Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/ddfdb36fa140c5344fcfa2c7f10c5e4e44d4cadb.roa
File:                     ddfdb36fa140c5344fcfa2c7f10c5e4e44d4cadb.roa (raw, json)
Hash identifier:          st7U63QWgawVGnP1RHL82eh3AuNo3o+/JzyJDxpG+RE=
Subject key identifier:   D4:18:F0:2D:0C:67:45:5D:D5:E0:58:FF:1F:57:B9:21:FA:F5:1C:0F
Certificate issuer:       /CN=29bfc63c4d2e222df3a099e222567deb9e88bb27
Certificate serial:       0E22C8
Authority key identifier: A6:C1:FF:61:8D:96:22:B7:89:0F:A0:98:36:A6:5C:D2:3C:EF:C4:62
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/29bfc63c4d2e222df3a099e222567deb9e88bb27.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/ddfdb36fa140c5344fcfa2c7f10c5e4e44d4cadb.roa
Signing time:             Wed 24 Mar 2021 14:31:36 +0000
ROA not before:           Wed 24 Mar 2021 14:31:34 +0000
ROA not after:            Tue 24 Mar 2026 14:31:34 +0000
asID:                     16814
IP address blocks:        186.189.224.0/20 maxlen: 24
                          186.189.248.0/22 maxlen: 24
                          190.2.0.0/19 maxlen: 24
                          190.2.32.0/19 maxlen: 24
                          190.210.0.0/18 maxlen: 24
                          190.210.64.0/18 maxlen: 24
                          190.210.128.0/18 maxlen: 24
                          190.210.192.0/18 maxlen: 24
                          200.61.160.0/19 maxlen: 24
                          200.68.64.0/20 maxlen: 24
                          200.68.80.0/20 maxlen: 24
                          200.68.96.0/20 maxlen: 24
                          200.68.112.0/20 maxlen: 24
                          200.69.192.0/18 maxlen: 24
                          200.123.128.0/20 maxlen: 24
                          200.123.144.0/20 maxlen: 24
                          200.123.160.0/20 maxlen: 24
                          200.123.176.0/20 maxlen: 24
                          201.216.192.0/19 maxlen: 24
                          201.216.224.0/19 maxlen: 24
                          2800:40::/32 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 926408 (0xe22c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29bfc63c4d2e222df3a099e222567deb9e88bb27
        Validity
            Not Before: Mar 24 14:31:34 2021 GMT
            Not After : Mar 24 14:31:34 2026 GMT
        Subject: CN=ddfdb36fa140c5344fcfa2c7f10c5e4e44d4cadb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:67:27:2f:65:33:0e:93:62:c6:6c:b2:0f:00:
                    3b:bc:23:5b:ff:9d:88:be:cf:81:fc:75:4b:f7:a7:
                    5b:c8:7d:16:ff:05:32:cd:d9:97:d5:0d:e8:27:60:
                    fc:6a:96:ac:2d:48:a1:60:dc:30:4e:bc:cc:9f:f8:
                    1a:aa:3d:4f:44:58:b2:4c:87:a9:d1:5e:50:00:59:
                    de:79:d4:23:9c:0f:fe:14:ae:6a:00:2f:87:e1:08:
                    6a:19:cb:a1:00:aa:72:34:b6:75:33:df:18:08:29:
                    f4:07:5e:20:86:99:3a:10:91:6a:6f:d3:ab:75:c1:
                    79:30:69:37:80:9c:5d:09:75:0c:ad:72:47:30:ff:
                    e1:47:4d:e3:40:61:b4:3e:e0:73:6a:68:40:07:b5:
                    6d:35:d1:bd:55:6c:69:c3:01:b0:2f:8c:32:0d:b6:
                    68:c0:4d:39:a8:2c:b2:c2:6b:56:0f:18:42:8f:2c:
                    29:e9:c1:aa:4b:6a:09:84:a3:5e:8e:19:cb:52:8b:
                    cd:99:9b:43:c5:7a:8c:e4:b2:48:c0:1e:ef:fe:63:
                    bf:8c:c7:b6:bc:ee:fc:f7:e3:82:76:f8:67:e8:64:
                    c0:ef:35:5b:9a:2b:8f:e3:d0:6f:1a:04:f7:fa:b8:
                    78:1f:71:75:00:b1:8e:4a:6a:6e:62:21:9f:9c:17:
                    9c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:18:F0:2D:0C:67:45:5D:D5:E0:58:FF:1F:57:B9:21:FA:F5:1C:0F
