Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/c136c232da8b8f5e9afa0c917089097d1b240395.roa
File:                     c136c232da8b8f5e9afa0c917089097d1b240395.roa (raw, json)
Hash identifier:          BnHS2Kp+2UChOtToCjE3Yn9R8FRB2KtBqxq7S9Az+jU=
Subject key identifier:   B5:4E:4F:36:FC:33:48:11:07:EB:F8:AB:4C:BD:EB:09:E9:30:C7:7F
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       1E1A24
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/c136c232da8b8f5e9afa0c917089097d1b240395.roa
Signing time:             Wed 30 Nov 2022 14:25:45 +0000
ROA not before:           Sun 21 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     263834
IP address blocks:        190.110.224.0/21 maxlen: 21
                          190.110.224.0/22 maxlen: 22
                          190.110.228.0/22 maxlen: 22
                          190.110.224.0/23 maxlen: 23
                          190.110.226.0/23 maxlen: 23
                          190.110.228.0/23 maxlen: 23
                          190.110.230.0/23 maxlen: 23
                          190.110.224.0/24 maxlen: 24
                          190.110.225.0/24 maxlen: 24
                          190.110.226.0/24 maxlen: 24
                          190.110.227.0/24 maxlen: 24
                          190.110.228.0/24 maxlen: 24
                          190.110.229.0/24 maxlen: 24
                          190.110.230.0/24 maxlen: 24
                          190.110.231.0/24 maxlen: 24
                          190.110.238.0/24 maxlen: 24
                          190.110.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1972772 (0x1e1a24)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Mar 21 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=c136c232da8b8f5e9afa0c917089097d1b240395
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:f3:14:ce:c8:91:28:fe:90:14:06:f4:58:a0:
                    06:45:9c:8b:54:7e:d9:b7:57:c2:00:03:35:dd:e7:
                    cf:15:20:f2:b0:c7:9e:42:d2:aa:64:6f:13:05:26:
                    31:30:d4:ad:1d:99:bc:5e:b0:fb:33:ef:f6:8c:13:
                    2b:34:af:42:c2:73:41:1f:57:c1:70:c1:3c:58:8c:
                    2a:aa:ad:6b:54:8a:85:f4:96:32:e1:f4:c3:63:86:
                    eb:56:1d:9c:e9:a4:90:1f:82:66:cf:46:66:36:99:
                    8c:e6:fb:0d:8b:2f:54:7b:7d:d2:47:3c:fb:20:e4:
                    fb:4d:ee:9d:0c:7b:17:eb:9a:cd:67:68:39:ae:b7:
                    15:46:c9:55:47:eb:47:6c:1a:12:a9:bf:1f:54:55:
                    2a:46:b4:fc:bf:a8:53:e6:5d:98:49:b6:89:3b:3e:
                    bd:06:90:04:6c:90:fa:c8:e9:4f:d4:ce:0d:ae:83:
                    ff:4e:e4:fe:4a:8f:2c:91:2e:fd:59:42:85:cb:85:
                    93:d2:fa:66:b7:07:23:4a:5b:4a:a8:e4:e2:5e:31:
                    cd:19:4e:b2:f2:fb:54:c8:99:37:58:e7:f0:c5:fd:
                    fb:6d:96:6a:9f:0e:60:64:49:e4:5e:9b:2a:d9:72:
                    91:08:16:ff:9b:2d:5c:f5:ce:33:94:e4:2f:b9:ff:
                    d4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:4E:4F:36:FC:33:48:11:07:EB:F8:AB:4C:BD:EB:09:E9:30:C7:7F
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/c136c232da8b8f5e9afa0c917089097d1b240395.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.110.224.0/21
                  190.110.238.0/24
                  190.110.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:41:ef:e5:07:6a:f6:d7:be:35:4b:3e:92:41:7b:ec:ee:19:
         59:2d:1d:42:a1:3e:0f:f8:7e:e5:81:8d:58:c2:6a:1e:f7:5b:
         a4:5d:15:6c:54:02:84:7b:02:15:a3:a3:a6:bd:72:2f:97:e1:
         9e:eb:41:cf:fc:17:7e:6f:b8:89:b9:75:7b:2d:b4:79:40:c2:
         d0:61:6c:0b:fd:f7:e5:96:84:52:9a:d6:46:a1:8d:7a:5d:ae:
         99:b6:c3:aa:cc:ef:36:b8:b6:1f:53:41:68:94:97:fd:9b:ad:
         e7:98:c2:a0:c1:7e:ef:6f:90:cc:dc:52:6c:12:08:ef:c4:e1:
         95:67:73:b4:31:79:ed:75:99:3f:ba:ff:30:5b:95:2b:e6:ea:
         54:80:71:57:33:4e:7e:90:48:41:ac:2c:7d:d9:d6:75:a6:1c:
         70:9a:0f:8e:a3:cb:bc:ed:00:66:ed:88:b4:be:8e:b6:6e:b3:
         42:80:c8:1b:50:8a:50:5c:fc:5f:dc:92:49:cc:90:2e:8d:f8:
         6b:40:6e:a1:2a:49:1d:dd:80:d3:4f:3f:14:74:dd:99:c6:67:
         65:3a:da:f1:e3:4c:ab:22:55:9e:e1:3a:b1:27:f3:cb:d6:03:
         1d:fc:d2:f1:b6:92:9e:a7:06:5a:c9:39:a3:d1:ad:0b:4e:b4:
         9f:fe:bb:ac
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDHhokMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjEwMzIx
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhjMTM2YzIzMmRhOGI4
ZjVlOWFmYTBjOTE3MDg5MDk3ZDFiMjQwMzk1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo/MUzsiRKP6QFAb0WKAGRZyLVH7Zt1fCAAM13efPFSDysMee
QtKqZG8TBSYxMNStHZm8XrD7M+/2jBMrNK9CwnNBH1fBcME8WIwqqq1rVIqF9JYy
4fTDY4brVh2c6aSQH4Jmz0ZmNpmM5vsNiy9Ue33SRzz7IOT7Te6dDHsX65rNZ2g5
rrcVRslVR+tHbBoSqb8fVFUqRrT8v6hT5l2YSbaJOz69BpAEbJD6yOlP1M4NroP/
TuT+So8skS79WUKFy4WT0vpmtwcjSltKqOTiXjHNGU6y8vtUyJk3WOfwxf37bZZq
nw5gZEnkXpsq2XKRCBb/my1c9c4zlOQvuf/UKwIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFLVOTzb8M0gRB+v4q0y96wnpMMd/MB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlL2MxMzZjMjMyZGE4YjhmNWU5YWZhMGM5MTcwODkwOTdkMWIyNDAzOTUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEA75u4AMEAL5u7gMEAL5u/TANBgkqhkiG9w0BAQsFAAOCAQEA
DUHv5Qdq9te+NUs+kkF77O4ZWS0dQqE+D/h+5YGNWMJqHvdbpF0VbFQChHsCFaOj
pr1yL5fhnutBz/wXfm+4ibl1ey20eUDC0GFsC/335ZaEUprWRqGNel2umbbDqszv
Nri2H1NBaJSX/Zut55jCoMF+72+QzNxSbBII78ThlWdztDF57XWZP7r/MFuVK+bq
VIBxVzNOfpBIQawsfdnWdaYccJoPjqPLvO0AZu2ItL6Otm6zQoDIG1CKUFz8X9yS
ScyQLo34a0BuoSpJHd2A008/FHTdmcZnZTra8eNMqyJVnuE6sSfzy9YDHfzS8baS
nqcGWsk5o9GtC060n/67rA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:29 2023 by rpki-client on console-ams.rpki-client.org