Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1cbf0148-ce10-47d0-bd31-b461366a8db5/f165271953af344a80ca2144107e5ea4a4cc6bdf.roa
File:                     f165271953af344a80ca2144107e5ea4a4cc6bdf.roa (raw, json)
Hash identifier:          etneWLQB2QhbCFx3wvtC+A01JvRoyh4xPPolWK8j7wk=
Subject key identifier:   02:30:D0:56:C6:D9:F7:03:3A:DC:E5:CA:F4:E3:A4:A4:E8:6D:A3:14
Certificate issuer:       /CN=d47d5f7b68aa301ae431fd999eec69ecfb7c400f
Certificate serial:       03E272
Authority key identifier: 1D:9B:7C:98:DA:76:00:9B:13:E0:36:14:41:C6:6A:2D:26:78:BF:0E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d47d5f7b68aa301ae431fd999eec69ecfb7c400f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1cbf0148-ce10-47d0-bd31-b461366a8db5/f165271953af344a80ca2144107e5ea4a4cc6bdf.roa
Signing time:             Tue 21 Nov 2023 08:38:18 +0000
ROA not before:           Tue 21 Nov 2023 08:38:18 +0000
ROA not after:            Fri 21 Nov 2025 08:38:18 +0000
asID:                     263199
IP address blocks:        200.81.56.0/24 maxlen: 24
                          200.81.57.0/24 maxlen: 24
                          200.81.62.0/24 maxlen: 24
                          200.81.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 09:17:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 254578 (0x3e272)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d47d5f7b68aa301ae431fd999eec69ecfb7c400f
        Validity
            Not Before: Nov 21 08:38:18 2023 GMT
            Not After : Nov 21 08:38:18 2025 GMT
        Subject: CN=f165271953af344a80ca2144107e5ea4a4cc6bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:fc:f6:a9:d3:1a:aa:5b:15:54:8c:be:c2:22:
                    2a:20:c4:03:3a:9a:a8:21:b2:27:28:5a:ea:a3:a2:
                    d5:27:e9:37:15:69:9c:55:79:ea:98:cd:0e:e1:23:
                    2a:c4:f0:71:31:4f:81:5c:e3:5b:68:c9:40:b3:18:
                    d3:ac:87:6d:9d:5a:8e:b6:8f:b7:5c:a4:9d:2f:29:
                    c1:28:c1:de:66:50:a9:47:69:dd:28:a3:4e:4b:5a:
                    fa:1f:e8:4c:45:3b:30:ca:6c:8d:fd:06:47:a0:c8:
                    99:a0:f1:ab:c4:49:7f:65:42:f1:89:77:32:53:26:
                    40:e0:40:fe:8d:d8:79:17:71:61:ed:7f:57:cd:6c:
                    5d:71:ac:7b:31:c7:5c:2f:70:51:51:f5:81:a9:39:
                    c8:d0:12:1b:14:be:21:a6:d3:55:32:a2:78:c7:87:
                    8c:a8:72:3f:9c:94:2d:71:9e:d4:c4:b3:ee:b3:bd:
                    ec:21:1c:af:d2:0f:4b:78:37:1b:74:af:93:ba:dc:
                    45:f2:3b:53:18:1f:92:c0:74:84:9c:4e:1c:e4:61:
                    2b:99:98:0d:2e:1b:bd:94:28:c9:52:5a:40:75:96:
                    53:ec:49:8f:33:13:19:8a:44:21:bd:2e:c3:eb:cc:
                    7f:74:e4:80:77:99:bc:e4:c9:11:82:91:34:1e:7c:
                    5c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:30:D0:56:C6:D9:F7:03:3A:DC:E5:CA:F4:E3:A4:A4:E8:6D:A3:14
            X509v3 Authority Key Identifier:
