Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/3aef64ee1b94ed89678f67e8af652b9aa500dd78.roa
File:                     3aef64ee1b94ed89678f67e8af652b9aa500dd78.roa (raw, json)
Hash identifier:          4EhgMTeWMZpzeilFuzYkagKjOFs3Z8yLqGRXp1LK5QI=
Subject key identifier:   52:89:43:48:F9:76:25:AC:6B:7E:06:43:9D:F5:E3:41:D5:ED:FD:53
Certificate issuer:       /CN=9db9b9135b4d3333a2e412cf69bbebbc30229f4a
Certificate serial:       0DB128
Authority key identifier: 75:82:21:D0:B5:2D:06:A9:75:E0:A5:3A:16:0E:B3:15:AC:1C:43:79
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/3aef64ee1b94ed89678f67e8af652b9aa500dd78.roa
Signing time:             Wed 24 Mar 2021 14:32:10 +0000
ROA not before:           Wed 24 Mar 2021 14:32:10 +0000
ROA not after:            Tue 24 Mar 2026 14:32:10 +0000
asID:                     52327
IP address blocks:        131.161.232.0/22 maxlen: 24
                          170.80.116.0/22 maxlen: 24
                          181.177.208.0/21 maxlen: 24
                          190.52.56.0/21 maxlen: 24
                          2803:7d00::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 18:09:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 897320 (0xdb128)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9db9b9135b4d3333a2e412cf69bbebbc30229f4a
        Validity
            Not Before: Mar 24 14:32:10 2021 GMT
            Not After : Mar 24 14:32:10 2026 GMT
        Subject: CN=3aef64ee1b94ed89678f67e8af652b9aa500dd78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:6d:63:bc:b5:22:ee:ba:dc:3b:b8:08:d8:50:
                    d5:d7:7a:c6:9a:83:64:66:c7:d7:75:f0:59:89:fa:
                    44:d3:e6:5f:0f:55:45:94:dd:32:d4:b8:90:12:c3:
                    2e:21:5b:d8:98:2f:8f:53:65:d8:38:c0:6c:ef:b7:
                    2c:fc:7e:27:0a:e6:4c:8d:08:23:b0:a4:ed:17:4b:
                    9a:6a:d5:30:52:ca:c7:1f:4b:51:ad:81:3c:f8:73:
                    6a:37:aa:90:ec:14:53:2a:c6:8f:36:ca:e5:24:bf:
                    ef:61:e3:04:5e:43:aa:37:60:ea:7e:3d:3f:fb:6e:
                    13:a4:5d:fa:01:9a:4d:f2:2f:ec:f0:62:40:a9:f7:
                    5e:8c:72:da:8d:fd:d3:cc:19:55:50:3f:ef:8f:ab:
                    e0:58:1d:c2:17:1c:62:88:5e:00:0a:24:d7:e1:14:
                    3f:52:d1:72:32:d7:b6:be:91:e2:41:a1:15:8d:8b:
                    68:10:54:00:06:a4:b8:c4:aa:5b:72:0b:fd:6d:11:
                    08:db:b3:fb:c0:0e:1d:e2:c8:3b:c9:d3:a0:eb:af:
                    85:55:7b:7a:61:c4:15:d2:a2:a8:cc:bd:d2:97:05:
                    07:ba:fa:97:29:df:fb:bb:8e:03:19:51:b1:1d:7c:
                    ba:06:e9:b3:d8:11:ae:0c:9b:7d:77:3f:f3:07:7b:
                    dd:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:89:43:48:F9:76:25:AC:6B:7E:06:43:9D:F5:E3:41:D5:ED:FD:53
            X509v3 Authority Key Identifier:
                keyid:75:82:21:D0:B5:2D:06:A9:75:E0:A5:3A:16:0E:B3:15:AC:1C:43:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/3aef64ee1b94ed89678f67e8af652b9aa500dd78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.161.232.0/22
