Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91f0feda-4e2a-41b7-bf51-e657a5264035/452d315691a7e8ef0096770ba76bc33e294b7ffd.roa
File: 452d315691a7e8ef0096770ba76bc33e294b7ffd.roa (raw, json)
Hash identifier: fp7Y1xnz3XIcU7Sd4VJPkra4xxeoMonHe46jQ+mW0y0=
Subject key identifier: 7A:A9:59:B7:BC:10:70:A7:93:09:63:42:5E:A5:07:F3:79:30:EB:06
Certificate issuer: /CN=d22cc49db918d10383d16f3a1f83aa1e2a5567b7
Certificate serial: 0D52B4
Authority key identifier: CA:B2:DD:CB:EA:02:99:21:D9:53:0C:A6:A2:68:5C:12:F4:57:57:1A
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d22cc49db918d10383d16f3a1f83aa1e2a5567b7.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/91f0feda-4e2a-41b7-bf51-e657a5264035/452d315691a7e8ef0096770ba76bc33e294b7ffd.roa
Signing time: Tue 06 Apr 2021 12:36:26 +0000
ROA not before: Tue 06 Apr 2021 03:00:00 +0000
ROA not after: Thu 06 Apr 2023 03:00:00 +0000
asID: 27882
IP address blocks: 131.0.196.0/22 maxlen: 24
143.137.228.0/22 maxlen: 24
177.222.32.0/20 maxlen: 24
177.222.48.0/23 maxlen: 24
177.222.51.0/24 maxlen: 24
177.222.52.0/22 maxlen: 24
177.222.56.0/21 maxlen: 24
177.222.96.0/19 maxlen: 24
181.114.96.0/19 maxlen: 24
181.188.128.0/18 maxlen: 24
190.104.0.0/19 maxlen: 24
200.73.96.0/21 maxlen: 24
2800:320:402::/48 maxlen: 48
2800:320:404::/46 maxlen: 48
2800:320:408::/47 maxlen: 48
2800:320:822::/48 maxlen: 48
2800:320:8003::/48 maxlen: 48
2800:320:8401::/48 maxlen: 48
2800:320:8403::/48 maxlen: 48
2800:320:8404::/48 maxlen: 48
2800:320:8406::/48 maxlen: 48
2800:320:8408::/47 maxlen: 48
2800:320:840c::/48 maxlen: 48
2800:320:9800::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 873140 (0xd52b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d22cc49db918d10383d16f3a1f83aa1e2a5567b7
Validity
Not Before: Apr 6 03:00:00 2021 GMT
Not After : Apr 6 03:00:00 2023 GMT
Subject: CN=452d315691a7e8ef0096770ba76bc33e294b7ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1f:80:4d:8b:3e:83:38:98:cc:98:0b:50:b6:
89:e9:fb:df:95:7a:08:98:58:5f:39:f4:d0:5b:9d:
c2:b9:6c:78:8a:38:4d:6e:09:58:a5:5b:e3:ba:52:
0e:e0:5d:4c:97:13:ba:23:0c:3a:fa:76:ab:96:14:
09:47:94:14:ab:00:97:09:14:d2:cb:30:77:7a:ff:
80:db:4a:f5:c3:a0:a6:05:27:22:70:b8:e9:b8:1e:
65:c7:2b:a8:64:63:e4:6e:d6:41:be:0e:bb:e9:eb:
77:99:b0:78:c6:d0:c0:06:95:03:81:23:fc:d9:e7:
88:d4:bb:3c:1e:73:8e:55:a7:64:a4:36:d4:80:5d:
15:f5:6e:a7:2c:c7:7c:52:41:f0:74:ce:a4:8d:7b:
fe:7c:10:2e:70:21:c2:ef:34:0e:5d:a3:8c:e7:8b:
90:16:73:b3:94:15:42:df:ae:d4:9d:b8:6d:3b:aa:
34:af:37:87:9f:8d:40:36:31:51:f7:cf:49:c3:f5:
fa:dc:74:cf:f6:69:9d:ca:2a:fb:b4:9c:77:66:ea:
c6:fc:97:f9:09:f5:d4:81:94:06:ed:7d:0d:6d:ee:
98:53:b9:ba:b2:16:0e:b4:a0:68:91:0a:d0:86:a4:
a4:e8:6e:ea:57:82:f0:3c:c5:58:f9:87:5d:9b:e8:
8c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A9:59:B7:BC:10:70:A7:93:09:63:42:5E:A5:07:F3:79:30:EB:06
X509v3 Authority Key Identifier:
keyid:CA:B2:DD:CB:EA:02:99:21:D9:53:0C:A6:A2:68:5C:12:F4:57:57:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d22cc49db918d10383d16f3a1f83aa1e2a5567b7.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91f0feda-4e2a-41b7-bf51-e657a5264035/452d315691a7e8ef0096770ba76bc33e294b7ffd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/91f0feda-4e2a-41b7-bf51-e657a5264035/d22cc49db918d10383d16f3a1f83aa1e2a5567b7.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.0.196.0/22
