Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/99985b07f5a3197886191da9536761267c8fa38a.roa
File:                     99985b07f5a3197886191da9536761267c8fa38a.roa (raw, json)
Hash identifier:          y+h/lMNHvdPZmm3/dZv5XIJ7IgdHcG9GaLrodLPyWYc=
Subject key identifier:   8C:0D:69:19:18:CD:C5:4B:9A:E0:DC:CC:A6:0A:AA:CE:DE:F8:80:68
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       13A0E2
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/99985b07f5a3197886191da9536761267c8fa38a.roa
Signing time:             Wed 10 Nov 2021 19:36:00 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52399
IP address blocks:        190.114.102.0/24 maxlen: 24
                          200.50.191.0/24 maxlen: 24
                          200.123.32.0/23 maxlen: 23
                          200.123.32.0/24 maxlen: 24
                          200.123.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1286370 (0x13a0e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=99985b07f5a3197886191da9536761267c8fa38a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:2b:7f:a0:b2:aa:aa:da:bc:50:22:33:89:50:
                    d5:14:d4:ef:d5:ec:a9:05:8c:b3:c2:16:c5:0f:30:
                    9d:e9:ec:00:ce:4d:80:9d:c9:37:0d:7e:ab:59:22:
                    9f:fa:91:b7:f5:a9:12:df:b2:94:7c:7b:a5:38:b4:
                    e9:43:96:2c:8e:77:ac:dc:3b:1c:cd:65:a8:1f:1a:
                    ef:b2:fb:b3:3e:b5:5d:b2:6a:45:02:90:49:65:75:
                    cb:dd:78:32:85:d8:b8:23:28:64:69:d7:6e:33:76:
                    01:88:c0:3b:66:ce:b5:3d:95:e1:48:62:f6:ea:07:
                    6f:f2:83:9c:98:21:d1:9c:d7:34:b9:9b:7c:cf:9e:
                    35:fd:c6:6b:c4:01:51:0f:d9:ae:ae:57:55:d5:ef:
                    ec:f7:27:ac:25:f8:64:8a:56:37:f5:20:76:af:d9:
                    38:d5:93:c5:67:66:85:07:4c:0f:60:2d:e8:e0:0e:
                    72:53:4a:30:e8:d9:35:ae:c6:58:c0:dd:db:da:60:
                    73:3f:a1:78:54:29:3f:64:80:6e:89:c1:df:0e:96:
                    fc:86:8e:05:86:94:af:7a:0c:da:3e:41:cc:25:cd:
                    1b:45:c9:72:99:23:53:60:e4:e6:1b:77:a4:71:0d:
                    7f:ac:3a:3e:31:b5:b1:0e:7b:dc:e5:5a:b5:0e:0c:
                    aa:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:0D:69:19:18:CD:C5:4B:9A:E0:DC:CC:A6:0A:AA:CE:DE:F8:80:68
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/99985b07f5a3197886191da9536761267c8fa38a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.114.102.0/24
                  200.50.191.0/24
                  200.123.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         00:f1:6c:f7:12:28:22:e2:70:55:1b:4f:96:e2:05:01:80:f3:
         6a:38:fc:d9:9a:5a:0a:48:47:4b:c2:a3:43:bc:22:28:be:c4:
         94:ad:d7:f6:71:e5:9f:06:90:2c:ab:d9:c1:1c:ca:f2:25:6f:
         26:97:f9:64:b2:2c:ef:d5:88:e4:0f:59:bc:32:7a:64:3f:1a:
         f4:ff:5c:81:ff:8f:42:d8:a1:ea:fc:4f:3e:57:6b:7a:35:c4:
         74:75:bc:85:36:6b:d2:ba:41:b7:aa:ea:46:1c:ba:01:45:fe:
         2a:da:1c:26:44:de:1a:53:2a:78:66:d2:8b:fd:3b:2e:ec:08:
         13:cc:ed:c7:39:4f:e7:08:12:35:a7:89:c4:00:9b:d2:5f:18:
         79:c2:5d:f7:7b:64:3f:e6:4d:e1:c7:05:24:b4:ad:e3:99:53:
         bb:23:e0:68:34:51:05:3c:8a:37:77:0a:bd:7c:19:f2:db:20:
         fd:4e:1f:95:e2:8d:ea:17:89:24:66:39:e8:9d:8d:27:fc:f1:
         9b:bd:a6:92:9a:14:be:49:7b:ea:37:d9:99:5b:a0:3e:f7:ef:
         43:cf:39:db:9c:66:51:5a:32:ca:bc:9f:01:33:0d:be:fd:d8:
         3f:85:3b:7f:40:32:fc:6c:13:8c:a5:64:4c:9c:14:1b:a0:bb:
         1f:48:6a:41
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDE6DiMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg5OTk4NWIwN2Y1YTMx
OTc4ODYxOTFkYTk1MzY3NjEyNjdjOGZhMzhhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmyt/oLKqqtq8UCIziVDVFNTv1eypBYyzwhbFDzCd6ewAzk2A
nck3DX6rWSKf+pG39akS37KUfHulOLTpQ5Ysjnes3DsczWWoHxrvsvuzPrVdsmpF
ApBJZXXL3Xgyhdi4IyhkadduM3YBiMA7Zs61PZXhSGL26gdv8oOcmCHRnNc0uZt8
z541/cZrxAFRD9murldV1e/s9yesJfhkilY39SB2r9k41ZPFZ2aFB0wPYC3o4A5y
U0ow6Nk1rsZYwN3b2mBzP6F4VCk/ZIBuicHfDpb8ho4FhpSvegzaPkHMJc0bRcly
mSNTYOTmG3ekcQ1/rDo+MbWxDnvc5Vq1Dgyq6QIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFIwNaRkYzcVLmuDczKYKqs7e+IBoMB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzk5OTg1YjA3ZjVhMzE5Nzg4NjE5MWRhOTUzNjc2MTI2N2M4ZmEzOGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAL5yZgMEAMgyvwMEAch7IDANBgkqhkiG9w0BAQsFAAOCAQEA
APFs9xIoIuJwVRtPluIFAYDzajj82ZpaCkhHS8KjQ7wiKL7ElK3X9nHlnwaQLKvZ
wRzK8iVvJpf5ZLIs79WI5A9ZvDJ6ZD8a9P9cgf+PQtih6vxPPldrejXEdHW8hTZr
0rpBt6rqRhy6AUX+KtocJkTeGlMqeGbSi/07LuwIE8ztxzlP5wgSNaeJxACb0l8Y
ecJd93tkP+ZN4ccFJLSt45lTuyPgaDRRBTyKN3cKvXwZ8tsg/U4fleKN6heJJGY5
6J2NJ/zxm72mkpoUvkl76jfZmVugPvfvQ88525xmUVoyyryfATMNvv3YP4U7f0Ay
/GwTjKVkTJwUG6C7H0hqQQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:14 2023 by rpki-client on console-fra.rpki-client.org