Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/ca7a5a0f6c544cba822d0273ad42101ea119e15b.roa
File: ca7a5a0f6c544cba822d0273ad42101ea119e15b.roa (raw, json)
Hash identifier: UOnxfjO2oX/Vv447tFeIsNMEgF0si8zZSia/tc75XHg=
Subject key identifier: 5F:CD:E2:CD:F6:53:D5:1C:A5:53:EB:6C:21:03:99:4D:60:C4:71:02
Certificate issuer: /CN=5494bd71484d106b75c5bedf4263f48281a4e409
Certificate serial: 1A160B
Authority key identifier: 4C:B6:BE:C7:78:41:99:EC:CA:F0:31:13:8A:C9:9A:2E:66:AB:83:DD
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5494bd71484d106b75c5bedf4263f48281a4e409.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/ca7a5a0f6c544cba822d0273ad42101ea119e15b.roa
Signing time: Fri 26 Aug 2022 17:18:55 +0000
ROA not before: Wed 24 Mar 2021 14:46:11 +0000
ROA not after: Tue 24 Mar 2026 14:46:11 +0000
asID: 6147
IP address blocks: 181.64.0.0/15 maxlen: 24
181.66.0.0/15 maxlen: 24
190.40.0.0/14 maxlen: 24
190.232.0.0/13 maxlen: 24
200.4.192.0/18 maxlen: 24
200.10.64.0/19 maxlen: 24
200.37.0.0/16 maxlen: 24
200.48.0.0/16 maxlen: 24
200.60.0.0/16 maxlen: 24
200.106.0.0/18 maxlen: 24
200.106.64.0/18 maxlen: 24
200.107.128.0/18 maxlen: 24
200.121.0.0/17 maxlen: 24
200.121.128.0/17 maxlen: 24
201.230.0.0/17 maxlen: 24
201.230.128.0/17 maxlen: 24
201.240.0.0/17 maxlen: 24
201.240.128.0/17 maxlen: 24
170.79.36.0/22 maxlen: 24
201.131.220.0/22 maxlen: 24
2001:1388::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1709579 (0x1a160b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5494bd71484d106b75c5bedf4263f48281a4e409
Validity
Not Before: Mar 24 14:46:11 2021 GMT
Not After : Mar 24 14:46:11 2026 GMT
Subject: CN=ca7a5a0f6c544cba822d0273ad42101ea119e15b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bc:11:cb:d7:f1:c7:68:b6:10:b4:e7:0a:14:
46:49:fa:2b:57:04:8c:de:3b:45:a2:c3:ca:77:0d:
ad:1b:99:8e:62:46:f4:73:b9:66:fe:41:27:fb:d0:
71:8b:5f:90:70:44:0c:73:f7:a4:83:8c:a0:c8:5b:
5b:ea:96:01:c3:f8:d4:59:1b:2a:fe:fc:1d:28:1a:
b6:4e:3a:d9:54:97:24:cc:85:6a:78:8a:77:e8:ac:
b7:c1:bf:2f:fa:3a:3c:9e:51:9a:6e:e3:77:5f:6a:
ce:05:cb:4a:9d:2e:42:da:6d:e8:bd:48:ff:d7:89:
d5:22:bb:a2:31:d8:d6:57:c6:58:e8:22:be:cd:f0:
1d:79:6a:b6:3f:56:07:11:94:58:2a:96:31:2b:5f:
f9:a1:21:fc:14:9f:87:d9:a3:5e:e5:c4:8f:8a:b7:
e1:d6:0b:23:98:db:b4:68:3d:7a:4d:df:33:9a:53:
f9:d7:1a:62:f3:18:55:47:1b:bb:9f:ad:bd:e9:02:
be:08:9e:92:e4:c8:33:9d:33:bc:f6:b0:af:12:f6:
c0:bf:13:97:e1:9d:e5:8f:c0:77:0f:de:6e:c7:2c:
0f:76:b1:c8:e8:cb:ce:06:63:77:18:83:1d:1b:f3:
21:c0:42:fc:3e:24:fb:10:31:64:9d:50:96:07:f6:
5a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CD:E2:CD:F6:53:D5:1C:A5:53:EB:6C:21:03:99:4D:60:C4:71:02
X509v3 Authority Key Identifier:
keyid:4C:B6:BE:C7:78:41:99:EC:CA:F0:31:13:8A:C9:9A:2E:66:AB:83:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5494bd71484d106b75c5bedf4263f48281a4e409.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/ca7a5a0f6c544cba822d0273ad42101ea119e15b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/5494bd71484d106b75c5bedf4263f48281a4e409.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.79.36.0/22