143.137.228.0/22
177.222.32.0-177.222.49.255
177.222.51.0-177.222.63.255
177.222.96.0/19
181.114.96.0/19
181.188.128.0/18
190.104.0.0/19
200.73.96.0/21
IPv6:
2800:320:402::/48
2800:320:404::-2800:320:409:ffff:ffff:ffff:ffff:ffff
2800:320:822::/48
2800:320:8003::/48
2800:320:8401::/48
2800:320:8403::-2800:320:8404:ffff:ffff:ffff:ffff:ffff
2800:320:8406::/48
2800:320:8408::/47
2800:320:840c::/48
2800:320:9800::/48
Signature Algorithm: sha256WithRSAEncryption
2f:3f:03:1c:77:ab:6c:8d:76:fd:91:0e:0f:73:e2:d4:e4:ee:
db:da:2c:94:cb:df:45:2e:ad:8b:ed:35:ab:71:c9:25:5f:b8:
19:56:42:2c:df:c0:40:8a:4c:5a:d9:46:8f:77:c7:85:06:b7:
bd:82:f7:2c:e4:ac:0a:8e:10:3d:1e:00:3b:be:ab:43:87:90:
e9:d5:d0:85:d9:90:ff:08:fa:11:47:39:10:8d:40:f7:3f:02:
8c:23:fb:ba:53:b6:5d:e0:bc:95:93:08:33:e5:c7:47:de:6d:
df:ce:e9:6a:96:a8:8a:39:8c:cd:b5:df:f8:fe:56:4c:fe:d3:
a0:30:bd:23:a9:67:28:b0:8e:0f:87:a3:9e:93:5a:ea:a2:34:
10:ae:7f:60:77:a8:f9:46:88:da:92:cd:4e:39:c1:53:cd:7f:
96:a4:15:cf:95:36:de:41:b8:5c:da:73:e7:cb:c7:2f:5b:5a:
f1:57:79:45:59:3e:4f:40:39:d8:ab:98:c6:cc:52:db:25:21:
a6:d1:80:11:e4:76:1b:fb:b0:ae:e6:3d:15:88:68:6c:b6:47:
ef:c9:10:cb:f6:a8:23:26:ec:fb:b6:af:04:57:2e:66:95:8f:
95:5f:62:9f:c5:11:d6:e3:c8:06:ac:a1:52:6a:8d:99:17:51:
a1:c1:69:e3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIDDVK0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQy
MmNjNDlkYjkxOGQxMDM4M2QxNmYzYTFmODNhYTFlMmE1NTY3YjcwHhcNMjEwNDA2
MDMwMDAwWhcNMjMwNDA2MDMwMDAwWjAzMTEwLwYDVQQDEyg0NTJkMzE1NjkxYTdl
OGVmMDA5Njc3MGJhNzZiYzMzZTI5NGI3ZmZkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuh+ATYs+gziYzJgLULaJ6fvflXoImFhfOfTQW53CuWx4ijhN
bglYpVvjulIO4F1MlxO6Iww6+narlhQJR5QUqwCXCRTSyzB3ev+A20r1w6CmBSci
cLjpuB5lxyuoZGPkbtZBvg676et3mbB4xtDABpUDgSP82eeI1Ls8HnOOVadkpDbU
gF0V9W6nLMd8UkHwdM6kjXv+fBAucCHC7zQOXaOM54uQFnOzlBVC367UnbhtO6o0
rzeHn41ANjFR989Jw/X63HTP9mmdyir7tJx3ZurG/Jf5CfXUgZQG7X0Nbe6YU7m6
shYOtKBokQrQhqSk6G7qV4LwPMVY+Yddm+iMrQIDAQABo4IDFjCCAxIwHQYDVR0O
BBYEFHqpWbe8EHCnkwljQl6lB/N5MOsGMB8GA1UdIwQYMBaAFMqy3cvqApkh2VMM
pqJoXBL0V1caMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDIyY2M0
OWRiOTE4ZDEwMzgzZDE2ZjNhMWY4M2FhMWUyYTU1NjdiNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTFmMGZlZGEtNGUyYS00MWI3LWJmNTEtZTY1N2E1
MjY0MDM1LzQ1MmQzMTU2OTFhN2U4ZWYwMDk2NzcwYmE3NmJjMzNlMjk0YjdmZmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85MWYwZmVkYS00ZTJhLTQxYjctYmY1MS1lNjU3
YTUyNjQwMzUvZDIyY2M0OWRiOTE4ZDEwMzgzZDE2ZjNhMWY4M2FhMWUyYTU1Njdi
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB2QYIKwYBBQUHAQcBAf8E
gckwgcYwTAQCAAEwRgMEAoMAxAMEAo+J5DAMAwQFsd4gAwQBsd4wMAwDBACx3jMD
BAax3gADBAWx3mADBAW1cmADBAa1vIADBAW+aAADBAPISWAwdgQCAAIwcAMHACgA
AyAEAjASAwcCKAADIAQEAwcBKAADIAQIAwcAKAADIAgiAwcAKAADIIADAwcAKAAD
IIQBMBIDBwAoAAMghAMDBwAoAAMghAQDBwAoAAMghAYDBwEoAAMghAgDBwAoAAMg
hAwDBwAoAAMgmAAwDQYJKoZIhvcNAQELBQADggEBAC8/Axx3q2yNdv2RDg9z4tTk
7tvaLJTL30UurYvtNatxySVfuBlWQizfwECKTFrZRo93x4UGt72C9yzkrAqOED0e
ADu+q0OHkOnV0IXZkP8I+hFHORCNQPc/Aowj+7pTtl3gvJWTCDPlx0febd/O6WqW
qIo5jM213/j+Vkz+06AwvSOpZyiwjg+Ho56TWuqiNBCuf2B3qPlGiNqSzU45wVPN
f5akFc+VNt5BuFzac+fLxy9bWvFXeUVZPk9AOdirmMbMUtslIabRgBHkdhv7sK7m
PRWIaGy2R+/JEMv2qCMm7Pu2rwRXLmaVj5VfYp/FEdbjyAasoVJqjZkXUaHBaeM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:30 2023 by rpki-client on console-fra.rpki-client.org