Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/385520e6-1f98-496b-8d9e-15df9e0772ce/2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b.roa
File: 2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b.roa (raw, json)
Hash identifier: YtEV9mVMSx1k3ac8KYRAn3XWsIFO4ZxcgrGuIosn6/s=
Subject key identifier: 73:91:C6:C3:F7:85:8B:A6:7A:38:B1:B7:95:94:87:76:39:AA:26:A1
Certificate issuer: /CN=9e6663fb5d62a6c45845d461b066de1127b3e069
Certificate serial: 10A09B
Authority key identifier: 4E:FA:DB:FA:CC:09:64:7A:58:D7:3A:CA:34:48:93:52:53:CC:0B:52
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e6663fb5d62a6c45845d461b066de1127b3e069.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/385520e6-1f98-496b-8d9e-15df9e0772ce/2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b.roa
Signing time: Mon 27 Sep 2021 11:17:06 +0000
ROA not before: Wed 24 Mar 2021 03:00:00 +0000
ROA not after: Tue 24 Mar 2026 03:00:00 +0000
asID: 52436
IP address blocks: 132.255.112.0/22 maxlen: 22
138.97.176.0/22 maxlen: 24
168.181.208.0/22 maxlen: 24
168.196.32.0/23 maxlen: 23
168.196.35.0/24 maxlen: 24
179.42.168.0/22 maxlen: 24
190.120.244.0/22 maxlen: 22
190.122.180.0/22 maxlen: 24
207.248.124.0/22 maxlen: 24
2803:b900::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1089691 (0x10a09b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e6663fb5d62a6c45845d461b066de1127b3e069
Validity
Not Before: Mar 24 03:00:00 2021 GMT
Not After : Mar 24 03:00:00 2026 GMT
Subject: CN=2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b2:8a:f7:76:39:cb:23:49:cb:5f:f7:d1:4e:
9b:11:1c:0c:7f:8d:b7:5c:5f:31:b8:4d:f3:f4:29:
c3:31:a3:89:7e:c4:d7:07:f1:de:92:18:9b:92:17:
53:8e:36:d6:e8:8d:41:7c:3f:04:64:29:c4:ad:c8:
ae:f1:2d:1e:fe:3c:8f:e7:b5:5c:de:5e:a8:1d:fb:
1a:0c:df:18:cf:11:a1:34:20:8d:00:b7:a8:37:33:
85:f5:c7:8c:d2:53:be:9e:1d:f9:dd:0e:c6:79:85:
d0:10:7b:a6:58:ec:66:20:a8:64:40:88:97:65:cb:
5a:89:96:91:41:ca:58:e4:c5:31:45:3d:aa:a3:c3:
13:53:18:99:ff:31:2b:74:60:6d:83:59:4f:4f:b9:
e1:62:fe:15:c0:35:d8:f7:23:46:36:58:ed:16:58:
8d:2c:94:df:9b:1c:1f:d7:9c:19:29:4a:b8:70:57:
c2:1a:64:33:05:65:d0:1b:ab:98:06:d3:eb:e4:9a:
f1:be:56:da:92:08:56:aa:d1:17:08:2e:2e:a5:65:
02:71:b0:06:0e:6a:05:56:38:5e:14:dd:63:d2:91:
11:4c:ee:57:71:97:b5:a3:35:a0:40:db:8d:5e:b7:
f0:cb:27:e3:db:1b:e8:f0:4a:4d:2c:a5:c5:d0:6a:
11:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:91:C6:C3:F7:85:8B:A6:7A:38:B1:B7:95:94:87:76:39:AA:26:A1
X509v3 Authority Key Identifier:
keyid:4E:FA:DB:FA:CC:09:64:7A:58:D7:3A:CA:34:48:93:52:53:CC:0B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e6663fb5d62a6c45845d461b066de1127b3e069.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/385520e6-1f98-496b-8d9e-15df9e0772ce/2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/385520e6-1f98-496b-8d9e-15df9e0772ce/9e6663fb5d62a6c45845d461b066de1127b3e069.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.255.112.0/22