                keyid:1D:9B:7C:98:DA:76:00:9B:13:E0:36:14:41:C6:6A:2D:26:78:BF:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d47d5f7b68aa301ae431fd999eec69ecfb7c400f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1cbf0148-ce10-47d0-bd31-b461366a8db5/f165271953af344a80ca2144107e5ea4a4cc6bdf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1cbf0148-ce10-47d0-bd31-b461366a8db5/d47d5f7b68aa301ae431fd999eec69ecfb7c400f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.81.56.0/23
                  200.81.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:21:80:4d:3f:35:10:e0:0b:23:5d:3c:78:ed:c5:ca:02:c3:
         c0:b5:3c:7c:7f:c9:93:6a:36:1e:1d:78:b7:5f:32:a3:e8:4c:
         b4:9c:44:6f:ac:4e:e0:4c:e9:1b:62:4b:af:90:c4:d4:ed:65:
         15:96:ea:da:72:2b:4c:7f:5c:44:e1:cf:0c:b0:be:78:66:ef:
         c5:58:57:2a:1b:06:69:62:e1:c6:ff:f0:00:27:69:5e:74:49:
         3b:ee:6e:a1:8a:b1:b5:68:16:e4:f8:1a:20:a1:3a:a3:da:67:
         fb:02:3c:e5:6b:40:16:5e:53:7b:77:93:35:06:df:47:fd:fb:
         b3:96:61:26:85:e6:ca:25:ab:6c:50:f6:36:3f:48:2e:54:c7:
         04:c8:ee:88:f1:42:51:8a:cb:72:40:e9:fe:7d:75:ab:74:2c:
         4d:b6:fa:19:b6:4a:ca:fd:a4:a5:52:9d:62:75:96:c2:12:6e:
         cf:2e:9b:aa:aa:85:d5:8d:14:84:ba:01:88:65:5f:c5:c9:7a:
         73:de:96:48:ec:02:91:a9:f0:23:2f:9b:6c:22:95:ff:25:57:
         42:a3:20:b3:71:87:da:de:bc:46:e9:c1:a9:94:d7:6f:5a:76:
         cc:2f:0c:84:5a:65:57:4c:d7:85:ac:23:a3:a5:6b:c4:43:53:
         36:e9:9a:33
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDA+JyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ0
N2Q1ZjdiNjhhYTMwMWFlNDMxZmQ5OTllZWM2OWVjZmI3YzQwMGYwHhcNMjMxMTIx
MDgzODE4WhcNMjUxMTIxMDgzODE4WjAzMTEwLwYDVQQDEyhmMTY1MjcxOTUzYWYz
NDRhODBjYTIxNDQxMDdlNWVhNGE0Y2M2YmRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsPz2qdMaqlsVVIy+wiIqIMQDOpqoIbInKFrqo6LVJ+k3FWmc
VXnqmM0O4SMqxPBxMU+BXONbaMlAsxjTrIdtnVqOto+3XKSdLynBKMHeZlCpR2nd
KKNOS1r6H+hMRTswymyN/QZHoMiZoPGrxEl/ZULxiXcyUyZA4ED+jdh5F3Fh7X9X
zWxdcax7McdcL3BRUfWBqTnI0BIbFL4hptNVMqJ4x4eMqHI/nJQtcZ7UxLPus73s
IRyv0g9LeDcbdK+TutxF8jtTGB+SwHSEnE4c5GErmZgNLhu9lCjJUlpAdZZT7EmP
MxMZikQhvS7D68x/dOSAd5m85MkRgpE0HnxcFQIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFAIw0FbG2fcDOtzlyvTjpKTobaMUMB8GA1UdIwQYMBaAFB2bfJjadgCbE+A2
FEHGai0meL8OMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDQ3ZDVm
N2I2OGFhMzAxYWU0MzFmZDk5OWVlYzY5ZWNmYjdjNDAwZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWNiZjAxNDgtY2UxMC00N2QwLWJkMzEtYjQ2MTM2
NmE4ZGI1L2YxNjUyNzE5NTNhZjM0NGE4MGNhMjE0NDEwN2U1ZWE0YTRjYzZiZGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xY2JmMDE0OC1jZTEwLTQ3ZDAtYmQzMS1iNDYx
MzY2YThkYjUvZDQ3ZDVmN2I2OGFhMzAxYWU0MzFmZDk5OWVlYzY5ZWNmYjdjNDAw
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAchROAMEAchRPjANBgkqhkiG9w0BAQsFAAOCAQEAiSGATT81
EOALI108eO3FygLDwLU8fH/Jk2o2Hh14t18yo+hMtJxEb6xO4EzpG2JLr5DE1O1l
FZbq2nIrTH9cROHPDLC+eGbvxVhXKhsGaWLhxv/wACdpXnRJO+5uoYqxtWgW5Pga
IKE6o9pn+wI85WtAFl5Te3eTNQbfR/37s5ZhJoXmyiWrbFD2Nj9ILlTHBMjuiPFC
UYrLckDp/n11q3QsTbb6GbZKyv2kpVKdYnWWwhJuzy6bqqqF1Y0UhLoBiGVfxcl6
c96WSOwCkanwIy+bbCKV/yVXQqMgs3GH2t68RunBqZTXb1p2zC8MhFplV0zXhawj
o6VrxENTNumaMw==
-----END CERTIFICATE-----
Generated at Tue Jan 23 12:07:58 2024 by rpki-client on console-fra.rpki-client.org