Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/bfe06e68b136cfda51b209f51c396cc6f61f3414.roa
File: bfe06e68b136cfda51b209f51c396cc6f61f3414.roa (raw, json)
Hash identifier: e4fQr/MglyS27rc2dxg2fpf68XXRJCQjF7h41NyUkDE=
Subject key identifier: B9:33:EC:03:9B:32:8C:3D:DC:35:B9:81:A5:ED:2B:CA:F7:4C:DB:3F
Certificate issuer: /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial: 1C6900
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/bfe06e68b136cfda51b209f51c396cc6f61f3414.roa
Signing time: Tue 04 Oct 2022 18:57:18 +0000
ROA not before: Wed 24 Mar 2021 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 263834
IP address blocks: 190.110.224.0/21 maxlen: 21
190.110.224.0/22 maxlen: 22
190.110.228.0/22 maxlen: 22
190.110.224.0/23 maxlen: 23
190.110.226.0/23 maxlen: 23
190.110.228.0/23 maxlen: 23
190.110.230.0/23 maxlen: 23
190.110.224.0/24 maxlen: 24
190.110.225.0/24 maxlen: 24
190.110.226.0/24 maxlen: 24
190.110.227.0/24 maxlen: 24
190.110.228.0/24 maxlen: 24
190.110.229.0/24 maxlen: 24
190.110.230.0/24 maxlen: 24
190.110.231.0/24 maxlen: 24
190.110.238.0/24 maxlen: 24
190.110.253.0/24 maxlen: 24
190.110.254.0/23 maxlen: 23
190.110.254.0/24 maxlen: 24
190.110.255.0/24 maxlen: 24
200.123.48.0/24 maxlen: 24
200.123.56.0/23 maxlen: 23
200.123.56.0/24 maxlen: 24
200.123.57.0/24 maxlen: 24
200.123.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1861888 (0x1c6900)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Validity
Not Before: Mar 24 03:00:00 2021 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=bfe06e68b136cfda51b209f51c396cc6f61f3414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9f:ec:f3:76:38:ad:64:9d:72:eb:fc:0c:68:
75:4b:ea:7a:8f:02:e5:f1:49:7c:48:74:7a:39:c3:
94:03:17:e6:99:ad:8c:af:c8:4b:2f:f4:14:c3:09:
70:73:6e:b1:48:0e:df:4c:3d:e3:56:1c:9d:cd:be:
0d:4a:3c:49:e0:1e:b9:53:79:ca:7a:ae:e8:af:34:
90:a9:ad:89:3c:2d:8f:88:6a:e4:c2:d9:3c:b8:b3:
e5:70:f8:66:ab:7d:bd:52:99:14:9d:d8:35:0a:78:
95:0e:84:52:48:75:fb:30:06:37:00:33:ad:19:51:
01:72:7c:44:36:d2:82:63:d5:1e:41:25:b6:05:3c:
5a:90:33:81:e2:29:eb:4c:41:6b:87:e1:4a:d9:f1:
06:38:8c:9b:4b:2a:e5:75:fb:c6:8d:16:cd:ba:6f:
89:8c:83:10:0b:d1:cb:95:53:43:78:57:f0:47:bf:
be:08:fe:0f:82:c6:c8:29:ec:32:86:48:47:26:e2:
dd:a7:43:b6:eb:ce:7c:16:3b:ca:e8:c6:53:3e:4e:
4e:05:19:e5:03:56:2e:fb:ac:79:b2:94:1a:d7:d2:
58:b2:c2:7e:9e:a7:e9:5a:5f:95:7d:b1:3b:19:ee:
81:75:93:fb:07:e8:17:34:7b:e1:6d:45:fb:01:a4:
6c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:33:EC:03:9B:32:8C:3D:DC:35:B9:81:A5:ED:2B:CA:F7:4C:DB:3F
