Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/24c7d3906129e08ad347dfd95d1c996ab08ad726.roa
File:                     24c7d3906129e08ad347dfd95d1c996ab08ad726.roa (raw, json)
Hash identifier:          DEiRAgA53QxZqNXj5Lw+PEB32HicWdlaFv/g6a/oxu4=
Subject key identifier:   97:94:27:2B:E8:25:2E:70:F4:CB:28:B3:AF:BB:2C:49:74:13:E8:BE
Certificate issuer:       /CN=20cfd36a556e1a46c18de53d3fa81b0e1e970f23
Certificate serial:       10C8
Authority key identifier: D6:76:54:78:51:E9:6F:3D:87:FA:EF:A4:05:EA:D4:A4:B7:0D:89:00
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/24c7d3906129e08ad347dfd95d1c996ab08ad726.roa
Signing time:             Wed 21 Sep 2022 20:41:05 +0000
ROA not before:           Wed 21 Sep 2022 20:36:41 +0000
ROA not after:            Sat 21 Sep 2024 20:36:41 +0000
asID:                     8163
IP address blocks:        190.1.160.0/24 maxlen: 24
                          190.1.161.0/24 maxlen: 24
                          190.1.162.0/24 maxlen: 24
                          190.1.163.0/24 maxlen: 24
                          190.1.164.0/24 maxlen: 24
                          190.1.165.0/24 maxlen: 24
                          190.1.166.0/24 maxlen: 24
                          190.1.167.0/24 maxlen: 24
                          190.1.168.0/24 maxlen: 24
                          190.1.169.0/24 maxlen: 24
                          190.1.170.0/24 maxlen: 24
                          190.1.171.0/24 maxlen: 24
                          190.1.172.0/24 maxlen: 24
                          190.1.173.0/24 maxlen: 24
                          190.1.174.0/24 maxlen: 24
                          190.1.175.0/24 maxlen: 24
                          190.1.176.0/24 maxlen: 24
                          190.1.177.0/24 maxlen: 24
                          190.1.178.0/24 maxlen: 24
                          190.1.179.0/24 maxlen: 24
                          190.1.180.0/24 maxlen: 24
                          190.1.181.0/24 maxlen: 24
                          190.1.182.0/24 maxlen: 24
                          190.1.183.0/24 maxlen: 24
                          190.1.184.0/24 maxlen: 24
                          190.1.186.0/24 maxlen: 24
                          190.1.187.0/24 maxlen: 24
                          190.1.188.0/24 maxlen: 24
                          190.1.189.0/24 maxlen: 24
                          190.1.190.0/24 maxlen: 24
                          190.1.191.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4296 (0x10c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20cfd36a556e1a46c18de53d3fa81b0e1e970f23
        Validity
            Not Before: Sep 21 20:36:41 2022 GMT
            Not After : Sep 21 20:36:41 2024 GMT
        Subject: CN=24c7d3906129e08ad347dfd95d1c996ab08ad726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:58:76:95:36:9c:13:32:00:b3:cb:2a:19:cf:
                    f2:6a:f7:4c:0b:ad:92:9c:80:16:cd:5e:a9:35:d9:
                    ad:61:f1:14:f4:60:11:30:ba:31:12:da:29:76:8e:
                    a1:43:bf:29:85:94:40:69:45:b5:3c:f9:75:7e:24:
                    37:a1:a9:6e:78:f1:f3:e0:ed:53:a2:d6:a3:3a:3e:
                    7d:05:5d:8e:d0:28:9b:2f:59:89:02:14:0b:0c:c8:
                    2d:b6:b5:1b:9d:93:ce:60:71:58:f4:c4:ed:94:8f:
                    76:31:ea:93:d1:14:7f:ae:81:f5:24:64:1c:f4:52:
                    24:6d:2a:db:3e:c7:15:c8:ce:a2:25:3e:67:7b:1f:
                    15:d8:d2:87:29:ce:dd:93:ae:a7:5b:8c:00:68:d2:
                    05:cb:d2:53:06:1e:a9:8f:2b:c0:8d:45:fe:de:83:
                    b0:f0:26:fe:4c:d4:13:51:a5:0c:7f:f9:13:c8:8d:
