Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/1ac02107368366e9c4f1e0f9eb134a6749e2c370.roa
File:                     1ac02107368366e9c4f1e0f9eb134a6749e2c370.roa (raw, json)
Hash identifier:          ys2uSjUVzu95mJ374GAYi3dMycVD6qkRq6BtWWJVBdg=
Subject key identifier:   F2:03:E4:8D:D3:47:18:BB:7C:D3:44:06:20:CF:46:2F:FA:50:2A:BD
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       14398B
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/1ac02107368366e9c4f1e0f9eb134a6749e2c370.roa
Signing time:             Tue 16 Nov 2021 17:49:52 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     10697
IP address blocks:        200.50.160.0/23 maxlen: 23
                          200.50.160.0/24 maxlen: 24
                          200.50.161.0/24 maxlen: 24
                          200.50.164.0/24 maxlen: 24
                          200.50.168.0/24 maxlen: 24
                          200.50.173.0/24 maxlen: 24
                          200.123.34.0/23 maxlen: 23
                          200.123.34.0/24 maxlen: 24
                          200.123.35.0/24 maxlen: 24
                          2800:820::/32 maxlen: 32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1325451 (0x14398b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=1ac02107368366e9c4f1e0f9eb134a6749e2c370
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:82:2d:3c:83:48:6d:56:77:0d:f6:89:a1:c5:
                    e1:bf:29:15:9b:e1:c0:6f:5c:3c:c4:4f:62:5c:42:
                    ae:8c:9f:79:63:96:9a:58:68:5c:2b:02:5e:89:ca:
                    a2:f2:88:1a:52:30:16:83:71:32:2e:b4:7a:63:36:
                    f2:82:d3:5b:f5:51:e6:05:4d:bd:f9:c3:05:bf:d2:
                    d5:03:14:70:ea:ae:f3:a7:72:83:c0:af:3e:96:15:
                    f5:bd:6d:77:e1:1e:e4:4b:36:d9:11:c1:9c:14:c7:
                    12:ae:4f:01:ed:b1:5b:b8:fc:ef:42:72:45:ad:f8:
                    af:bb:ab:b5:e5:23:df:1f:20:14:dc:63:92:3d:be:
                    8f:b0:0d:83:e9:66:73:32:33:00:c5:ee:ad:eb:65:
                    69:b2:31:97:c3:0f:9e:8d:9c:2f:ea:f5:92:c1:18:
                    50:f1:c6:19:04:6c:25:de:93:04:12:11:82:36:29:
                    d7:a7:94:e2:0c:7d:23:8a:19:2b:56:66:d8:8d:16:
                    d4:db:5a:39:1e:d5:56:0e:d4:18:6f:ee:b0:5f:91:
                    b5:20:eb:69:df:b9:c4:9e:d7:db:5e:e7:71:d9:c3:
                    22:e9:72:71:86:5a:01:28:7d:dd:ed:a0:80:c6:9f:
                    52:73:37:79:30:4b:48:dd:cc:13:01:01:22:35:dd:
                    ea:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:03:E4:8D:D3:47:18:BB:7C:D3:44:06:20:CF:46:2F:FA:50:2A:BD
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/1ac02107368366e9c4f1e0f9eb134a6749e2c370.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.50.160.0/23
                  200.50.164.0/24
                  200.50.168.0/24
                  200.50.173.0/24
                  200.123.34.0/23
                IPv6:
                  2800:820::/32

    Signature Algorithm: sha256WithRSAEncryption
         22:ea:28:be:f6:23:85:46:ad:e0:10:e5:77:32:86:78:d9:6b:
         96:2f:db:e9:4a:d0:4c:21:0a:7b:ae:b4:b3:48:36:55:48:99:
         4b:ea:9b:61:77:4f:fa:8e:7f:b3:d9:48:0a:7a:ee:8e:e9:0c:
         63:cc:2a:71:f9:56:e8:5c:dc:9d:f3:8f:3a:06:18:90:f2:59:
         ce:66:8a:e6:9f:1b:8b:71:24:ed:7b:9b:b6:1f:da:7f:ff:28:
         ad:25:1b:8f:ef:b7:69:70:fd:32:47:3d:a2:68:72:8c:d5:94:
         86:f7:36:81:39:e5:17:91:23:bc:c7:39:bf:9e:9d:2f:dd:cc:
         2c:13:b0:01:55:11:9c:e9:95:15:0e:24:14:d6:a1:62:aa:d2:
         c6:fe:7b:2f:df:20:07:4d:54:e5:d7:91:0f:80:3f:e0:13:69:
         30:42:9b:4b:d6:e6:78:d2:f2:4f:be:a5:e1:c0:8f:31:ca:79:
         dc:04:fc:46:c4:18:20:45:24:b5:0f:d2:6b:a8:05:8e:41:8c:
         f2:68:b0:56:09:e8:2c:28:9b:37:5b:f6:e2:9f:99:a5:23:d9:
         89:85:50:b4:e5:1d:34:b9:a7:5f:b1:0c:c4:7c:b5:2f:75:71:
         8e:c8:bb:94:30:54:9d:a5:dc:75:1f:2e:38:81:05:76:00:0f:
         06:9a:d6:71
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIDFDmLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygxYWMwMjEwNzM2ODM2
NmU5YzRmMWUwZjllYjEzNGE2NzQ5ZTJjMzcwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAt4ItPINIbVZ3DfaJocXhvykVm+HAb1w8xE9iXEKujJ95Y5aa
WGhcKwJeicqi8ogaUjAWg3EyLrR6YzbygtNb9VHmBU29+cMFv9LVAxRw6q7zp3KD
wK8+lhX1vW134R7kSzbZEcGcFMcSrk8B7bFbuPzvQnJFrfivu6u15SPfHyAU3GOS
Pb6PsA2D6WZzMjMAxe6t62VpsjGXww+ejZwv6vWSwRhQ8cYZBGwl3pMEEhGCNinX
p5TiDH0jihkrVmbYjRbU21o5HtVWDtQYb+6wX5G1IOtp37nEntfbXudx2cMi6XJx
hloBKH3d7aCAxp9Sczd5MEtI3cwTAQEiNd3qHwIDAQABo4ICgjCCAn4wHQYDVR0O
BBYEFPID5I3TRxi7fNNEBiDPRi/6UCq9MB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzFhYzAyMTA3MzY4MzY2ZTljNGYxZTBmOWViMTM0YTY3NDllMmMzNzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3
MDUwJAQCAAEwHgMEAcgyoAMEAMgypAMEAMgyqAMEAMgyrQMEAch7IjANBAIAAjAH
AwUAKAAIIDANBgkqhkiG9w0BAQsFAAOCAQEAIuoovvYjhUat4BDldzKGeNlrli/b
6UrQTCEKe660s0g2VUiZS+qbYXdP+o5/s9lICnrujukMY8wqcflW6FzcnfOPOgYY
kPJZzmaK5p8bi3Ek7Xubth/af/8orSUbj++3aXD9Mkc9omhyjNWUhvc2gTnlF5Ej
vMc5v56dL93MLBOwAVURnOmVFQ4kFNahYqrSxv57L98gB01U5deRD4A/4BNpMEKb
S9bmeNLyT76l4cCPMcp53AT8RsQYIEUktQ/Sa6gFjkGM8miwVgnoLCibN1v24p+Z
pSPZiYVQtOUdNLmnX7EMxHy1L3Vxjsi7lDBUnaXcdR8uOIEFdgAPBprWcQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:29 2023 by rpki-client on console-ams.rpki-client.org