            X509v3 Authority Key Identifier:
                keyid:A6:C1:FF:61:8D:96:22:B7:89:0F:A0:98:36:A6:5C:D2:3C:EF:C4:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/29bfc63c4d2e222df3a099e222567deb9e88bb27.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/ddfdb36fa140c5344fcfa2c7f10c5e4e44d4cadb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/29bfc63c4d2e222df3a099e222567deb9e88bb27.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.189.224.0/20
                  186.189.248.0/22
                  190.2.0.0/18
                  190.210.0.0/16
                  200.61.160.0/19
                  200.68.64.0/18
                  200.69.192.0/18
                  200.123.128.0/18
                  201.216.192.0/18
                IPv6:
                  2800:40::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:23:9f:c1:9b:10:bd:a8:de:b1:19:42:72:fa:be:dd:77:4a:
         25:af:c4:c2:5a:e2:8a:ec:e0:00:70:ce:50:4f:77:b6:f0:b5:
         6f:57:82:58:59:63:8c:48:be:4f:d9:62:ca:e8:bb:6e:48:8f:
         c9:6a:a8:fa:75:f5:83:4d:ef:26:be:f8:7c:7e:64:ac:1c:8f:
         e3:01:33:ec:6d:46:ad:e2:d2:2e:c0:e2:2a:8b:00:0f:e3:c1:
         9e:ad:11:45:83:38:18:a3:ed:45:fd:70:d6:c4:22:1c:bf:0b:
         c5:db:22:f5:2d:bb:72:3a:24:fc:9d:74:09:60:d4:88:a7:c3:
         78:81:eb:5a:b4:23:d2:0c:91:83:f3:55:7c:8d:80:2e:73:ae:
         8d:f9:b1:82:58:a6:cb:54:52:4f:86:d1:57:8b:6e:63:1f:ec:
         d2:32:8e:05:05:21:d8:79:5f:f5:08:68:d9:81:9f:dc:7c:38:
         2b:94:ec:8c:00:d0:49:ae:20:92:5a:d2:8b:f1:80:7d:82:34:
         c7:f5:09:c8:48:37:50:ea:8e:d0:2d:af:73:ff:d3:f8:5a:d8:
         96:05:62:90:fc:d5:b1:b2:fe:7c:76:30:4f:60:1c:94:cb:b2:
         21:9e:ae:ce:64:88:ff:f3:ee:b8:32:39:ee:08:92:cc:ea:60:
         1f:37:96:f3
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIDDiLIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
YmZjNjNjNGQyZTIyMmRmM2EwOTllMjIyNTY3ZGViOWU4OGJiMjcwHhcNMjEwMzI0
MTQzMTM0WhcNMjYwMzI0MTQzMTM0WjAzMTEwLwYDVQQDEyhkZGZkYjM2ZmExNDBj
NTM0NGZjZmEyYzdmMTBjNWU0ZTQ0ZDRjYWRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA9WcnL2UzDpNixmyyDwA7vCNb/52Ivs+B/HVL96dbyH0W/wUy
zdmX1Q3oJ2D8apasLUihYNwwTrzMn/gaqj1PRFiyTIep0V5QAFneedQjnA/+FK5q
AC+H4QhqGcuhAKpyNLZ1M98YCCn0B14ghpk6EJFqb9OrdcF5MGk3gJxdCXUMrXJH
MP/hR03jQGG0PuBzamhAB7VtNdG9VWxpwwGwL4wyDbZowE05qCyywmtWDxhCjywp
6cGqS2oJhKNejhnLUovNmZtDxXqM5LJIwB7v/mO/jMe2vO789+OCdvhn6GTA7zVb
miuP49BvGgT3+rh4H3F1ALGOSmpuYiGfnBecVQIDAQABo4ICmTCCApUwHQYDVR0O
BBYEFNQY8C0MZ0Vd1eBY/x9XuSH69RwPMB8GA1UdIwQYMBaAFKbB/2GNliK3iQ+g
mDamXNI878RiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjliZmM2
M2M0ZDJlMjIyZGYzYTA5OWUyMjI1NjdkZWI5ZTg4YmIyNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjI2ZjRmMjgtODgwYy00YmI1LTk0NDItOWVlZjkz
MjVkN2ViL2RkZmRiMzZmYTE0MGM1MzQ0ZmNmYTJjN2YxMGM1ZTRlNDRkNGNhZGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MjZmNGYyOC04ODBjLTRiYjUtOTQ0Mi05ZWVm
OTMyNWQ3ZWIvMjliZmM2M2M0ZDJlMjIyZGYzYTA5OWUyMjI1NjdkZWI5ZTg4YmIy
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBggrBgEFBQcBBwEB/wRO
MEwwOwQCAAEwNQMEBLq94AMEArq9+AMEBr4CAAMDAL7SAwQFyD2gAwQGyERAAwQG
yEXAAwQGyHuAAwQGydjAMA0EAgACMAcDBQAoAABAMA0GCSqGSIb3DQEBCwUAA4IB
AQA6I5/BmxC9qN6xGUJy+r7dd0olr8TCWuKK7OAAcM5QT3e28LVvV4JYWWOMSL5P
2WLK6LtuSI/Jaqj6dfWDTe8mvvh8fmSsHI/jATPsbUat4tIuwOIqiwAP48GerRFF
gzgYo+1F/XDWxCIcvwvF2yL1LbtyOiT8nXQJYNSIp8N4getatCPSDJGD81V8jYAu
c66N+bGCWKbLVFJPhtFXi25jH+zSMo4FBSHYeV/1CGjZgZ/cfDgrlOyMANBJriCS
WtKL8YB9gjTH9QnISDdQ6o7QLa9z/9P4WtiWBWKQ/NWxsv58djBPYByUy7Ihnq7O
ZIj/8+64MjnuCJLM6mAfN5bz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:22 2023 by rpki-client on console-fra.rpki-client.org