Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/25054c0f-198a-47c6-b112-152e3460238c/5f8eb09607265cecc75d8f8769c14d61440f0b85.roa
File:                     5f8eb09607265cecc75d8f8769c14d61440f0b85.roa (raw, json)
Hash identifier:          +TSVyQt4gfuTUJ7E5mN8eGvFPrSxqJgmEARigz/PI78=
Subject key identifier:   8B:15:A5:5B:54:58:E6:B3:B4:E3:BD:39:5C:82:54:7E:9B:1A:0B:A4
Certificate issuer:       /CN=7d666fc96c87b713c1f1fc6b289e51fae298a9ff
Certificate serial:       147649
Authority key identifier: 34:46:15:53:3D:37:E7:7E:E5:71:C9:D2:95:48:61:E8:2C:FE:CF:26
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7d666fc96c87b713c1f1fc6b289e51fae298a9ff.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/25054c0f-198a-47c6-b112-152e3460238c/5f8eb09607265cecc75d8f8769c14d61440f0b85.roa
Signing time:             Fri 24 Dec 2021 20:38:12 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52228
IP address blocks:        152.231.128.0/17 maxlen: 24
                          179.50.128.0/17 maxlen: 24
                          186.15.48.0/20 maxlen: 24
                          186.15.64.0/18 maxlen: 24
                          186.15.128.0/19 maxlen: 24
                          186.15.160.0/20 maxlen: 24
                          186.15.176.0/21 maxlen: 24
                          186.15.192.0/18 maxlen: 24
                          186.64.128.0/17 maxlen: 24
                          186.159.128.0/18 maxlen: 24
                          186.159.192.0/20 maxlen: 24
                          186.159.208.0/21 maxlen: 24
                          186.159.216.0/23 maxlen: 24
                          186.159.220.0/22 maxlen: 24
                          186.159.224.0/19 maxlen: 24
                          2803:6000::/32 maxlen: 128

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1341001 (0x147649)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d666fc96c87b713c1f1fc6b289e51fae298a9ff
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=5f8eb09607265cecc75d8f8769c14d61440f0b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a8:96:0a:c6:47:f0:a4:ad:11:1c:bd:a2:f9:
                    81:6f:4a:e5:3e:eb:2f:2f:95:0f:2b:02:96:0e:43:
                    b9:e4:96:67:39:06:d6:6b:6d:00:eb:af:9c:45:e1:
                    f7:b8:87:ca:94:ad:7e:5c:e4:44:a7:9b:5f:e4:90:
                    5a:2e:6c:ed:20:14:c5:97:59:bf:f9:e6:7d:a1:86:
                    24:c3:3c:9c:53:80:1e:fd:f7:cc:8a:4b:a6:86:7b:
                    3c:12:83:bd:8d:02:a1:5a:ab:fc:2d:ac:fe:c3:75:
                    29:8c:6e:da:c2:20:0e:45:b5:2f:f3:3c:c2:da:49:
                    ec:55:86:01:80:04:79:34:bc:46:b8:42:27:82:63:
                    b2:92:c5:13:3d:f9:c0:fa:bc:d3:83:39:e8:0c:49:
                    77:aa:b3:8f:d8:6e:95:8b:c9:8f:06:df:fc:70:50:
                    37:00:06:36:45:01:a9:be:59:67:9e:cb:2e:fb:79:
                    f0:ac:1a:1f:27:20:b7:6e:bc:b5:7f:a8:e1:50:f1:
                    5e:b3:86:74:ba:09:d6:54:3d:c8:c8:18:64:4f:8e:
                    68:93:a9:a3:e8:38:30:33:4b:b2:33:e6:a5:7b:00:
                    43:39:9e:fb:6d:12:0d:ba:b7:88:97:f3:76:25:6f:
                    f7:96:27:31:c4:3d:0b:6e:95:39:42:07:e0:fa:a5:
                    c6:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:15:A5:5B:54:58:E6:B3:B4:E3:BD:39:5C:82:54:7E:9B:1A:0B:A4
            X509v3 Authority Key Identifier:
