Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2dd9cd66-f5ae-4d7f-a4b6-68cfa9111840/a2da7298dc08eec1ca270a0391f78b2380843545.roa
File:                     a2da7298dc08eec1ca270a0391f78b2380843545.roa (raw, json)
Hash identifier:          HqVFNN+z/1/+HAmqAREigHVEH9ZxVZL4APLAYtOIGkM=
Subject key identifier:   CD:36:1C:18:A3:7C:43:4C:37:A7:74:D9:DA:7B:11:2C:C3:F4:EE:80
Certificate issuer:       /CN=b4e2545f234d59b5f6dd2e834c9c9e52ce704173
Certificate serial:       08CEAB
Authority key identifier: E5:80:3B:4F:AF:A4:29:01:B5:A7:26:E0:51:CA:65:6C:D6:7F:FD:76
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b4e2545f234d59b5f6dd2e834c9c9e52ce704173.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2dd9cd66-f5ae-4d7f-a4b6-68cfa9111840/a2da7298dc08eec1ca270a0391f78b2380843545.roa
Signing time:             Wed 04 May 2022 00:00:04 +0000
ROA not before:           Fri 31 Dec 2021 03:00:00 +0000
ROA not after:            Sun 31 Dec 2023 03:00:00 +0000
asID:                     271907
IP address blocks:        181.233.88.0/22 maxlen: 24
                          2803:e210::/32 maxlen: 32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 577195 (0x8ceab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4e2545f234d59b5f6dd2e834c9c9e52ce704173
        Validity
            Not Before: Dec 31 03:00:00 2021 GMT
            Not After : Dec 31 03:00:00 2023 GMT
        Subject: CN=a2da7298dc08eec1ca270a0391f78b2380843545
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d0:99:18:cf:ca:b9:f3:bd:98:99:5f:62:c0:
                    5e:ce:79:da:e0:ed:c2:94:2d:1c:d3:45:3b:28:9f:
                    10:03:3a:94:b3:28:bc:c3:d1:c3:50:5e:f5:34:c0:
                    a6:56:66:26:c5:1d:ea:24:fc:7c:2a:d5:7f:4a:2f:
                    40:c8:45:9a:76:db:11:06:b5:73:73:db:ef:42:3a:
                    76:f9:e9:56:2c:9d:cd:bd:2c:fe:2a:37:3b:e5:01:
                    e7:0c:e6:65:bc:0a:b3:34:13:25:6d:62:dc:69:13:
                    0c:39:b1:18:25:58:4b:4f:50:ad:08:1f:cf:c3:b9:
                    99:a3:90:4a:3a:e8:51:de:9b:64:1c:c2:56:a1:97:
                    83:60:9f:2b:30:cb:09:0e:af:8a:91:cf:c2:1c:1c:
                    8f:b2:10:82:dc:81:b2:28:0e:ed:81:1a:5c:45:d6:
                    9b:04:e2:e1:55:17:97:e1:57:b8:81:7b:96:a3:ec:
                    fb:63:b4:73:69:ef:a6:9f:ae:d2:0e:31:f6:16:b6:
                    5c:27:84:f8:4b:8b:16:9d:0d:d4:dc:7c:14:6b:e5:
                    59:89:ab:c0:ba:f6:37:f1:f6:ce:e4:d5:14:df:a4:
                    eb:b0:e0:91:1f:c1:4f:db:f3:12:7b:b9:45:dd:79:
                    a9:cb:e0:85:4e:55:1b:3f:a1:8f:db:e9:ca:e0:05:
                    a8:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:36:1C:18:A3:7C:43:4C:37:A7:74:D9:DA:7B:11:2C:C3:F4:EE:80
            X509v3 Authority Key Identifier:
                keyid:E5:80:3B:4F:AF:A4:29:01:B5:A7:26:E0:51:CA:65:6C:D6:7F:FD:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b4e2545f234d59b5f6dd2e834c9c9e52ce704173.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2dd9cd66-f5ae-4d7f-a4b6-68cfa9111840/a2da7298dc08eec1ca270a0391f78b2380843545.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2dd9cd66-f5ae-4d7f-a4b6-68cfa9111840/b4e2545f234d59b5f6dd2e834c9c9e52ce704173.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.233.88.0/22