                    ec:c1:30:1a:b8:51:5b:15:30:84:55:6d:5a:ab:48:
                    e2:99:48:de:f3:8e:11:a5:d1:e7:7b:27:fa:08:65:
                    48:42:83:9e:eb:dd:fe:96:0c:e7:da:64:0c:f8:21:
                    a6:09:58:ab:37:73:f9:70:8c:0b:b5:52:6c:9e:11:
                    b7:ce:ee:d6:01:8f:62:24:4b:14:c7:fe:78:e9:29:
                    2e:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:94:27:2B:E8:25:2E:70:F4:CB:28:B3:AF:BB:2C:49:74:13:E8:BE
            X509v3 Authority Key Identifier:
                keyid:D6:76:54:78:51:E9:6F:3D:87:FA:EF:A4:05:EA:D4:A4:B7:0D:89:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/24c7d3906129e08ad347dfd95d1c996ab08ad726.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.1.160.0-190.1.184.255
                  190.1.186.0-190.1.191.255

    Signature Algorithm: sha256WithRSAEncryption
         2d:6f:87:5f:b8:98:dd:0f:7e:86:4f:e2:2b:74:fe:1d:5b:94:
         b3:ca:0f:2f:59:46:c1:a7:31:bb:b9:bd:44:d4:17:9f:15:c8:
         57:b1:fe:b3:15:81:2f:f1:7e:f9:26:6b:2a:86:1a:fa:0e:ee:
         cb:0d:a7:dd:f8:92:12:03:6e:23:bf:f0:03:aa:5e:f8:c4:10:
         ca:99:e3:b5:f6:aa:61:81:5a:8c:46:e8:87:74:36:4e:17:90:
         32:8f:92:47:73:38:7b:15:c6:7e:57:30:be:4c:dd:2b:9c:fc:
         9b:3d:de:1b:6d:52:a9:26:b4:31:12:89:37:ed:58:50:da:79:
         66:9e:c1:6f:81:da:ea:c7:0b:eb:20:3c:98:9d:60:7a:ed:e8:
         41:96:7f:cc:23:92:9a:2a:25:70:96:9f:6a:30:64:85:6f:9a:
         0a:24:1c:b1:bf:d8:92:f9:7d:d2:c8:bf:34:f2:c6:84:12:cc:
         c7:16:d0:82:1e:fd:db:4a:03:c1:49:13:54:e3:c4:0f:52:a5:
         ef:a4:b1:c9:ab:8d:7d:0d:f2:90:bb:c7:c8:fb:05:b8:b2:3d:
         10:3b:ca:b0:46:a2:1b:cb:f2:c0:3a:03:32:99:88:82:a2:21:
         82:37:bd:d5:63:49:a8:83:48:20:6b:83:1f:fa:aa:9d:f8:21:
         93:17:6a:20
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgICEMgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjBj
ZmQzNmE1NTZlMWE0NmMxOGRlNTNkM2ZhODFiMGUxZTk3MGYyMzAeFw0yMjA5MjEy
MDM2NDFaFw0yNDA5MjEyMDM2NDFaMDMxMTAvBgNVBAMTKDI0YzdkMzkwNjEyOWUw
OGFkMzQ3ZGZkOTVkMWM5OTZhYjA4YWQ3MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoWHaVNpwTMgCzyyoZz/Jq90wLrZKcgBbNXqk12a1h8RT0YBEw
ujES2il2jqFDvymFlEBpRbU8+XV+JDehqW548fPg7VOi1qM6Pn0FXY7QKJsvWYkC
FAsMyC22tRudk85gcVj0xO2Uj3Yx6pPRFH+ugfUkZBz0UiRtKts+xxXIzqIlPmd7
HxXY0ocpzt2TrqdbjABo0gXL0lMGHqmPK8CNRf7eg7DwJv5M1BNRpQx/+RPIjezB
MBq4UVsVMIRVbVqrSOKZSN7zjhGl0ed7J/oIZUhCg57r3f6WDOfaZAz4IaYJWKs3
c/lwjAu1UmyeEbfO7tYBj2IkSxTH/njpKS7VAgMBAAGjggJxMIICbTAdBgNVHQ4E
FgQUl5QnK+glLnD0yyizr7ssSXQT6L4wHwYDVR0jBBgwFoAU1nZUeFHpbz2H+u+k
BerUpLcNiQAwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8yMGNmZDM2
YTU1NmUxYTQ2YzE4ZGU1M2QzZmE4MWIwZTFlOTcwZjIzLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy85NThiMzFlYy0zMTMzLTQyM2QtOGFkYi0zODEzNmIz
YzlmNTEvMjRjN2QzOTA2MTI5ZTA4YWQzNDdkZmQ5NWQxYzk5NmFiMDhhZDcyNi5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzk1OGIzMWVjLTMxMzMtNDIzZC04YWRiLTM4MTM2
YjNjOWY1MS8yMGNmZDM2YTU1NmUxYTQ2YzE4ZGU1M2QzZmE4MWIwZTFlOTcwZjIz
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYw
JDAiBAIAATAcMAwDBAW+AaADBAC+AbgwDAMEAb4BugMEBr4BgDANBgkqhkiG9w0B
AQsFAAOCAQEALW+HX7iY3Q9+hk/iK3T+HVuUs8oPL1lGwacxu7m9RNQXnxXIV7H+
sxWBL/F++SZrKoYa+g7uyw2n3fiSEgNuI7/wA6pe+MQQypnjtfaqYYFajEboh3Q2
TheQMo+SR3M4exXGflcwvkzdK5z8mz3eG21SqSa0MRKJN+1YUNp5Zp7Bb4Ha6scL
6yA8mJ1geu3oQZZ/zCOSmiolcJafajBkhW+aCiQcsb/Ykvl90si/NPLGhBLMxxbQ
gh7920oDwUkTVOPED1Kl76SxyauNfQ3ykLvHyPsFuLI9EDvKsEaiG8vywDoDMpmI
gqIhgje91WNJqINIIGuDH/qqnfghkxdqIA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:46 2023 by rpki-client on console-ams.rpki-client.org