Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/04ed5fcfa3fa9564b8a6b5c44ff90641f5d479e8.roa
File:                     04ed5fcfa3fa9564b8a6b5c44ff90641f5d479e8.roa (raw, json)
Hash identifier:          tReXC0tVqqpXTX9td8i1PlDgFDKiBW0uBfGwHtC8fuw=
Subject key identifier:   1E:64:70:3B:1B:B7:A8:17:61:2D:15:4A:91:6C:2E:0E:C2:8E:EB:87
Certificate issuer:       /CN=29bfc63c4d2e222df3a099e222567deb9e88bb27
Certificate serial:       0E1555
Authority key identifier: A6:C1:FF:61:8D:96:22:B7:89:0F:A0:98:36:A6:5C:D2:3C:EF:C4:62
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/29bfc63c4d2e222df3a099e222567deb9e88bb27.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/04ed5fcfa3fa9564b8a6b5c44ff90641f5d479e8.roa
Signing time:             Wed 24 Mar 2021 14:31:36 +0000
ROA not before:           Wed 24 Mar 2021 14:31:34 +0000
ROA not after:            Tue 24 Mar 2026 14:31:34 +0000
asID:                     16814
IP address blocks:        186.189.224.0/20 maxlen: 24
                          186.189.248.0/22 maxlen: 24
                          190.2.0.0/19 maxlen: 24
                          190.2.32.0/19 maxlen: 24
                          190.210.0.0/18 maxlen: 24
                          190.210.64.0/18 maxlen: 24
                          190.210.128.0/18 maxlen: 24
                          190.210.192.0/18 maxlen: 24
                          200.61.160.0/19 maxlen: 24
                          200.68.64.0/20 maxlen: 24
                          200.68.80.0/20 maxlen: 24
                          200.68.96.0/20 maxlen: 24
                          200.68.112.0/20 maxlen: 24
                          200.69.192.0/18 maxlen: 24
                          200.123.128.0/20 maxlen: 24
                          200.123.144.0/20 maxlen: 24
                          200.123.160.0/20 maxlen: 24
                          200.123.176.0/20 maxlen: 24
                          201.216.192.0/19 maxlen: 24
                          201.216.224.0/19 maxlen: 24
                          2800:40::/32 maxlen: 32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 922965 (0xe1555)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29bfc63c4d2e222df3a099e222567deb9e88bb27
        Validity
            Not Before: Mar 24 14:31:34 2021 GMT
            Not After : Mar 24 14:31:34 2026 GMT
        Subject: CN=04ed5fcfa3fa9564b8a6b5c44ff90641f5d479e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fa:86:c7:14:33:79:1d:92:c7:61:40:a2:9a:
                    bb:4c:ad:5b:03:50:ed:f5:ab:4f:f9:0c:24:2e:2a:
                    5e:32:fc:ca:db:7a:ec:85:78:77:fb:4e:34:2e:2d:
                    4d:02:14:b5:63:e7:f5:29:e8:46:bd:73:68:31:0f:
                    5c:30:a5:53:f5:71:64:0e:73:fb:e7:43:5d:40:90:
                    25:a0:5a:e1:f4:06:a9:a5:e5:1e:77:9a:92:85:25:
                    dc:43:32:da:b6:a0:14:83:37:73:7d:6d:2e:33:bf:
                    06:64:bb:bb:19:b8:00:40:0b:fa:57:3a:58:aa:92:
                    bb:1f:25:7f:f4:13:ae:8d:97:85:b5:5d:f9:c8:4d:
                    9a:73:36:b4:11:ac:3e:9c:d2:2d:d6:28:c4:bd:8e:
                    38:92:3a:6b:8f:08:8f:41:d2:1b:84:b0:32:24:26:
                    2e:7f:6b:36:ff:34:6d:2a:21:7a:d6:2d:3e:77:52:
                    56:99:02:5f:df:d6:e3:9f:65:2f:57:0c:33:89:5f:
                    db:85:50:3b:6f:57:8a:15:fb:e1:dc:fb:f3:a2:33:
                    f7:f3:72:60:ca:f6:cc:47:49:ad:f1:53:3e:03:43:
                    42:5a:f3:6e:76:57:e4:a0:30:7f:82:ac:a4:0b:ae:
                    21:a9:a3:98:bc:d7:2f:c0:8e:3b:10:b7:1e:f9:50:
                    38:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:64:70:3B:1B:B7:A8:17:61:2D:15:4A:91:6C:2E:0E:C2:8E:EB:87
