Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/5a52633e82dfdfdef6c766f710eb98a8c62072ee.roa
File:                     5a52633e82dfdfdef6c766f710eb98a8c62072ee.roa (raw, json)
Hash identifier:          Q0Luj2F4tIdiTeMd9bjF/U4zsOSufSBt2U8xlcHywPM=
Subject key identifier:   F1:BD:F7:AE:71:BE:CC:F5:A9:97:9A:B8:95:8B:36:60:26:E0:BB:EF
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       1A6138
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/5a52633e82dfdfdef6c766f710eb98a8c62072ee.roa
Signing time:             Wed 20 Jul 2022 18:37:21 +0000
ROA not before:           Thu 07 Apr 2022 03:00:00 +0000
ROA not after:            Mon 07 Apr 2031 03:00:00 +0000
asID:                     272114
IP address blocks:        200.123.32.0/23 maxlen: 23
                          200.123.32.0/24 maxlen: 24
                          200.123.33.0/24 maxlen: 24
                          190.114.103.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1728824 (0x1a6138)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Apr  7 03:00:00 2022 GMT
            Not After : Apr  7 03:00:00 2031 GMT
        Subject: CN=5a52633e82dfdfdef6c766f710eb98a8c62072ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2f:39:90:09:72:55:ec:65:5d:44:45:09:28:
                    de:84:2c:83:cc:27:e4:17:d4:22:20:47:d6:75:12:
                    dc:a4:19:4f:b8:e5:05:7c:c8:7c:c4:50:71:9a:2a:
                    ff:3f:26:0f:9e:2d:e1:f5:07:ba:b6:cf:77:3f:4e:
                    0d:b9:ea:8f:48:23:6b:b4:d8:4b:4b:53:62:e9:ee:
                    da:a9:e9:14:bf:7d:7b:7d:a1:e6:c5:b5:57:34:d4:
                    4c:ff:2c:e1:1b:61:fa:67:a2:60:6d:de:a7:8c:2c:
                    d9:8f:97:7a:fc:db:76:2e:e0:61:22:0a:ca:40:a6:
                    ff:5a:d7:c4:c8:e8:2c:02:04:6e:b3:5e:ed:a1:ac:
                    b0:38:6d:67:b8:93:af:84:8d:05:0a:5b:55:75:a7:
                    c9:b2:21:29:85:37:1f:c8:c6:df:02:db:c6:3d:85:
                    c2:c1:fd:4c:16:ea:9a:52:f0:59:ce:e8:71:f1:08:
                    6f:58:97:a6:ca:39:27:35:c3:3b:ff:c4:3e:da:e0:
                    dd:33:19:04:97:36:eb:00:53:ab:83:5e:d1:49:f1:
                    02:20:36:e5:b9:82:3f:ce:6f:a3:44:d4:33:be:f2:
                    a6:6d:6f:7b:f2:9d:f4:91:cd:ff:05:ae:6b:26:5f:
                    45:b0:b3:8d:a7:26:ad:57:2e:22:90:0d:1e:5e:68:
                    6b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:BD:F7:AE:71:BE:CC:F5:A9:97:9A:B8:95:8B:36:60:26:E0:BB:EF
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/5a52633e82dfdfdef6c766f710eb98a8c62072ee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.114.103.0/24
                  200.123.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:4c:5e:d1:44:53:e8:c1:ee:63:49:00:ff:8f:04:14:f9:ed:
         33:30:5c:8f:41:d5:db:05:67:69:e7:ba:a6:bd:dc:0b:d7:1f:
         80:53:e1:cd:91:26:8b:9f:70:bc:73:2e:ba:86:9d:9f:13:ea:
         90:f8:fd:bf:33:83:65:64:3d:38:19:a9:94:c0:db:e0:4f:fe:
         94:80:4e:44:fd:9c:c5:12:81:b0:c7:52:4b:d2:5a:f9:8a:2b:
         f8:ab:a1:32:9c:ba:7c:b6:cc:b3:d4:bf:7d:e9:70:29:4d:6c:
         ae:90:11:e1:71:2a:41:6b:54:28:ca:de:6b:f9:55:57:c0:9a:
         63:e7:ec:8d:1e:92:69:5b:2c:62:f3:73:9f:db:78:00:01:11:
         68:99:b1:32:0c:71:cf:21:07:7c:d9:2d:80:f0:2c:a9:8a:39:
         34:0a:d5:5d:95:c4:a2:c9:3a:48:b1:f3:ef:71:16:b6:cf:59:
         47:7b:0b:65:57:f2:41:e6:89:6f:93:9c:27:10:38:29:d7:8b:
         ad:52:9a:78:c8:90:2e:f5:16:46:2f:6e:47:62:a6:f3:af:89:
         53:08:e3:0b:a0:77:3e:2b:b8:96:56:ed:2d:8c:7d:fc:d0:3c:
         f7:e3:1e:bb:83:93:d8:65:95:00:04:d8:b4:71:f6:60:d2:0a:
         1c:18:09:2d
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDGmE4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjIwNDA3
MDMwMDAwWhcNMzEwNDA3MDMwMDAwWjAzMTEwLwYDVQQDEyg1YTUyNjMzZTgyZGZk
ZmRlZjZjNzY2ZjcxMGViOThhOGM2MjA3MmVlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvC85kAlyVexlXURFCSjehCyDzCfkF9QiIEfWdRLcpBlPuOUF
fMh8xFBxmir/PyYPni3h9Qe6ts93P04NueqPSCNrtNhLS1Ni6e7aqekUv317faHm
xbVXNNRM/yzhG2H6Z6Jgbd6njCzZj5d6/Nt2LuBhIgrKQKb/WtfEyOgsAgRus17t
oaywOG1nuJOvhI0FCltVdafJsiEphTcfyMbfAtvGPYXCwf1MFuqaUvBZzuhx8Qhv
WJemyjknNcM7/8Q+2uDdMxkElzbrAFOrg17RSfECIDbluYI/zm+jRNQzvvKmbW97
8p30kc3/Ba5rJl9FsLONpyatVy4ikA0eXmhrGQIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFPG9965xvsz1qZeauJWLNmAm4LvvMB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzVhNTI2MzNlODJkZmRmZGVmNmM3NjZmNzEwZWI5OGE4YzYyMDcyZWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAL5yZwMEAch7IDANBgkqhkiG9w0BAQsFAAOCAQEAIExe0URT
6MHuY0kA/48EFPntMzBcj0HV2wVnaee6pr3cC9cfgFPhzZEmi59wvHMuuoadnxPq
kPj9vzODZWQ9OBmplMDb4E/+lIBORP2cxRKBsMdSS9Ja+Yor+KuhMpy6fLbMs9S/
felwKU1srpAR4XEqQWtUKMrea/lVV8CaY+fsjR6SaVssYvNzn9t4AAERaJmxMgxx
zyEHfNktgPAsqYo5NArVXZXEosk6SLHz73EWts9ZR3sLZVfyQeaJb5OcJxA4KdeL
rVKaeMiQLvUWRi9uR2Km86+JUwjjC6B3Piu4llbtLYx9/NA89+Meu4OT2GWVAATY
tHH2YNIKHBgJLQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:14 2023 by rpki-client on console-fra.rpki-client.org