Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4dc2c07a-8c7e-47c7-ae90-ccd71487ce10/9a485218fe5d90483e3626c54aef8db54eb9672d.roa
File: 9a485218fe5d90483e3626c54aef8db54eb9672d.roa (raw, json)
Hash identifier: LBE1uVm1XNDFylQU6xmoJkXb+5LW1eIOgttL6YohySE=
Subject key identifier: 72:15:CD:76:8C:73:B0:4E:B3:DD:5D:78:0E:E6:2E:61:2E:76:B6:D0
Certificate issuer: /CN=aae8cbe9904f103232c002483204f9f2ae04d026
Certificate serial: 11456D
Authority key identifier: 9E:21:FA:B8:72:9D:E9:86:5D:D4:D6:5F:DF:3F:B0:D3:CD:37:19:34
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aae8cbe9904f103232c002483204f9f2ae04d026.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/4dc2c07a-8c7e-47c7-ae90-ccd71487ce10/9a485218fe5d90483e3626c54aef8db54eb9672d.roa
Signing time: Fri 13 Aug 2021 15:00:34 +0000
ROA not before: Fri 13 Aug 2021 15:00:21 +0000
ROA not after: Thu 13 Aug 2026 15:00:21 +0000
asID: 28006
IP address blocks: 200.125.136.0/23 maxlen: 24
200.125.138.0/23 maxlen: 23
200.125.133.0/24 maxlen: 24
200.125.134.0/24 maxlen: 24
200.125.140.0/24 maxlen: 24
200.125.142.0/24 maxlen: 24
200.125.144.0/24 maxlen: 24
200.125.145.0/24 maxlen: 24
200.125.147.0/24 maxlen: 24
200.125.149.0/24 maxlen: 24
200.125.150.0/24 maxlen: 24
200.125.151.0/24 maxlen: 24
200.125.152.0/24 maxlen: 24
200.125.153.0/24 maxlen: 24
200.125.154.0/24 maxlen: 24
200.125.155.0/24 maxlen: 24
200.125.157.0/24 maxlen: 24
200.125.158.0/24 maxlen: 24
200.125.159.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1131885 (0x11456d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aae8cbe9904f103232c002483204f9f2ae04d026
Validity
Not Before: Aug 13 15:00:21 2021 GMT
Not After : Aug 13 15:00:21 2026 GMT
Subject: CN=9a485218fe5d90483e3626c54aef8db54eb9672d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:19:cd:84:83:2c:df:fa:a5:60:d7:91:7f:7d:
67:b2:3b:d3:3e:03:fd:60:9b:e7:ae:0d:d2:77:5b:
52:10:69:38:ba:97:ff:86:eb:27:54:af:5e:80:77:
91:d2:66:99:8f:84:43:6a:e4:04:ee:2f:33:e1:50:
c7:d2:ed:d9:e3:59:0e:8c:5b:c2:94:b0:20:05:a5:
29:6b:b2:68:7b:38:74:19:b0:d6:1f:bc:94:bd:11:
77:e4:9b:0d:67:18:e3:32:31:38:a4:a0:39:f6:ee:
66:61:da:af:a3:da:0a:96:b9:6b:12:64:cb:8d:dd:
62:f2:92:8d:a1:26:75:20:bf:dc:ea:ea:59:9a:80:
c2:de:8c:6b:06:cc:1f:50:43:31:af:d8:03:cc:42:
d2:8d:4e:d2:df:8c:02:d5:d5:f0:6a:83:2e:e4:f8:
77:c6:0c:cf:fe:8d:22:0a:f7:d9:a5:5b:04:17:5e:
88:86:5a:34:7a:87:90:9c:f1:5a:61:d8:39:2a:0b:
d6:67:53:3c:e9:19:6f:fa:a4:60:f0:31:7c:b1:00:
69:4b:de:d1:96:c8:a6:d9:c8:75:b8:1e:bf:4d:72:
81:0a:a7:5e:4c:b0:21:ee:96:bf:7d:cc:f0:69:b7:
8d:a5:ff:bd:e9:7b:f2:85:8c:51:c0:4a:3b:a7:e0:
b4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:15:CD:76:8C:73:B0:4E:B3:DD:5D:78:0E:E6:2E:61:2E:76:B6:D0
X509v3 Authority Key Identifier:
keyid:9E:21:FA:B8:72:9D:E9:86:5D:D4:D6:5F:DF:3F:B0:D3:CD:37:19:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aae8cbe9904f103232c002483204f9f2ae04d026.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4dc2c07a-8c7e-47c7-ae90-ccd71487ce10/9a485218fe5d90483e3626c54aef8db54eb9672d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/4dc2c07a-8c7e-47c7-ae90-ccd71487ce10/aae8cbe9904f103232c002483204f9f2ae04d026.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.125.133.0-200.125.134.255