                keyid:34:46:15:53:3D:37:E7:7E:E5:71:C9:D2:95:48:61:E8:2C:FE:CF:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7d666fc96c87b713c1f1fc6b289e51fae298a9ff.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/25054c0f-198a-47c6-b112-152e3460238c/5f8eb09607265cecc75d8f8769c14d61440f0b85.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/25054c0f-198a-47c6-b112-152e3460238c/7d666fc96c87b713c1f1fc6b289e51fae298a9ff.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.231.128.0/17
                  179.50.128.0/17
                  186.15.48.0-186.15.183.255
                  186.15.192.0/18
                  186.64.128.0/17
                  186.159.128.0-186.159.217.255
                  186.159.220.0-186.159.255.255
                IPv6:
                  2803:6000::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:7c:df:7b:67:1b:88:17:d2:16:63:b4:74:73:67:ee:b7:62:
         2b:f5:ab:64:bb:e1:91:03:1e:60:f3:8a:e7:55:aa:3e:df:96:
         e8:a7:bf:50:c7:85:fc:45:08:3a:63:6c:1a:11:19:01:9b:81:
         60:e4:be:19:c0:fd:f1:a5:b1:31:99:b0:d7:d7:dc:d4:79:78:
         88:68:bf:9e:c7:d5:47:f0:7b:d4:dd:de:94:e8:fb:8b:1d:cc:
         29:14:f5:58:88:3d:18:39:71:c4:ba:32:9c:eb:d4:6c:1f:af:
         1b:9e:12:dc:3a:0a:95:c3:18:e2:3d:8b:cd:f6:33:b6:d4:cc:
         dc:ca:05:17:e8:2a:f2:6f:30:c2:a7:0f:87:c5:14:15:7a:4d:
         60:78:dd:ae:0c:7f:b2:78:d0:e2:03:72:65:07:41:0d:8a:a8:
         ac:11:c8:3d:c2:8b:3c:45:0f:28:ea:a5:c8:2d:1f:7e:f3:93:
         ea:ba:58:ea:ed:30:49:ba:c3:68:48:33:bf:ee:1c:57:38:6a:
         b9:4c:91:5b:33:e4:91:9b:fe:e8:72:07:d1:d3:cf:9c:09:24:
         fa:ea:73:6a:74:f3:39:78:22:12:84:e4:50:34:85:50:09:b3:
         d0:1f:58:d2:c2:cd:61:8d:28:f1:eb:c6:6a:b7:1e:75:d3:9e:
         a0:90:58:1e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDFHZJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdk
NjY2ZmM5NmM4N2I3MTNjMWYxZmM2YjI4OWU1MWZhZTI5OGE5ZmYwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg1ZjhlYjA5NjA3MjY1
Y2VjYzc1ZDhmODc2OWMxNGQ2MTQ0MGYwYjg1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjKiWCsZH8KStERy9ovmBb0rlPusvL5UPKwKWDkO55JZnOQbW
a20A66+cReH3uIfKlK1+XOREp5tf5JBaLmztIBTFl1m/+eZ9oYYkwzycU4Ae/ffM
ikumhns8EoO9jQKhWqv8Laz+w3UpjG7awiAORbUv8zzC2knsVYYBgAR5NLxGuEIn
gmOyksUTPfnA+rzTgznoDEl3qrOP2G6Vi8mPBt/8cFA3AAY2RQGpvllnnssu+3nw
rBofJyC3bry1f6jhUPFes4Z0ugnWVD3IyBhkT45ok6mj6DgwM0uyM+alewBDOZ77
bRINureIl/N2JW/3licxxD0LbpU5Qgfg+qXGlQIDAQABo4ICpTCCAqEwHQYDVR0O
BBYEFIsVpVtUWOaztOO9OVyCVH6bGgukMB8GA1UdIwQYMBaAFDRGFVM9N+d+5XHJ
0pVIYegs/s8mMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2Q2NjZm
Yzk2Yzg3YjcxM2MxZjFmYzZiMjg5ZTUxZmFlMjk4YTlmZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjUwNTRjMGYtMTk4YS00N2M2LWIxMTItMTUyZTM0
NjAyMzhjLzVmOGViMDk2MDcyNjVjZWNjNzVkOGY4NzY5YzE0ZDYxNDQwZjBiODUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNTA1NGMwZi0xOThhLTQ3YzYtYjExMi0xNTJl
MzQ2MDIzOGMvN2Q2NjZmYzk2Yzg3YjcxM2MxZjFmYzZiMjg5ZTUxZmFlMjk4YTlm
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRa
MFgwRwQCAAEwQQMEB5jngAMEB7MygDAMAwQEug8wAwQDug+wAwQGug/AAwQHukCA
MAwDBAe6n4ADBAG6n9gwCwMEArqf3AMDBbqAMA0EAgACMAcDBQAoA2AAMA0GCSqG
SIb3DQEBCwUAA4IBAQBQfN97ZxuIF9IWY7R0c2fut2Ir9atku+GRAx5g84rnVao+
35bop79Qx4X8RQg6Y2waERkBm4Fg5L4ZwP3xpbExmbDX19zUeXiIaL+ex9VH8HvU
3d6U6PuLHcwpFPVYiD0YOXHEujKc69RsH68bnhLcOgqVwxjiPYvN9jO21MzcygUX
6CrybzDCpw+HxRQVek1geN2uDH+yeNDiA3JlB0ENiqisEcg9wos8RQ8o6qXILR9+
85Pquljq7TBJusNoSDO/7hxXOGq5TJFbM+SRm/7ocgfR08+cCST66nNqdPM5eCIS
hORQNIVQCbPQH1jSws1hjSjx68Zqtx51056gkFge
-----END CERTIFICATE-----
Generated at Wed Oct 11 21:03:45 2023 by rpki-client on console-ams.rpki-client.org