Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/56f6acf47393dad789967a2fa0dade051af3e27e.roa
File:                     56f6acf47393dad789967a2fa0dade051af3e27e.roa (raw, json)
Hash identifier:          9qJ0ONh3eHS9THA08MYW9Heb+vceJ9mTLngXbO0G/5c=
Subject key identifier:   35:AA:33:C5:F1:2D:39:88:B8:A5:84:26:66:B5:10:D2:1A:25:4D:45
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       142004
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/56f6acf47393dad789967a2fa0dade051af3e27e.roa
Signing time:             Tue 16 Nov 2021 17:34:33 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     263699
IP address blocks:        190.114.96.0/22 maxlen: 22
                          190.114.96.0/23 maxlen: 23
                          190.114.96.0/24 maxlen: 24
                          190.114.97.0/24 maxlen: 24
                          190.114.98.0/23 maxlen: 23
                          190.114.98.0/24 maxlen: 24
                          190.114.99.0/24 maxlen: 24
                          190.114.100.0/23 maxlen: 23
                          190.114.100.0/24 maxlen: 24
                          190.114.101.0/24 maxlen: 24
                          200.123.36.0/22 maxlen: 24
                          200.123.36.0/24 maxlen: 24
                          200.123.37.0/24 maxlen: 24
                          200.123.38.0/24 maxlen: 24
                          200.123.39.0/24 maxlen: 24
                          200.123.40.0/22 maxlen: 24
                          200.123.40.0/24 maxlen: 24
                          200.123.41.0/24 maxlen: 24
                          200.123.42.0/24 maxlen: 24
                          200.123.43.0/24 maxlen: 24
                          200.123.44.0/22 maxlen: 24
                          200.123.44.0/24 maxlen: 24
                          200.123.45.0/24 maxlen: 24
                          200.123.46.0/24 maxlen: 24
                          200.123.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1318916 (0x142004)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=56f6acf47393dad789967a2fa0dade051af3e27e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c7:d8:73:11:f7:62:79:fc:6f:b0:03:99:ce:
                    55:a8:e6:ac:44:93:c0:8e:d4:94:08:ba:39:cd:42:
                    5e:d8:2d:be:79:9d:8c:6e:bb:ec:00:42:dd:3f:9e:
                    d8:3a:0f:de:d5:20:7e:26:2e:39:5b:c9:fa:6f:6e:
                    23:e2:ce:dc:ff:ac:d6:0d:a5:4a:f5:f8:c7:88:da:
                    da:80:05:8d:c3:1f:2d:1a:04:15:37:92:f2:4c:03:
                    25:09:ea:bc:57:a0:2e:a6:3e:38:b2:3f:de:c4:7f:
                    58:97:fb:09:59:90:b1:b7:b5:20:69:20:45:16:91:
                    ae:42:87:46:50:7c:08:7b:5d:b7:35:3b:f2:23:14:
                    03:8b:5c:c5:00:26:74:08:fb:8f:b0:16:06:16:81:
                    3c:ce:4b:e7:88:6f:d6:77:8b:59:9a:49:90:7c:75:
                    43:a9:bd:f4:3b:56:72:d5:4a:09:c7:e7:b3:4d:83:
                    cf:87:f5:37:6c:4f:05:9f:a2:e0:c9:5e:5e:da:34:
                    cf:62:4a:e1:89:6f:cd:a7:3f:1f:b2:36:d7:f3:49:
                    94:f3:60:f2:d4:f3:82:77:ad:b3:75:79:a7:57:61:
                    30:57:9e:b2:ba:b5:4f:e4:18:3a:be:8f:c4:8f:e7:
                    a6:0d:db:61:1b:5b:1c:2a:32:1d:20:1a:c9:f2:3d:
                    0c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:AA:33:C5:F1:2D:39:88:B8:A5:84:26:66:B5:10:D2:1A:25:4D:45
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/56f6acf47393dad789967a2fa0dade051af3e27e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.114.96.0-190.114.101.255
                  200.123.36.0-200.123.47.255

    Signature Algorithm: sha256WithRSAEncryption
         10:85:f9:a1:7b:5e:e4:7c:35:8b:b0:0d:8f:c7:de:b5:35:c0:
         f2:bf:c3:d0:5f:18:d0:63:cb:79:a5:64:8e:73:77:6b:f2:71:
         21:f6:19:31:2a:29:fd:3b:86:85:34:05:40:df:76:06:a1:e4:
         30:fd:b1:3a:42:5e:14:f6:4d:3f:2d:50:80:27:37:5e:0d:8c:
         1a:06:a0:e6:eb:2e:d3:9a:9c:89:a6:11:3d:ac:1c:b2:d4:ac:
         c7:5a:fe:7d:fa:76:eb:03:d0:bc:5d:d3:d6:67:fd:90:66:f1:
         19:60:36:00:5b:d9:33:8b:aa:78:64:42:f0:b1:37:eb:35:6d:
         6c:8f:90:ba:04:5e:a0:29:5e:1a:a5:70:7c:45:db:35:97:9e:
         c0:da:77:8c:7c:d1:0d:c2:9c:8e:46:bc:32:01:39:03:41:f1:
         04:d8:b1:e6:9f:38:dd:0e:0c:71:0a:01:cf:99:68:58:5b:56:
         bd:90:60:f9:a9:9e:0b:1c:d1:f6:09:a6:a3:b7:bb:80:3a:c5:
         97:d1:64:35:b4:80:69:2e:7e:76:b8:35:a0:4b:3f:07:34:55:
         cd:53:cd:a6:44:20:e0:c5:18:19:3e:09:21:a0:22:08:aa:3e:
         2b:41:22:b1:93:cc:c2:85:20:0e:fa:10:ec:2b:1c:00:10:44:
         07:1c:b4:b3
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIDFCAEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg1NmY2YWNmNDczOTNk
YWQ3ODk5NjdhMmZhMGRhZGUwNTFhZjNlMjdlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAicfYcxH3Ynn8b7ADmc5VqOasRJPAjtSUCLo5zUJe2C2+eZ2M
brvsAELdP57YOg/e1SB+Ji45W8n6b24j4s7c/6zWDaVK9fjHiNragAWNwx8tGgQV
N5LyTAMlCeq8V6Aupj44sj/exH9Yl/sJWZCxt7UgaSBFFpGuQodGUHwIe123NTvy
IxQDi1zFACZ0CPuPsBYGFoE8zkvniG/Wd4tZmkmQfHVDqb30O1Zy1UoJx+ezTYPP
h/U3bE8Fn6LgyV5e2jTPYkrhiW/Npz8fsjbX80mU82Dy1POCd62zdXmnV2EwV56y
urVP5Bg6vo/Ej+emDdthG1scKjIdIBrJ8j0MrwIDAQABo4ICcTCCAm0wHQYDVR0O
BBYEFDWqM8XxLTmIuKWEJma1ENIaJU1FMB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzU2ZjZhY2Y0NzM5M2RhZDc4OTk2N2EyZmEwZGFkZTA1MWFmM2UyN2Uu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQm
MCQwIgQCAAEwHDAMAwQFvnJgAwQBvnJkMAwDBALIeyQDBATIeyAwDQYJKoZIhvcN
AQELBQADggEBABCF+aF7XuR8NYuwDY/H3rU1wPK/w9BfGNBjy3mlZI5zd2vycSH2
GTEqKf07hoU0BUDfdgah5DD9sTpCXhT2TT8tUIAnN14NjBoGoObrLtOanImmET2s
HLLUrMda/n36dusD0Lxd09Zn/ZBm8RlgNgBb2TOLqnhkQvCxN+s1bWyPkLoEXqAp
XhqlcHxF2zWXnsDad4x80Q3CnI5GvDIBOQNB8QTYseafON0ODHEKAc+ZaFhbVr2Q
YPmpngsc0fYJpqO3u4A6xZfRZDW0gGkufna4NaBLPwc0Vc1TzaZEIODFGBk+CSGg
IgiqPitBIrGTzMKFIA76EOwrHAAQRAcctLM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:14 2023 by rpki-client on console-fra.rpki-client.org