200.125.136.0-200.125.140.255
200.125.142.0/24
200.125.144.0/23
200.125.147.0/24
200.125.149.0-200.125.155.255
200.125.157.0-200.125.159.255
Signature Algorithm: sha256WithRSAEncryption
7f:83:03:af:92:0f:2e:94:95:d1:b8:25:c6:18:e2:ed:76:79:
b7:25:8d:4c:91:2b:d4:b8:58:1f:65:ba:76:9f:c7:bf:ce:02:
4f:58:a8:79:f1:94:0a:6d:0e:9f:88:87:1b:8b:71:4a:ca:6b:
f7:af:5a:a1:ed:27:aa:b4:47:dc:9e:c8:c1:91:f3:97:d9:7d:
f7:13:d7:44:1d:45:1f:d6:f5:08:8b:b1:e9:05:cb:cf:b5:d0:
df:eb:37:9c:ca:15:c9:2f:c3:83:2c:df:5e:7d:72:bc:d3:c3:
90:af:fe:72:a4:37:50:34:a6:39:19:e6:a4:96:a4:9e:b5:14:
03:93:99:7b:5e:82:70:75:9e:be:2d:55:f5:93:46:42:3b:17:
80:62:ba:33:95:a1:c2:db:27:57:c2:28:3b:86:6c:46:95:04:
42:e7:a6:81:d8:e3:f8:3a:12:b3:63:56:c3:f5:3b:a7:02:c9:
30:31:bf:94:6d:ea:8c:92:d9:ba:85:f0:73:f3:61:cf:b3:02:
4a:2f:ae:78:70:d8:75:c0:3b:7e:ec:a4:73:a2:2f:9f:9f:60:
13:2d:a7:6f:0f:15:ad:29:c1:c2:6d:89:38:8a:2a:a3:c0:52:
2d:fd:0f:9e:29:12:5b:68:22:b9:cf:3b:f9:27:be:90:42:94:
f0:bd:59:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDEUVtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFh
ZThjYmU5OTA0ZjEwMzIzMmMwMDI0ODMyMDRmOWYyYWUwNGQwMjYwHhcNMjEwODEz
MTUwMDIxWhcNMjYwODEzMTUwMDIxWjAzMTEwLwYDVQQDEyg5YTQ4NTIxOGZlNWQ5
MDQ4M2UzNjI2YzU0YWVmOGRiNTRlYjk2NzJkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhhnNhIMs3/qlYNeRf31nsjvTPgP9YJvnrg3Sd1tSEGk4upf/
husnVK9egHeR0maZj4RDauQE7i8z4VDH0u3Z41kOjFvClLAgBaUpa7Joezh0GbDW
H7yUvRF35JsNZxjjMjE4pKA59u5mYdqvo9oKlrlrEmTLjd1i8pKNoSZ1IL/c6upZ
moDC3oxrBswfUEMxr9gDzELSjU7S34wC1dXwaoMu5Ph3xgzP/o0iCvfZpVsEF16I
hlo0eoeQnPFaYdg5KgvWZ1M86Rlv+qRg8DF8sQBpS97Rlsim2ch1uB6/TXKBCqde
TLAh7pa/fczwabeNpf+96XvyhYxRwEo7p+C0zwIDAQABo4ICnzCCApswHQYDVR0O
BBYEFHIVzXaMc7BOs91deA7mLmEudrbQMB8GA1UdIwQYMBaAFJ4h+rhynemGXdTW
X98/sNPNNxk0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWFlOGNi
ZTk5MDRmMTAzMjMyYzAwMjQ4MzIwNGY5ZjJhZTA0ZDAyNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGRjMmMwN2EtOGM3ZS00N2M3LWFlOTAtY2NkNzE0
ODdjZTEwLzlhNDg1MjE4ZmU1ZDkwNDgzZTM2MjZjNTRhZWY4ZGI1NGViOTY3MmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZGMyYzA3YS04YzdlLTQ3YzctYWU5MC1jY2Q3
MTQ4N2NlMTAvYWFlOGNiZTk5MDRmMTAzMjMyYzAwMjQ4MzIwNGY5ZjJhZTA0ZDAy
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBjBggrBgEFBQcBBwEB/wRU
MFIwUAQCAAEwSjAMAwQAyH2FAwQAyH2GMAwDBAPIfYgDBADIfYwDBADIfY4DBAHI
fZADBADIfZMwDAMEAMh9lQMEAsh9mDAMAwQAyH2dAwQFyH2AMA0GCSqGSIb3DQEB
CwUAA4IBAQB/gwOvkg8ulJXRuCXGGOLtdnm3JY1MkSvUuFgfZbp2n8e/zgJPWKh5
8ZQKbQ6fiIcbi3FKymv3r1qh7SeqtEfcnsjBkfOX2X33E9dEHUUf1vUIi7HpBcvP
tdDf6zecyhXJL8ODLN9efXK808OQr/5ypDdQNKY5GeaklqSetRQDk5l7XoJwdZ6+
LVX1k0ZCOxeAYrozlaHC2ydXwig7hmxGlQRC56aB2OP4OhKzY1bD9TunAskwMb+U
beqMktm6hfBz82HPswJKL654cNh1wDt+7KRzoi+fn2ATLadvDxWtKcHCbYk4iiqj
wFIt/Q+eKRJbaCK5zzv5J76QQpTwvVnd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:33 2023 by rpki-client on console-ams.rpki-client.org