Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e203130363937.roa
File:                     3136302e3233382e3230342e302f32322d3234203d3e203130363937.roa (raw, json)
Hash identifier:          rumT6S0mzXhdVCTHOrDPnb3AZS5Cpl4qPk6IJ94/K+Q=
Subject key identifier:   5D:B3:87:9F:76:E5:29:61:27:02:63:7D:E8:FD:68:10:C5:3F:9A:A9
Certificate issuer:       /CN=66D7CB6044C192E36153B39F7AF75BC83FF1DCB6
Certificate serial:       34F742B2F5795EC1E88B8F483304D92ECDE41501
Authority key identifier: 66:D7:CB:60:44:C1:92:E3:61:53:B3:9F:7A:F7:5B:C8:3F:F1:DC:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e203130363937.roa
Signing time:             Tue 05 Mar 2024 18:08:37 +0000
ROA not before:           Tue 05 Mar 2024 18:03:37 +0000
ROA not after:            Tue 04 Mar 2025 18:08:37 +0000
asID:                     10697
IP address blocks:        160.238.204.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Aug 2024 00:55:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:f7:42:b2:f5:79:5e:c1:e8:8b:8f:48:33:04:d9:2e:cd:e4:15:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66D7CB6044C192E36153B39F7AF75BC83FF1DCB6
        Validity
            Not Before: Mar  5 18:03:37 2024 GMT
            Not After : Mar  4 18:08:37 2025 GMT
        Subject: CN=5DB3879F76E529612702637DE8FD6810C53F9AA9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:91:76:f4:9e:f3:24:30:69:6d:3e:4b:00:a6:
                    54:02:6b:8b:b1:01:d3:71:74:ac:d6:34:80:c8:56:
                    e1:9a:ea:56:b7:10:98:46:c8:46:86:bc:54:18:a2:
                    40:15:93:97:66:63:96:5b:0d:4b:9d:b7:00:2e:c3:
                    9c:a9:2c:3e:75:54:10:c6:53:88:cf:f0:05:93:5f:
                    6b:a0:db:e2:8a:6f:47:c0:ca:ac:99:22:3f:33:c8:
                    d3:95:5e:57:8a:ff:9a:16:26:bd:fd:2c:f1:ae:3e:
                    ab:dd:69:e4:62:96:24:32:0a:02:2f:06:0a:12:58:
                    8c:96:8a:04:72:aa:74:33:6a:8c:b4:a4:25:ee:55:
                    91:2f:49:39:7a:59:4a:50:2c:d5:e3:ef:db:85:dc:
                    1a:43:66:66:53:41:bf:4a:dc:a3:c8:bb:a1:dd:20:
                    4d:42:8e:55:3a:8b:75:6d:3b:3c:e3:9e:40:45:24:
                    77:5c:41:7d:32:fa:33:72:c7:98:3e:4d:93:76:16:
                    3d:28:ea:82:91:06:5f:6b:da:78:b4:de:f8:f5:c5:
                    b3:e7:67:14:5b:3a:41:59:49:46:73:76:cf:b2:38:
                    05:c1:0b:95:b8:cc:18:2f:65:bf:ab:e5:58:08:ed:
                    28:bd:1b:9d:3e:8b:4f:16:ce:1e:b0:0c:a0:ec:44:
                    d2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:B3:87:9F:76:E5:29:61:27:02:63:7D:E8:FD:68:10:C5:3F:9A:A9
            X509v3 Authority Key Identifier:
                keyid:66:D7:CB:60:44:C1:92:E3:61:53:B3:9F:7A:F7:5B:C8:3F:F1:DC:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/66D7CB6044C192E36153B39F7AF75BC83FF1DCB6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7974DF2B4FA6EB74EEC85173F0BA46BD3C1FFD6F1C6F593B41350EA7A5565E78/0/3136302e3233382e3230342e302f32322d3234203d3e203130363937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.238.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:45:cf:53:eb:ce:13:47:19:ab:97:b8:bf:7b:19:f8:10:e9:
         03:a0:94:ba:84:32:7a:c6:e8:84:9e:ea:c3:f7:d1:b2:fa:59:
         01:5d:24:28:9a:62:f7:25:e5:2b:74:64:fe:ee:9d:45:6f:6f:
         1a:4a:6e:b6:0c:d7:9a:a2:a7:4f:a0:dc:d1:68:9e:2b:fd:6c:
         d2:df:29:8f:cb:8b:39:2d:a5:0a:2a:db:1c:2e:3f:01:d3:27:
         f2:9f:c2:fe:d8:af:56:40:b5:7e:7c:8a:00:1e:42:0e:d2:31:
         68:9e:98:5a:a8:ce:6b:65:bf:22:df:74:e1:c7:58:bb:6c:91:
         81:56:87:e4:cc:4d:b3:85:b8:f8:de:c3:b0:5e:40:9b:37:b0:
         d7:34:eb:b9:f2:b5:b3:bc:21:0d:1e:af:eb:b0:cd:d9:eb:9c:
         d0:07:69:62:32:b1:ec:fe:3c:12:d2:29:74:75:30:3d:a1:a4:
         3d:dd:6e:67:86:87:85:7e:69:07:d4:28:f3:6e:f7:09:72:f0:
         ec:19:45:23:dd:4d:e7:9e:3e:d1:ae:d9:e4:3f:a5:56:97:54:
         64:57:cb:20:f3:b0:d0:b8:83:11:3b:18:02:67:25:71:b9:df:
         cc:d0:03:78:cc:9c:98:62:83:8f:94:46:51:d7:b1:e8:97:99:
         c1:1f:26:5a
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUNPdCsvV5XsHoi49IMwTZLs3kFQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjZEN0NCNjA0NEMxOTJFMzYxNTNCMzlGN0FGNzVCQzgz
RkYxRENCNjAeFw0yNDAzMDUxODAzMzdaFw0yNTAzMDQxODA4MzdaMDMxMTAvBgNV
BAMTKDVEQjM4NzlGNzZFNTI5NjEyNzAyNjM3REU4RkQ2ODEwQzUzRjlBQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwkXb0nvMkMGltPksAplQCa4ux
AdNxdKzWNIDIVuGa6la3EJhGyEaGvFQYokAVk5dmY5ZbDUudtwAuw5ypLD51VBDG
U4jP8AWTX2ug2+KKb0fAyqyZIj8zyNOVXleK/5oWJr39LPGuPqvdaeRiliQyCgIv
BgoSWIyWigRyqnQzaoy0pCXuVZEvSTl6WUpQLNXj79uF3BpDZmZTQb9K3KPIu6Hd
IE1CjlU6i3VtOzzjnkBFJHdcQX0y+jNyx5g+TZN2Fj0o6oKRBl9r2ni03vj1xbPn
ZxRbOkFZSUZzds+yOAXBC5W4zBgvZb+r5VgI7Si9G50+i08Wzh6wDKDsRNIbAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUXbOHn3blKWEnAmN96P1oEMU/mqkwHwYDVR0j
BBgwFoAUZtfLYETBkuNhU7OfevdbyD/x3LYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83OTc0REYyQjRGQTZFQjc0RUVDODUxNzNGMEJBNDZCRDND
MUZGRDZGMUM2RjU5M0I0MTM1MEVBN0E1NTY1RTc4LzAvNjZEN0NCNjA0NEMxOTJF
MzYxNTNCMzlGN0FGNzVCQzgzRkYxRENCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NkQ3Q0I2MDQ0QzE5MkUzNjE1
M0IzOUY3QUY3NUJDODNGRjFEQ0I2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzk3NERGMkI0RkE2RUI3NEVFQzg1MTczRjBCQTQ2QkQzQzFGRkQ2RjFD
NkY1OTNCNDEzNTBFQTdBNTU2NUU3OC8wLzMxMzYzMDJlMzIzMzM4MmUzMjMwMzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMTMwMzYzOTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoO7M
MA0GCSqGSIb3DQEBCwUAA4IBAQAWRc9T684TRxmrl7i/exn4EOkDoJS6hDJ6xuiE
nurD99Gy+lkBXSQommL3JeUrdGT+7p1Fb28aSm62DNeaoqdPoNzRaJ4r/WzS3ymP
y4s5LaUKKtscLj8B0yfyn8L+2K9WQLV+fIoAHkIO0jFonphaqM5rZb8i33Thx1i7
bJGBVofkzE2zhbj43sOwXkCbN7DXNOu58rWzvCENHq/rsM3Z65zQB2liMrHs/jwS
0il0dTA9oaQ93W5nhoeFfmkH1CjzbvcJcvDsGUUj3U3nnj7RrtnkP6VWl1RkV8sg
87DQuIMROxgCZyVxud/M0AN4zJyYYoOPlEZR17Hol5nBHyZa
-----END CERTIFICATE-----
Generated at Tue Aug 20 06:00:06 2024 by rpki-client on console-ams.rpki-client.org