X509v3 Authority Key Identifier:
keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/bfe06e68b136cfda51b209f51c396cc6f61f3414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.110.224.0/21
190.110.238.0/24
190.110.253.0-190.110.255.255
200.123.48.0/24
200.123.56.0-200.123.58.255
Signature Algorithm: sha256WithRSAEncryption
36:34:d2:97:26:f0:b9:03:16:25:ca:e6:48:a5:d1:ca:85:45:
46:14:a9:ec:cc:94:8f:5c:32:1a:77:51:c3:20:c7:8b:3f:9a:
88:1b:5f:a5:09:20:ca:b2:15:80:31:ef:9c:99:d3:9d:dc:0b:
80:1a:63:f7:d6:a7:91:b9:80:a4:6c:39:21:e7:8d:52:14:6f:
0b:f4:28:d3:c4:c0:28:1f:a3:a8:63:2e:70:73:d4:7e:16:6e:
53:41:b6:a3:41:34:75:24:24:41:04:3b:58:e8:f2:c9:1c:52:
5f:a6:07:d2:4b:04:69:9f:d4:5c:53:ed:54:c5:9b:2d:8c:07:
5d:60:73:3a:13:2e:d2:0b:d8:d2:30:11:85:f1:c2:13:97:2c:
d6:9b:25:e5:e7:aa:69:f8:38:d5:50:0c:a7:6f:65:ec:13:6e:
9d:13:5a:00:a3:ae:60:47:22:aa:33:e9:3e:c9:6a:f6:fd:00:
3e:54:08:23:e0:15:ed:85:cb:3c:32:24:81:05:ac:f5:0c:e3:
76:1e:61:8b:7a:26:85:cb:66:35:25:1b:ac:d9:eb:86:d8:03:
5e:31:eb:39:dc:3a:3c:52:2e:55:68:c7:78:8d:2c:8b:3f:02:
cb:ba:76:1a:13:3f:86:de:d2:51:9c:43:2e:e0:88:17:b2:ac:
de:49:e7:1e
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIDHGkAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhiZmUwNmU2OGIxMzZj
ZmRhNTFiMjA5ZjUxYzM5NmNjNmY2MWYzNDE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtp/s83Y4rWSdcuv8DGh1S+p6jwLl8Ul8SHR6OcOUAxfmma2M
r8hLL/QUwwlwc26xSA7fTD3jVhydzb4NSjxJ4B65U3nKeq7orzSQqa2JPC2PiGrk
wtk8uLPlcPhmq329UpkUndg1CniVDoRSSHX7MAY3ADOtGVEBcnxENtKCY9UeQSW2
BTxakDOB4inrTEFrh+FK2fEGOIybSyrldfvGjRbNum+JjIMQC9HLlVNDeFfwR7++
CP4PgsbIKewyhkhHJuLdp0O26858FjvK6MZTPk5OBRnlA1Yu+6x5spQa19JYssJ+
nqfpWl+VfbE7Ge6BdZP7B+gXNHvhbUX7AaRsnQIDAQABo4ICgjCCAn4wHQYDVR0O
BBYEFLkz7AObMow93DW5gaXtK8r3TNs/MB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlL2JmZTA2ZTY4YjEzNmNmZGE1MWIyMDlmNTFjMzk2Y2M2ZjYxZjM0MTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3
MDUwMwQCAAEwLQMEA75u4AMEAL5u7jALAwQAvm79AwMAvm4DBADIezAwDAMEA8h7
OAMEAMh7OjANBgkqhkiG9w0BAQsFAAOCAQEANjTSlybwuQMWJcrmSKXRyoVFRhSp
7MyUj1wyGndRwyDHiz+aiBtfpQkgyrIVgDHvnJnTndwLgBpj99ankbmApGw5IeeN
UhRvC/Qo08TAKB+jqGMucHPUfhZuU0G2o0E0dSQkQQQ7WOjyyRxSX6YH0ksEaZ/U
XFPtVMWbLYwHXWBzOhMu0gvY0jARhfHCE5cs1psl5eeqafg41VAMp29l7BNunRNa
AKOuYEciqjPpPslq9v0APlQII+AV7YXLPDIkgQWs9Qzjdh5hi3omhctmNSUbrNnr
htgDXjHrOdw6PFIuVWjHeI0siz8Cy7p2GhM/ht7SUZxDLuCIF7Ks3knnHg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:29 2023 by rpki-client on console-ams.rpki-client.org