Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/65afb993-9cea-4f8c-855c-1570ec06e64c/d276df3f73d4803d0080c19c24d541d2a705eece.roa
File:                     d276df3f73d4803d0080c19c24d541d2a705eece.roa (raw, json)
Hash identifier:          NMsBUG1fKe9NYXwXI7D0MFm/Mt5GWgW7wy4TvAI0eZE=
Subject key identifier:   75:AF:5C:32:32:9B:9C:21:6C:5A:31:1E:CE:14:F9:77:28:96:3A:B3
Certificate issuer:       /CN=5b167a71215fda9fbeb96f856a1f2b9c72e00e85
Certificate serial:       0D21FE
Authority key identifier: 21:97:4C:BD:6A:1F:54:3F:50:7C:6C:6C:E8:63:4C:1E:7E:2A:D0:20
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5b167a71215fda9fbeb96f856a1f2b9c72e00e85.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/65afb993-9cea-4f8c-855c-1570ec06e64c/d276df3f73d4803d0080c19c24d541d2a705eece.roa
Signing time:             Wed 24 Mar 2021 14:33:43 +0000
ROA not before:           Wed 24 Mar 2021 14:33:42 +0000
ROA not after:            Tue 24 Mar 2026 14:33:42 +0000
asID:                     16629
IP address blocks:        192.141.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 04 Mar 2024 14:21:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 860670 (0xd21fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b167a71215fda9fbeb96f856a1f2b9c72e00e85
        Validity
            Not Before: Mar 24 14:33:42 2021 GMT
            Not After : Mar 24 14:33:42 2026 GMT
        Subject: CN=d276df3f73d4803d0080c19c24d541d2a705eece
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:9c:17:a8:61:bc:c2:fd:f9:bc:83:d7:32:b6:
                    99:0e:58:58:bb:88:af:ba:48:21:75:97:65:f5:c2:
                    da:f9:88:09:a0:20:e3:9a:86:9c:13:3e:71:f6:59:
                    b6:7a:7a:36:85:e8:d7:1f:4e:c5:e0:fd:49:76:47:
                    39:cf:67:8d:44:19:b3:95:37:89:a3:fe:d1:fe:d3:
                    78:c0:02:8e:0b:89:22:3c:be:da:f0:16:d8:c0:df:
                    6f:ef:84:ab:1d:3b:87:29:2c:d2:fd:0d:ea:96:97:
                    5a:7a:4d:36:7a:94:74:f2:e8:0a:03:7e:cd:71:36:
                    d3:e6:49:a1:fd:a3:b1:fd:f6:60:ad:78:9d:83:ef:
                    67:f2:18:74:85:67:e9:e0:47:a9:5f:ed:21:69:d3:
                    bf:4b:8b:f5:c0:a6:f3:62:cd:64:6e:17:ef:63:43:
                    e1:17:b5:57:3d:f8:6d:49:89:dc:f8:a7:07:10:57:
                    9d:0b:08:77:2e:76:18:fd:8b:76:e9:40:bf:91:af:
                    e8:7b:fc:c6:b4:b9:50:4a:dd:36:6a:37:0c:cc:7b:
                    0f:54:8e:ab:f7:0d:77:28:8c:91:41:56:bc:a3:bf:
                    cb:72:c1:20:a6:9e:80:79:51:10:0c:78:73:4f:cd:
                    b1:8d:e7:1b:39:07:e2:cd:ec:bb:5a:cf:2e:cf:45:
                    86:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:AF:5C:32:32:9B:9C:21:6C:5A:31:1E:CE:14:F9:77:28:96:3A:B3
            X509v3 Authority Key Identifier:
