Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a263dc57-e11c-4608-9af2-bdfb16e216dc/302da89f0b3fbaf6dff8e38c858d7132621e8438.roa
File: 302da89f0b3fbaf6dff8e38c858d7132621e8438.roa (raw, json)
Hash identifier: 4ByoI08DtBK8/lva0K2HeWbfhIMdCl0uM/Xn+ZW4pRk=
Subject key identifier: C5:DF:40:97:57:E3:3B:A6:28:59:D0:D8:52:54:DB:31:E8:23:E7:1C
Certificate issuer: /CN=9b3d6002276e2295200c85a66129c42e4d483c34
Certificate serial: 229488
Authority key identifier: 30:21:FB:0B:72:5D:F2:BC:EB:41:C8:0F:BA:80:CB:82:38:60:F9:0A
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9b3d6002276e2295200c85a66129c42e4d483c34.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/a263dc57-e11c-4608-9af2-bdfb16e216dc/302da89f0b3fbaf6dff8e38c858d7132621e8438.roa
Signing time: Wed 28 Jun 2023 21:04:18 +0000
ROA not before: Tue 27 Jun 2023 21:04:18 +0000
ROA not after: Sat 28 Jun 2025 21:04:18 +0000
asID: 52468
IP address blocks: 167.250.180.0/22 maxlen: 24
177.234.192.0/18 maxlen: 24
200.24.128.0/19 maxlen: 24
2803:2540::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2266248 (0x229488)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b3d6002276e2295200c85a66129c42e4d483c34
Validity
Not Before: Jun 27 21:04:18 2023 GMT
Not After : Jun 28 21:04:18 2025 GMT
Subject: CN=302da89f0b3fbaf6dff8e38c858d7132621e8438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:75:4d:9f:f5:b2:ec:72:d4:fb:e0:59:45:de:
32:aa:ea:2f:41:2d:94:2b:91:ce:ff:ab:1d:ac:a0:
31:40:76:67:1f:db:72:93:09:06:b9:09:76:a9:fd:
72:e7:26:07:df:ba:0d:13:5a:c1:f7:3d:d6:2d:a0:
4f:35:87:f5:bd:a2:ad:9e:3e:03:29:0e:46:94:2b:
1c:4e:ac:8a:01:c6:7c:89:a7:d6:aa:d3:63:fd:f1:
0f:37:c5:45:44:67:9b:d1:28:bf:4a:67:28:a4:38:
33:54:03:bb:8e:ce:c6:06:66:b2:62:f1:f1:43:14:
25:26:58:e9:1d:65:95:2c:9b:ec:d3:21:e2:0b:f5:
70:6b:59:5f:3b:5e:2e:83:35:75:9a:6f:cd:9d:3f:
5b:3e:44:56:6c:9e:ac:84:86:c8:5e:57:26:83:26:
d6:02:b3:91:1c:6f:c9:11:70:5a:ab:85:01:03:a7:
8c:46:4a:59:ab:e8:98:6a:1f:ed:ea:40:b0:07:e2:
7d:a3:62:00:64:ca:ad:69:c7:83:1e:e0:53:a6:58:
1e:6a:4d:05:08:4e:ba:ab:f8:3f:7a:54:75:c2:72:
ce:7b:11:30:36:86:69:57:45:c5:6f:3e:af:db:fe:
9b:78:ff:f6:56:a8:33:50:e6:ca:c9:ab:89:11:c0:
1c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DF:40:97:57:E3:3B:A6:28:59:D0:D8:52:54:DB:31:E8:23:E7:1C
X509v3 Authority Key Identifier:
keyid:30:21:FB:0B:72:5D:F2:BC:EB:41:C8:0F:BA:80:CB:82:38:60:F9:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9b3d6002276e2295200c85a66129c42e4d483c34.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a263dc57-e11c-4608-9af2-bdfb16e216dc/302da89f0b3fbaf6dff8e38c858d7132621e8438.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/a263dc57-e11c-4608-9af2-bdfb16e216dc/9b3d6002276e2295200c85a66129c42e4d483c34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.250.180.0/22