                  170.80.116.0/22
                  181.177.208.0/21
                  190.52.56.0/21
                IPv6:
                  2803:7d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         4a:5f:75:c8:55:c9:b2:c4:0b:0c:91:5e:02:6d:ac:88:9e:de:
         07:7b:aa:a7:38:27:b2:b8:8a:be:7b:96:48:0d:78:56:98:7c:
         40:d8:38:cd:57:97:2b:70:49:25:fb:d9:77:ed:7f:8d:b1:bc:
         20:34:3e:56:51:33:a2:1c:4c:43:55:18:69:a4:89:4a:d2:19:
         f6:83:70:a9:af:03:9b:a2:ff:bb:86:6c:90:70:be:2c:66:0a:
         e7:cb:d2:98:ba:a5:3d:45:b6:dd:bd:eb:6f:cf:cc:40:89:ac:
         d2:51:e4:8a:d9:e5:5c:35:b3:6f:8c:28:b5:98:63:44:94:c8:
         0e:80:2d:e4:62:3f:2a:f8:52:4b:c0:d9:41:e2:69:70:63:b7:
         ca:ca:8e:a1:3a:37:0b:54:5f:29:be:16:f0:40:a2:55:71:98:
         d7:98:d0:f9:b4:bb:c8:d8:44:29:95:09:9d:57:ab:ff:60:0b:
         08:cd:04:31:3d:b4:82:7c:ab:34:7f:76:9e:de:94:4b:70:60:
         2d:cc:ef:39:06:40:49:ff:46:4e:e2:97:cc:73:41:b0:d4:53:
         9b:4e:f3:a9:c4:78:b6:7c:f3:8d:44:ce:97:6d:61:c4:d0:a4:
         1b:b8:0e:90:08:6c:7e:63:01:38:c2:17:8a:01:ef:83:d4:5d:
         cd:e4:60:81
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDDbEoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlk
YjliOTEzNWI0ZDMzMzNhMmU0MTJjZjY5YmJlYmJjMzAyMjlmNGEwHhcNMjEwMzI0
MTQzMjEwWhcNMjYwMzI0MTQzMjEwWjAzMTEwLwYDVQQDEygzYWVmNjRlZTFiOTRl
ZDg5Njc4ZjY3ZThhZjY1MmI5YWE1MDBkZDc4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnm1jvLUi7rrcO7gI2FDV13rGmoNkZsfXdfBZifpE0+ZfD1VF
lN0y1LiQEsMuIVvYmC+PU2XYOMBs77cs/H4nCuZMjQgjsKTtF0uaatUwUsrHH0tR
rYE8+HNqN6qQ7BRTKsaPNsrlJL/vYeMEXkOqN2Dqfj0/+24TpF36AZpN8i/s8GJA
qfdejHLajf3TzBlVUD/vj6vgWB3CFxxiiF4ACiTX4RQ/UtFyMte2vpHiQaEVjYto
EFQABqS4xKpbcgv9bREI27P7wA4d4sg7ydOg66+FVXt6YcQV0qKozL3SlwUHuvqX
Kd/7u44DGVGxHXy6Bumz2BGuDJt9dz/zB3vdvwIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFFKJQ0j5diWsa34GQ53140HV7f1TMB8GA1UdIwQYMBaAFHWCIdC1LQapdeCl
OhYOsxWsHEN5MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWRiOWI5
MTM1YjRkMzMzM2EyZTQxMmNmNjliYmViYmMzMDIyOWY0YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjRkOTRlNjYtMzQ5Yi00MWFhLTk2MjEtMjZlMTg4
YThlYmJhLzNhZWY2NGVlMWI5NGVkODk2NzhmNjdlOGFmNjUyYjlhYTUwMGRkNzgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNGQ5NGU2Ni0zNDliLTQxYWEtOTYyMS0yNmUx
ODhhOGViYmEvOWRiOWI5MTM1YjRkMzMzM2EyZTQxMmNmNjliYmViYmMzMDIyOWY0
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAoOh6AMEAqpQdAMEA7Wx0AMEA740ODANBAIAAjAHAwUAKAN9
ADANBgkqhkiG9w0BAQsFAAOCAQEASl91yFXJssQLDJFeAm2siJ7eB3uqpzgnsriK
vnuWSA14Vph8QNg4zVeXK3BJJfvZd+1/jbG8IDQ+VlEzohxMQ1UYaaSJStIZ9oNw
qa8Dm6L/u4ZskHC+LGYK58vSmLqlPUW23b3rb8/MQIms0lHkitnlXDWzb4wotZhj
RJTIDoAt5GI/KvhSS8DZQeJpcGO3ysqOoTo3C1RfKb4W8ECiVXGY15jQ+bS7yNhE
KZUJnVer/2ALCM0EMT20gnyrNH92nt6US3BgLczvOQZASf9GTuKXzHNBsNRTm07z
qcR4tnzzjUTOl21hxNCkG7gOkAhsfmMBOMIXigHvg9RdzeRggQ==
-----END CERTIFICATE-----
Generated at Mon Mar 25 20:37:32 2024 by rpki-client on console-ams.rpki-client.org