                keyid:21:97:4C:BD:6A:1F:54:3F:50:7C:6C:6C:E8:63:4C:1E:7E:2A:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5b167a71215fda9fbeb96f856a1f2b9c72e00e85.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/65afb993-9cea-4f8c-855c-1570ec06e64c/d276df3f73d4803d0080c19c24d541d2a705eece.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/65afb993-9cea-4f8c-855c-1570ec06e64c/5b167a71215fda9fbeb96f856a1f2b9c72e00e85.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.141.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:b0:30:58:8a:d0:be:ab:68:ab:e2:5a:be:bb:05:6c:0f:90:
         54:6b:b5:6b:39:20:54:ad:da:89:5d:d7:4c:40:97:84:e1:55:
         21:93:11:70:d0:b8:87:1c:bd:0e:e4:9d:d0:1e:e4:36:fe:bd:
         18:24:af:a7:8e:67:f8:23:45:33:b6:52:35:67:01:ec:f6:a1:
         df:a9:6a:05:ee:5f:fd:54:ea:14:0f:55:a3:54:d2:00:6f:7d:
         04:40:33:7b:e5:4e:3c:64:c6:d6:65:79:ae:b7:96:85:2e:d5:
         e8:fa:a2:4e:b5:bd:f5:7b:4b:1d:07:29:54:77:74:80:0b:20:
         6e:6f:9c:0a:3d:f7:23:6f:c4:41:d2:e3:cf:6d:e3:8b:0b:de:
         a1:25:a2:16:c0:2b:5f:c0:84:c6:f8:39:35:8e:d7:9e:52:de:
         34:a3:da:fe:fd:1b:77:10:82:c2:36:d7:84:4f:dc:7b:17:b2:
         dd:e8:18:7c:6f:f7:e1:a0:fd:b6:c6:4f:9b:5a:64:dc:c7:47:
         80:79:29:b2:ee:51:83:78:5b:cc:81:38:b7:ab:1f:aa:43:90:
         64:7c:2e:2b:f5:6d:a9:a7:8c:69:46:d0:ee:81:fa:0e:8f:4c:
         0a:0b:b1:7c:17:63:5e:24:60:f8:9e:fd:89:ee:d7:20:da:8e:
         6d:5a:39:48
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDSH+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVi
MTY3YTcxMjE1ZmRhOWZiZWI5NmY4NTZhMWYyYjljNzJlMDBlODUwHhcNMjEwMzI0
MTQzMzQyWhcNMjYwMzI0MTQzMzQyWjAzMTEwLwYDVQQDEyhkMjc2ZGYzZjczZDQ4
MDNkMDA4MGMxOWMyNGQ1NDFkMmE3MDVlZWNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm5wXqGG8wv35vIPXMraZDlhYu4ivukghdZdl9cLa+YgJoCDj
moacEz5x9lm2eno2hejXH07F4P1Jdkc5z2eNRBmzlTeJo/7R/tN4wAKOC4kiPL7a
8BbYwN9v74SrHTuHKSzS/Q3qlpdaek02epR08ugKA37NcTbT5kmh/aOx/fZgrXid
g+9n8hh0hWfp4EepX+0hadO/S4v1wKbzYs1kbhfvY0PhF7VXPfhtSYnc+KcHEFed
Cwh3LnYY/Yt26UC/ka/oe/zGtLlQSt02ajcMzHsPVI6r9w13KIyRQVa8o7/LcsEg
pp6AeVEQDHhzT82xjecbOQfizey7Ws8uz0WG1wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHWvXDIym5whbFoxHs4U+XcoljqzMB8GA1UdIwQYMBaAFCGXTL1qH1Q/UHxs
bOhjTB5+KtAgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNWIxNjdh
NzEyMTVmZGE5ZmJlYjk2Zjg1NmExZjJiOWM3MmUwMGU4NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjVhZmI5OTMtOWNlYS00ZjhjLTg1NWMtMTU3MGVj
MDZlNjRjL2QyNzZkZjNmNzNkNDgwM2QwMDgwYzE5YzI0ZDU0MWQyYTcwNWVlY2Uu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82NWFmYjk5My05Y2VhLTRmOGMtODU1Yy0xNTcw
ZWMwNmU2NGMvNWIxNjdhNzEyMTVmZGE5ZmJlYjk2Zjg1NmExZjJiOWM3MmUwMGU4
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsCNqDANBgkqhkiG9w0BAQsFAAOCAQEATbAwWIrQvqtoq+Ja
vrsFbA+QVGu1azkgVK3aiV3XTECXhOFVIZMRcNC4hxy9DuSd0B7kNv69GCSvp45n
+CNFM7ZSNWcB7Pah36lqBe5f/VTqFA9Vo1TSAG99BEAze+VOPGTG1mV5rreWhS7V
6PqiTrW99XtLHQcpVHd0gAsgbm+cCj33I2/EQdLjz23jiwveoSWiFsArX8CExvg5
NY7XnlLeNKPa/v0bdxCCwjbXhE/cexey3egYfG/34aD9tsZPm1pk3MdHgHkpsu5R
g3hbzIE4t6sfqkOQZHwuK/VtqaeMaUbQ7oH6Do9MCguxfBdjXiRg+J79ie7XINqO
bVo5SA==
-----END CERTIFICATE-----
Generated at Mon Mar 4 17:22:37 2024 by rpki-client on console-ams.rpki-client.org