177.234.192.0/18
200.24.128.0/19
IPv6:
2803:2540::/32
Signature Algorithm: sha256WithRSAEncryption
56:b5:4c:88:cc:c3:0d:59:97:e3:26:2e:60:a0:6c:e6:fa:69:
01:0b:2a:56:c2:16:fe:2f:4d:5d:24:5d:4c:5a:b3:2c:e2:3e:
9c:bb:f4:11:60:aa:c4:46:a4:9e:5a:46:b1:da:60:08:90:b4:
c2:c8:7c:94:70:16:78:75:d3:e8:97:3f:ab:e8:7b:cb:32:90:
c5:1a:3e:62:16:b6:01:ff:62:fc:90:52:6f:40:f5:c5:d1:a5:
5e:71:8c:9a:e0:d1:4e:31:e5:6b:ce:be:f1:cc:31:e6:83:59:
41:ba:c6:ce:c4:b3:aa:ee:29:9e:bf:1a:e3:f3:e9:27:80:dc:
9a:f8:7a:79:9a:2d:67:cb:5c:61:e5:5d:3d:4b:cb:ef:fc:f6:
36:0d:94:2c:c1:51:75:a4:f8:0e:9c:22:0b:ab:70:37:db:b3:
2d:3b:a1:d6:43:81:34:e1:54:6e:b2:ec:9a:b5:65:71:14:b8:
2c:72:6f:65:52:77:76:e4:5c:dd:2f:68:5e:e6:59:b3:2c:76:
45:50:88:9a:2b:96:d6:e7:5a:be:e5:08:d8:f6:00:82:0b:8b:
a9:25:cd:c9:b2:84:3b:3f:e8:4f:7c:ea:f2:00:89:4e:95:0e:
d2:6a:5c:8a:d9:4a:d4:4b:bb:92:76:95:57:f3:5e:27:42:6a:
65:dc:45:d5
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDIpSIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDli
M2Q2MDAyMjc2ZTIyOTUyMDBjODVhNjYxMjljNDJlNGQ0ODNjMzQwHhcNMjMwNjI3
MjEwNDE4WhcNMjUwNjI4MjEwNDE4WjAzMTEwLwYDVQQDEygzMDJkYTg5ZjBiM2Zi
YWY2ZGZmOGUzOGM4NThkNzEzMjYyMWU4NDM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAr3VNn/Wy7HLU++BZRd4yquovQS2UK5HO/6sdrKAxQHZnH9ty
kwkGuQl2qf1y5yYH37oNE1rB9z3WLaBPNYf1vaKtnj4DKQ5GlCscTqyKAcZ8iafW
qtNj/fEPN8VFRGeb0Si/SmcopDgzVAO7js7GBmayYvHxQxQlJljpHWWVLJvs0yHi
C/Vwa1lfO14ugzV1mm/NnT9bPkRWbJ6shIbIXlcmgybWArORHG/JEXBaq4UBA6eM
RkpZq+iYah/t6kCwB+J9o2IAZMqtaceDHuBTplgeak0FCE66q/g/elR1wnLOexEw
NoZpV0XFbz6v2/6beP/2VqgzUObKyauJEcAczQIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFMXfQJdX4zumKFnQ2FJU2zHoI+ccMB8GA1UdIwQYMBaAFDAh+wtyXfK860HI
D7qAy4I4YPkKMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWIzZDYw
MDIyNzZlMjI5NTIwMGM4NWE2NjEyOWM0MmU0ZDQ4M2MzNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTI2M2RjNTctZTExYy00NjA4LTlhZjItYmRmYjE2
ZTIxNmRjLzMwMmRhODlmMGIzZmJhZjZkZmY4ZTM4Yzg1OGQ3MTMyNjIxZTg0Mzgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMjYzZGM1Ny1lMTFjLTQ2MDgtOWFmMi1iZGZi
MTZlMjE2ZGMvOWIzZDYwMDIyNzZlMjI5NTIwMGM4NWE2NjEyOWM0MmU0ZDQ4M2Mz
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEAqf6tAMEBrHqwAMEBcgYgDANBAIAAjAHAwUAKAMlQDANBgkq
hkiG9w0BAQsFAAOCAQEAVrVMiMzDDVmX4yYuYKBs5vppAQsqVsIW/i9NXSRdTFqz
LOI+nLv0EWCqxEaknlpGsdpgCJC0wsh8lHAWeHXT6Jc/q+h7yzKQxRo+Yha2Af9i
/JBSb0D1xdGlXnGMmuDRTjHla86+8cwx5oNZQbrGzsSzqu4pnr8a4/PpJ4Dcmvh6
eZotZ8tcYeVdPUvL7/z2Ng2ULMFRdaT4DpwiC6twN9uzLTuh1kOBNOFUbrLsmrVl
cRS4LHJvZVJ3duRc3S9oXuZZsyx2RVCImiuW1udavuUI2PYAgguLqSXNybKEOz/o
T3zq8gCJTpUO0mpcitlK1Eu7knaVV/NeJ0JqZdxF1Q==
-----END CERTIFICATE-----
Generated at Tue Oct 17 20:26:36 2023 by rpki-client on console-ams.rpki-client.org