138.97.176.0/22
168.181.208.0/22
168.196.32.0/23
168.196.35.0/24
179.42.168.0/22
190.120.244.0/22
190.122.180.0/22
207.248.124.0/22
IPv6:
2803:b900::/32
Signature Algorithm: sha256WithRSAEncryption
56:30:49:37:0d:23:68:76:ed:37:92:22:0b:71:3a:8b:e8:b0:
20:d3:ea:fc:8f:d9:0b:be:f7:d6:e9:29:84:82:e4:d0:4a:ea:
83:b2:c5:34:5a:66:0f:c8:db:6e:71:11:2e:ee:9d:79:94:ce:
07:46:d8:97:b3:a9:aa:41:02:6a:e5:d3:1b:6a:cc:e9:c9:83:
4f:57:f9:91:4f:e9:ca:e9:63:f9:c7:5d:a1:b5:17:f6:39:84:
39:5f:c3:a4:31:e2:ad:c8:33:88:6e:52:29:ec:f7:b8:7b:67:
db:18:29:0b:24:0e:a9:85:11:44:66:82:d1:4c:e0:e4:73:ff:
40:ee:24:da:47:ff:87:5f:9e:ea:a5:3d:76:57:a8:47:a8:bc:
31:ac:ce:f3:8a:c0:a8:01:07:e5:7e:d0:67:3e:fc:0f:10:96:
d8:30:9c:ae:48:59:61:69:bf:23:12:fc:46:52:6d:b9:3a:b4:
36:a6:22:e4:5a:f4:4f:dc:97:e9:21:5e:60:2b:62:aa:50:8a:
d9:20:57:57:b1:44:32:a0:19:8a:3e:9e:c5:db:90:1d:c3:80:
8f:44:f3:28:32:07:04:8b:3a:05:f8:4d:02:31:c2:73:b6:6f:
4a:c1:12:d8:78:49:73:c3:ac:90:45:3d:38:30:b4:89:88:8a:
43:a8:52:2f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIDEKCbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
NjY2M2ZiNWQ2MmE2YzQ1ODQ1ZDQ2MWIwNjZkZTExMjdiM2UwNjkwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygyYmE5YTBlODk1NzVi
N2NhMGY1NGQ0Mjc0YTIzMjVmNWFjNDFmMDliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkLKK93Y5yyNJy1/30U6bERwMf423XF8xuE3z9CnDMaOJfsTX
B/HekhibkhdTjjbW6I1BfD8EZCnErciu8S0e/jyP57Vc3l6oHfsaDN8YzxGhNCCN
ALeoNzOF9ceM0lO+nh353Q7GeYXQEHumWOxmIKhkQIiXZctaiZaRQcpY5MUxRT2q
o8MTUxiZ/zErdGBtg1lPT7nhYv4VwDXY9yNGNljtFliNLJTfmxwf15wZKUq4cFfC
GmQzBWXQG6uYBtPr5JrxvlbakghWqtEXCC4upWUCcbAGDmoFVjheFN1j0pERTO5X
cZe1ozWgQNuNXrfwyyfj2xvo8EpNLKXF0GoRHwIDAQABo4ICmjCCApYwHQYDVR0O
BBYEFHORxsP3hYumejixt5WUh3Y5qiahMB8GA1UdIwQYMBaAFE762/rMCWR6WNc6
yjRIk1JTzAtSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWU2NjYz
ZmI1ZDYyYTZjNDU4NDVkNDYxYjA2NmRlMTEyN2IzZTA2OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzg1NTIwZTYtMWY5OC00OTZiLThkOWUtMTVkZjll
MDc3MmNlLzJiYTlhMGU4OTU3NWI3Y2EwZjU0ZDQyNzRhMjMyNWY1YWM0MWYwOWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODU1MjBlNi0xZjk4LTQ5NmItOGQ5ZS0xNWRm
OWUwNzcyY2UvOWU2NjYzZmI1ZDYyYTZjNDU4NDVkNDYxYjA2NmRlMTEyN2IzZTA2
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBggrBgEFBQcBBwEB/wRP
ME0wPAQCAAEwNgMEAoT/cAMEAophsAMEAqi10AMEAajEIAMEAKjEIwMEArMqqAME
Ar549AMEAr56tAMEAs/4fDANBAIAAjAHAwUAKAO5ADANBgkqhkiG9w0BAQsFAAOC
AQEAVjBJNw0jaHbtN5IiC3E6i+iwINPq/I/ZC7731ukphILk0Erqg7LFNFpmD8jb
bnERLu6deZTOB0bYl7OpqkECauXTG2rM6cmDT1f5kU/pyulj+cddobUX9jmEOV/D
pDHircgziG5SKez3uHtn2xgpCyQOqYURRGaC0Uzg5HP/QO4k2kf/h1+e6qU9dleo
R6i8MazO84rAqAEH5X7QZz78DxCW2DCcrkhZYWm/IxL8RlJtuTq0NqYi5Fr0T9yX
6SFeYCtiqlCK2SBXV7FEMqAZij6exduQHcOAj0TzKDIHBIs6BfhNAjHCc7ZvSsES
2HhJc8OskEU9ODC0iYiKQ6hSLw==
-----END CERTIFICATE-----
Generated at Fri Aug 25 13:03:13 2023 by rpki-client on console-fra.rpki-client.org