:4f:2e:
0c:84:9e:08:8c:d3:e6:f6:c0:29:f7:65:a2:66:9e:98:43:ec:
98:01:c6:3d:81:e9:13:28:ef:89:33:f9:f7:f6:17:73:04:94:
f7:2a:8e:27:c5:b4:5f:48:62:06:6e:29:91:7d:d9:30:60:e0:
df:3d:9c:0a:53:52:f0:3b:dc:cd:09:5a:e7:53:f7:81:52:dd:
6c:f1:e2:e0:6d:c0:93:d1:ba:ff:41:40:6d:8f:2b:44:c4:c9:
33:32:e0:92:ab:3e:70:ea:b0:20:8f:77:34:5e:d1:1b:4f:a6:
da:e5:5d:d0:d9:5e:07:1e:39:b4:1e:c0:63:5d:62:0c:e3:c7:
9d:da:dd:f5:4d:46:b3:21:5a:42:82:19:d4:41:fa:01:9c:54:
d5:01:71:f9:fe:f1:55:6a:0a:50:98:98:60:c7:d4:3e:f4:e1:
2a:b5:06:a2:64:e7:d0:3c:54:2c:31:e0:41:5f:4c:0b:b3:30:
59:5c:f9:46:55:bb:24:a5:45:34:4b:e8:ca:5c:45:a1:e5:75:
57:f4:87:eb:ae:35:f6:6e:a5:bc:d2:6e:03:d7:39:0c:96:3c:
3c:59:81:92
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJzTLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
MGEwNzMwODZiMzkzODRlOTA5Nzg2ZDBhMTk0NDE4YWNkMGJkNDkwHhcNMjQwMTAz
MjAzMzAxWhcNMjYwMTAzMjAzMzAxWjAzMTEwLwYDVQQDEyhmZjNiMjdhZmNiMTlm
YTkyM2FlNzRhM2M4NTIyNGM3MTgwZjlmODcwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1RnHUYjR6zXD2vya8/hdtID+Ij9CnS7KlOGMNE9mDj79MsX0
mGecBYUneSOoQwm1SRXlAbGUUcuaH69Sh6eue89CYmy3Hde7q2X+ajQhVQSDNWIH
mG79e9y8EsQdUHwOreIS6FpPqh5sOUF9syJQFxM9WL4jSxAh5lnKe0FhW4KvWp5q
daMkMpZ8a0/15i60zxRvEaSXGO2DA5DxgPMNsuv3GN5Zr484gCCnQy+tFuqLchMw
x+AefoigXWPK+NaINsELSfGI9N6fEtCxjaZK/20N/J3C77iDb87ulz2eZMSA3hR+
3qkP9/mNdZuPD6zg+Qu94iVWTvro/xi0QfDO5wIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFEG3Z5TI2T73tCK7V+MY0z5E+KnvMB8GA1UdIwQYMBaAFNbaxmLPwxq/xneG
fKaBiz9NhvCdMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjEwYTA3
MzA4NmIzOTM4NGU5MDk3ODZkMGExOTQ0MThhY2QwYmQ0OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWM0OTRhY2QtNjdjMS00NmMwLWI2YzUtY2FhYmNi
Y2UxZDk0L2ZmM2IyN2FmY2IxOWZhOTIzYWU3NGEzYzg1MjI0YzcxODBmOWY4NzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xYzQ5NGFjZC02N2MxLTQ2YzAtYjZjNS1jYWFi
Y2JjZTFkOTQvNjEwYTA3MzA4NmIzOTM4NGU5MDk3ODZkMGExOTQ0MThhY2QwYmQ0
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi1GODANBAIAAjAHAwUAKAOoIDANBgkqhkiG9w0BAQsFAAOC
AQEAPkr+RGmpcmNXj04yWJkvZ/rcGTjfTN7vuMzh1tGejWpjL08uDISeCIzT5vbA
KfdlomaemEPsmAHGPYHpEyjviTP59/YXcwSU9yqOJ8W0X0hiBm4pkX3ZMGDg3z2c
ClNS8DvczQla51P3gVLdbPHi4G3Ak9G6/0FAbY8rRMTJMzLgkqs+cOqwII93NF7R
G0+m2uVd0NleBx45tB7AY11iDOPHndrd9U1GsyFaQoIZ1EH6AZxU1QFx+f7xVWoK
UJiYYMfUPvThKrUGomTn0DxULDHgQV9MC7MwWVz5RlW7JKVFNEvoylxFoeV1V/SH
66419m6lvNJuA9c5DJY8PFmBkg==
-----END CERTIFICATE-----
Generated at Wed Jan 3 22:58:40 2024 by rpki-client on console-fra.rpki-client.org