                IPv6:
                  2803:e210::/32

    Signature Algorithm: sha256WithRSAEncryption
         1f:f3:e9:9a:d7:27:3f:77:a9:30:af:cb:66:14:d6:eb:08:e6:
         91:93:ad:2c:c8:9a:52:a4:9e:56:9c:d8:9d:81:eb:ea:bf:8f:
         bf:f7:d7:ee:6a:e2:f9:6b:61:a3:ff:c2:60:9a:31:09:54:26:
         ba:f0:4d:eb:13:ee:77:2c:7f:a2:00:22:cf:54:31:18:58:5d:
         1e:fb:3d:f5:11:a7:d8:29:9d:6a:d3:ed:5f:76:f6:51:ff:a0:
         45:8a:d2:34:10:37:0b:1b:05:5c:bb:53:1d:ba:93:6e:95:a6:
         25:1a:8f:19:d1:67:b5:3b:b9:dd:90:ac:45:66:11:70:34:0b:
         8f:10:3a:e2:96:38:58:9a:0b:f7:5e:6a:c6:7d:37:2a:7d:9d:
         79:f5:06:47:12:ec:da:b8:f6:4d:a7:6e:04:5c:3a:b0:62:16:
         8b:d0:f4:e6:46:5f:d4:b3:c0:a2:17:e8:ec:a6:08:32:46:00:
         19:98:24:3c:05:3c:8a:a0:ac:6c:6a:26:ba:31:93:eb:ed:1d:
         80:76:56:4a:aa:ad:57:ba:ba:47:d0:7c:b1:19:2b:7e:69:08:
         00:cc:59:7d:21:42:8a:83:9a:a6:4d:44:54:f4:59:90:bb:2a:
         33:52:96:ee:5b:45:2b:2d:3b:2c:8f:11:a4:c0:9e:b4:f4:ba:
         3f:c3:cf:d7
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDCM6rMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI0
ZTI1NDVmMjM0ZDU5YjVmNmRkMmU4MzRjOWM5ZTUyY2U3MDQxNzMwHhcNMjExMjMx
MDMwMDAwWhcNMjMxMjMxMDMwMDAwWjAzMTEwLwYDVQQDEyhhMmRhNzI5OGRjMDhl
ZWMxY2EyNzBhMDM5MWY3OGIyMzgwODQzNTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAntCZGM/KufO9mJlfYsBeznna4O3ClC0c00U7KJ8QAzqUsyi8
w9HDUF71NMCmVmYmxR3qJPx8KtV/Si9AyEWadtsRBrVzc9vvQjp2+elWLJ3NvSz+
Kjc75QHnDOZlvAqzNBMlbWLcaRMMObEYJVhLT1CtCB/Pw7mZo5BKOuhR3ptkHMJW
oZeDYJ8rMMsJDq+Kkc/CHByPshCC3IGyKA7tgRpcRdabBOLhVReX4Ve4gXuWo+z7
Y7Rzae+mn67SDjH2FrZcJ4T4S4sWnQ3U3HwUa+VZiavAuvY38fbO5NUU36TrsOCR
H8FP2/MSe7lF3Xmpy+CFTlUbP6GP2+nK4AWojwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFM02HBijfENMN6d02dp7ESzD9O6AMB8GA1UdIwQYMBaAFOWAO0+vpCkBtacm
4FHKZWzWf/12MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjRlMjU0
NWYyMzRkNTliNWY2ZGQyZTgzNGM5YzllNTJjZTcwNDE3My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmRkOWNkNjYtZjVhZS00ZDdmLWE0YjYtNjhjZmE5
MTExODQwL2EyZGE3Mjk4ZGMwOGVlYzFjYTI3MGEwMzkxZjc4YjIzODA4NDM1NDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yZGQ5Y2Q2Ni1mNWFlLTRkN2YtYTRiNi02OGNm
YTkxMTE4NDAvYjRlMjU0NWYyMzRkNTliNWY2ZGQyZTgzNGM5YzllNTJjZTcwNDE3
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEArXpWDANBAIAAjAHAwUAKAPiEDANBgkqhkiG9w0BAQsFAAOC
AQEAH/PpmtcnP3epMK/LZhTW6wjmkZOtLMiaUqSeVpzYnYHr6r+Pv/fX7mri+Wth
o//CYJoxCVQmuvBN6xPudyx/ogAiz1QxGFhdHvs99RGn2CmdatPtX3b2Uf+gRYrS
NBA3CxsFXLtTHbqTbpWmJRqPGdFntTu53ZCsRWYRcDQLjxA64pY4WJoL915qxn03
Kn2defUGRxLs2rj2TaduBFw6sGIWi9D05kZf1LPAohfo7KYIMkYAGZgkPAU8iqCs
bGomujGT6+0dgHZWSqqtV7q6R9B8sRkrfmkIAMxZfSFCioOapk1EVPRZkLsqM1KW
7ltFKy07LI8RpMCetPS6P8PP1w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:13 2023 by rpki-client on console-fra.rpki-client.org