            X509v3 Authority Key Identifier:
                keyid:A6:C1:FF:61:8D:96:22:B7:89:0F:A0:98:36:A6:5C:D2:3C:EF:C4:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/29bfc63c4d2e222df3a099e222567deb9e88bb27.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/04ed5fcfa3fa9564b8a6b5c44ff90641f5d479e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/29bfc63c4d2e222df3a099e222567deb9e88bb27.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.189.224.0/20
                  186.189.248.0/22
                  190.2.0.0/18
                  190.210.0.0/16
                  200.61.160.0/19
                  200.68.64.0/18
                  200.69.192.0/18
                  200.123.128.0/18
                  201.216.192.0/18
                IPv6:
                  2800:40::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:04:8d:1c:b3:60:11:1b:2c:c9:07:61:e1:ae:49:b0:72:29:
         24:40:5e:49:12:7d:59:d9:3f:77:d1:66:7c:3e:51:00:ad:cf:
         24:61:8b:64:ef:7e:0f:28:d3:7e:12:68:ef:ea:64:c1:77:eb:
         d7:58:e9:f7:33:01:5d:9e:40:fb:63:71:4a:b3:3a:34:d1:29:
         81:25:8c:0c:39:52:a0:4f:8d:b1:25:a2:0a:69:ce:36:d8:9e:
         d4:11:f8:7a:18:b3:10:19:d7:fe:e0:59:ba:83:37:16:f9:27:
         5d:c0:ad:28:dd:37:be:ee:f8:37:bd:4e:81:3c:fd:a9:01:c7:
         81:64:83:41:b9:b2:38:98:27:59:aa:88:f5:f8:d4:93:82:89:
         66:1c:f0:47:e9:a7:28:33:48:d0:fd:15:a8:2f:f7:59:84:b7:
         a6:d4:0e:78:ed:2c:b4:f4:00:50:4a:28:8f:f8:7d:f7:10:e2:
         1b:78:47:90:87:72:bd:a5:8d:4e:1b:c6:49:ec:fe:60:de:00:
         8c:4c:86:70:97:60:19:7e:7a:70:9b:d6:cc:09:53:65:fb:36:
         2b:8f:02:5c:68:fe:1b:b9:5a:05:b7:c5:ee:b1:29:be:79:98:
         8e:19:c5:15:dd:7e:f4:09:50:33:29:c5:0b:b8:4d:14:f2:24:
         3a:6b:61:2c
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIDDhVVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
YmZjNjNjNGQyZTIyMmRmM2EwOTllMjIyNTY3ZGViOWU4OGJiMjcwHhcNMjEwMzI0
MTQzMTM0WhcNMjYwMzI0MTQzMTM0WjAzMTEwLwYDVQQDEygwNGVkNWZjZmEzZmE5
NTY0YjhhNmI1YzQ0ZmY5MDY0MWY1ZDQ3OWU4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApvqGxxQzeR2Sx2FAopq7TK1bA1Dt9atP+QwkLipeMvzK23rs
hXh3+040Li1NAhS1Y+f1KehGvXNoMQ9cMKVT9XFkDnP750NdQJAloFrh9AappeUe
d5qShSXcQzLatqAUgzdzfW0uM78GZLu7GbgAQAv6VzpYqpK7HyV/9BOujZeFtV35
yE2acza0Eaw+nNIt1ijEvY44kjprjwiPQdIbhLAyJCYuf2s2/zRtKiF61i0+d1JW
mQJf39bjn2UvVwwziV/bhVA7b1eKFfvh3PvzojP383JgyvbMR0mt8VM+A0NCWvNu
dlfkoDB/gqykC64hqaOYvNcvwI47ELce+VA4rwIDAQABo4ICmTCCApUwHQYDVR0O
BBYEFB5kcDsbt6gXYS0VSpFsLg7CjuuHMB8GA1UdIwQYMBaAFKbB/2GNliK3iQ+g
mDamXNI878RiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjliZmM2
M2M0ZDJlMjIyZGYzYTA5OWUyMjI1NjdkZWI5ZTg4YmIyNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjI2ZjRmMjgtODgwYy00YmI1LTk0NDItOWVlZjkz
MjVkN2ViLzA0ZWQ1ZmNmYTNmYTk1NjRiOGE2YjVjNDRmZjkwNjQxZjVkNDc5ZTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MjZmNGYyOC04ODBjLTRiYjUtOTQ0Mi05ZWVm
OTMyNWQ3ZWIvMjliZmM2M2M0ZDJlMjIyZGYzYTA5OWUyMjI1NjdkZWI5ZTg4YmIy
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBggrBgEFBQcBBwEB/wRO
MEwwOwQCAAEwNQMEBLq94AMEArq9+AMEBr4CAAMDAL7SAwQFyD2gAwQGyERAAwQG
yEXAAwQGyHuAAwQGydjAMA0EAgACMAcDBQAoAABAMA0GCSqGSIb3DQEBCwUAA4IB
AQBOBI0cs2ARGyzJB2HhrkmwcikkQF5JEn1Z2T930WZ8PlEArc8kYYtk734PKNN+
Emjv6mTBd+vXWOn3MwFdnkD7Y3FKszo00SmBJYwMOVKgT42xJaIKac422J7UEfh6
GLMQGdf+4Fm6gzcW+SddwK0o3Te+7vg3vU6BPP2pAceBZINBubI4mCdZqoj1+NST
golmHPBH6acoM0jQ/RWoL/dZhLem1A547Sy09ABQSiiP+H33EOIbeEeQh3K9pY1O
G8ZJ7P5g3gCMTIZwl2AZfnpwm9bMCVNl+zYrjwJcaP4buVoFt8XusSm+eZiOGcUV
3X70CVAzKcULuE0U8iQ6a2Es
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:22 2023 by rpki-client on console-fra.rpki-client.org