181.64.0.0/14
190.40.0.0/14
190.232.0.0/13
200.4.192.0/18
200.10.64.0/19
200.37.0.0/16
200.48.0.0/16
200.60.0.0/16
200.106.0.0/17
200.107.128.0/18
200.121.0.0/16
201.131.220.0/22
201.230.0.0/16
201.240.0.0/16
IPv6:
2001:1388::/32
Signature Algorithm: sha256WithRSAEncryption
4b:e5:55:67:d8:74:0f:a0:30:10:e9:c0:3a:a0:66:60:c2:46:
36:74:a4:11:5e:a0:39:2a:2d:99:72:b7:7f:c4:0c:93:f0:0b:
84:a8:43:91:38:1b:67:b2:7d:e5:e5:29:52:74:75:1c:34:cb:
c5:0d:48:e5:93:f4:1d:de:37:17:4e:9c:e8:ab:1f:9f:92:b0:
24:5b:3d:58:b3:db:7e:ee:1e:a2:00:6c:30:2d:4a:5b:9b:c3:
83:d9:86:40:d1:5a:8d:57:28:fd:a9:a1:47:f6:d9:2b:f7:f3:
00:7a:1a:39:cd:13:76:54:64:4c:f5:f8:83:85:98:94:b1:3a:
8d:ae:0b:a7:c5:e8:30:02:9d:af:62:d9:78:86:b7:c3:ee:09:
2c:d0:20:d6:52:ea:f6:8a:b3:88:c1:cc:57:46:8a:3b:da:67:
a6:86:14:d9:65:db:a3:d4:99:3e:37:99:d5:51:38:89:78:0a:
5e:2e:90:73:8a:af:27:5c:80:e1:99:42:b0:b6:ee:48:84:08:
e3:8c:6e:c6:b1:dc:fc:b1:79:8c:87:dc:bf:45:64:c0:e9:e7:
0e:e5:66:e9:8e:88:4b:ec:5f:b4:22:19:bd:48:ef:21:73:57:
eb:2e:85:2e:b2:f9:01:6c:54:3d:64:25:30:7c:94:cc:c6:8c:
90:17:13:3d
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDGhYLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU0
OTRiZDcxNDg0ZDEwNmI3NWM1YmVkZjQyNjNmNDgyODFhNGU0MDkwHhcNMjEwMzI0
MTQ0NjExWhcNMjYwMzI0MTQ0NjExWjAzMTEwLwYDVQQDEyhjYTdhNWEwZjZjNTQ0
Y2JhODIyZDAyNzNhZDQyMTAxZWExMTllMTViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjrwRy9fxx2i2ELTnChRGSforVwSM3jtFosPKdw2tG5mOYkb0
c7lm/kEn+9Bxi1+QcEQMc/ekg4ygyFtb6pYBw/jUWRsq/vwdKBq2TjrZVJckzIVq
eIp36Ky3wb8v+jo8nlGabuN3X2rOBctKnS5C2m3ovUj/14nVIruiMdjWV8ZY6CK+
zfAdeWq2P1YHEZRYKpYxK1/5oSH8FJ+H2aNe5cSPirfh1gsjmNu0aD16Td8zmlP5
1xpi8xhVRxu7n6296QK+CJ6S5MgznTO89rCvEvbAvxOX4Z3lj8B3D95uxywPdrHI
6MvOBmN3GIMdG/MhwEL8PiT7EDFknVCWB/ZacQIDAQABo4ICtTCCArEwHQYDVR0O
BBYEFF/N4s32U9UcpVPrbCEDmU1gxHECMB8GA1UdIwQYMBaAFEy2vsd4QZnsyvAx
E4rJmi5mq4PdMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTQ5NGJk
NzE0ODRkMTA2Yjc1YzViZWRmNDI2M2Y0ODI4MWE0ZTQwOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjc5N2IyZjAtZTVkYS00MTZjLWE4ZDYtYTYxZGMx
MDJhNDQxL2NhN2E1YTBmNmM1NDRjYmE4MjJkMDI3M2FkNDIxMDFlYTExOWUxNWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNzk3YjJmMC1lNWRhLTQxNmMtYThkNi1hNjFk
YzEwMmE0NDEvNTQ5NGJkNzE0ODRkMTA2Yjc1YzViZWRmNDI2M2Y0ODI4MWE0ZTQw
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRq
MGgwVwQCAAEwUQMEAqpPJAMDArVAAwMCvigDAwO+6AMEBsgEwAMEBcgKQAMDAMgl
AwMAyDADAwDIPAMEB8hqAAMEBshrgAMDAMh5AwQCyYPcAwMAyeYDAwDJ8DANBAIA
AjAHAwUAIAETiDANBgkqhkiG9w0BAQsFAAOCAQEAS+VVZ9h0D6AwEOnAOqBmYMJG
NnSkEV6gOSotmXK3f8QMk/ALhKhDkTgbZ7J95eUpUnR1HDTLxQ1I5ZP0Hd43F06c
6Ksfn5KwJFs9WLPbfu4eogBsMC1KW5vDg9mGQNFajVco/amhR/bZK/fzAHoaOc0T
dlRkTPX4g4WYlLE6ja4Lp8XoMAKdr2LZeIa3w+4JLNAg1lLq9oqziMHMV0aKO9pn
poYU2WXbo9SZPjeZ1VE4iXgKXi6Qc4qvJ1yA4ZlCsLbuSIQI44xuxrHc/LF5jIfc
v0VkwOnnDuVm6Y6IS+xftCIZvUjvIXNX6y6FLrL5AWxUPWQlMHyUzMaMkBcTPQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:28 2023 by rpki-client on console-ams.rpki-client.org