Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a639b80b-9d59-4402-b477-a2b249caeee9/8a5482f2ac2f3791f23abcbdf228544f3adb6848.roa
File:                     8a5482f2ac2f3791f23abcbdf228544f3adb6848.roa (raw, json)
Hash identifier:          ENiGVE3neOUTxE1+1dfDnBDbApVx2OXdH5HJicNBW+0=
Subject key identifier:   A1:30:45:B4:89:F9:66:3D:AC:49:88:F0:94:BA:F2:FD:72:74:A2:19
Certificate issuer:       /CN=39c565bbc1beca70ca953d23feff753b392a17a7
Certificate serial:       0D3087
Authority key identifier: 87:B0:98:23:1A:C1:0E:6B:4E:27:AF:A8:8C:17:E4:9B:20:F2:1A:8C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/39c565bbc1beca70ca953d23feff753b392a17a7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a639b80b-9d59-4402-b477-a2b249caeee9/8a5482f2ac2f3791f23abcbdf228544f3adb6848.roa
Signing time:             Wed 24 Mar 2021 14:35:02 +0000
ROA not before:           Wed 24 Mar 2021 14:35:01 +0000
ROA not after:            Tue 24 Mar 2026 14:35:01 +0000
asID:                     18678
IP address blocks:        181.225.65.0/24 maxlen: 24
                          181.225.73.0/24 maxlen: 24
                          181.225.78.0/24 maxlen: 24
                          190.0.242.0/24 maxlen: 24
                          190.0.244.0/24 maxlen: 24
                          190.107.19.0/24 maxlen: 24
                          190.107.20.0/24 maxlen: 24
                          190.121.128.0/24 maxlen: 24
                          190.121.130.0/24 maxlen: 24
                          190.121.142.0/23 maxlen: 24
                          190.121.149.0/24 maxlen: 24
                          190.121.157.0/24 maxlen: 24
                          190.14.246.0/24 maxlen: 24
                          190.14.249.0/24 maxlen: 24
                          190.14.251.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 864391 (0xd3087)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39c565bbc1beca70ca953d23feff753b392a17a7
        Validity
            Not Before: Mar 24 14:35:01 2021 GMT
            Not After : Mar 24 14:35:01 2026 GMT
        Subject: CN=8a5482f2ac2f3791f23abcbdf228544f3adb6848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:b8:c5:a1:fa:13:d8:7a:f6:59:db:4b:a8:21:
                    f3:79:9e:c5:af:69:58:e0:94:af:7f:55:0a:7c:29:
                    6d:51:bc:b2:39:c4:72:6c:4c:aa:11:e5:63:5b:92:
                    3e:dc:d6:67:b2:ba:a1:75:c0:ef:52:8f:41:54:07:
                    b8:2b:f0:2c:27:c7:9e:67:67:72:6b:0b:29:81:10:
                    5e:85:5b:8b:71:de:9f:40:95:2d:d5:10:3d:4e:ca:
                    51:e3:55:f0:91:42:2e:da:c0:a1:23:14:31:ac:cd:
                    8a:a9:77:12:f9:b2:97:fd:76:87:11:c4:42:f3:84:
                    7c:f6:dc:69:9a:4f:da:84:50:a8:bf:f1:dc:47:6a:
                    8d:7c:b8:7f:ae:ce:31:23:a0:1e:57:69:c4:f0:4d:
                    38:c7:3d:34:3b:d2:dc:0f:c4:43:89:12:0e:d0:ee:
                    00:f4:d9:93:1a:80:17:67:e9:46:8d:9a:11:9c:b8:
                    40:e3:99:ea:0b:ea:df:86:76:28:2a:23:bc:86:71:
                    bc:06:44:b4:d5:f9:27:3f:6d:37:35:57:c0:1e:39:
                    c0:99:bf:98:18:0c:04:1b:6f:10:5b:b9:4b:08:71:
                    3e:c4:1a:43:2b:47:24:e1:14:84:35:5c:15:dd:3a:
                    89:36:ce:07:ef:75:22:67:ce:45:6f:4d:98:e8:b0:
                    69:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:30:45:B4:89:F9:66:3D:AC:49:88:F0:94:BA:F2:FD:72:74:A2:19
            X509v3 Authority Key Identifier:
                keyid:87:B0:98:23:1A:C1:0E:6B:4E:27:AF:A8:8C:17:E4:9B:20:F2:1A:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/39c565bbc1beca70ca953d23feff753b392a17a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a639b80b-9d59-4402-b477-a2b249caeee9/8a5482f2ac2f3791f23abcbdf228544f3adb6848.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a639b80b-9d59-4402-b477-a2b249caeee9/39c565bbc1beca70ca953d23feff753b392a17a7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.225.65.0/24
                  181.225.73.0/24
                  181.225.78.0/24
                  190.0.242.0/24
                  190.0.244.0/24
                  190.14.246.0/24
                  190.14.249.0/24
                  190.14.251.0/24
                  190.107.19.0-190.107.20.255
                  190.121.128.0/24
                  190.121.130.0/24
                  190.121.142.0/23
                  190.121.149.0/24
                  190.121.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:b5:08:eb:1e:97:e5:dc:52:ca:4e:c1:7a:3c:e0:54:ff:84:
         5e:1a:cd:52:b0:a0:99:2e:68:b6:d9:4f:d8:14:25:58:97:34:
         5d:fa:83:77:bd:31:d0:76:c7:d5:42:5b:55:4a:78:a7:c2:87:
         fe:47:c6:d9:d9:43:f3:1c:fa:0c:29:02:59:e4:bf:5b:04:4d:
         1d:e5:d0:6c:4d:d9:79:96:1c:b5:56:52:f8:ea:ec:74:80:f5:
         f6:24:b0:ef:4b:ac:39:6d:41:59:54:77:fd:7b:90:7b:5e:e9:
         cf:5e:d2:58:d7:ac:da:b4:62:4e:29:2e:bd:6b:e0:dc:b3:27:
         77:ce:c7:a4:ef:10:5f:55:07:53:4f:2f:3f:2c:5e:8a:42:13:
         4c:b5:ee:ba:a7:ec:a6:76:7c:16:6e:29:67:4e:29:8e:7e:91:
         43:50:6e:31:e2:be:da:f5:91:3f:ea:07:42:0e:a3:4d:f3:00:
         82:bd:2f:7e:11:d5:0b:7c:82:5d:6f:00:13:4d:ae:61:d7:42:
         e1:2e:63:c1:59:bc:ab:ae:dc:86:8c:ea:f0:73:d2:e1:07:93:
         05:de:57:d4:f7:23:d6:34:57:c8:16:9d:0f:da:ac:12:a5:0f:
         46:7e:6b:88:9d:84:e6:0e:2c:91:14:ed:48:62:60:bc:07:06:
         2c:80:58:28
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDDTCHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM5
YzU2NWJiYzFiZWNhNzBjYTk1M2QyM2ZlZmY3NTNiMzkyYTE3YTcwHhcNMjEwMzI0
MTQzNTAxWhcNMjYwMzI0MTQzNTAxWjAzMTEwLwYDVQQDEyg4YTU0ODJmMmFjMmYz
NzkxZjIzYWJjYmRmMjI4NTQ0ZjNhZGI2ODQ4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgLjFofoT2Hr2WdtLqCHzeZ7Fr2lY4JSvf1UKfCltUbyyOcRy
bEyqEeVjW5I+3NZnsrqhdcDvUo9BVAe4K/AsJ8eeZ2dyawspgRBehVuLcd6fQJUt
1RA9TspR41XwkUIu2sChIxQxrM2KqXcS+bKX/XaHEcRC84R89txpmk/ahFCov/Hc
R2qNfLh/rs4xI6AeV2nE8E04xz00O9LcD8RDiRIO0O4A9NmTGoAXZ+lGjZoRnLhA
45nqC+rfhnYoKiO8hnG8BkS01fknP203NVfAHjnAmb+YGAwEG28QW7lLCHE+xBpD
K0ck4RSENVwV3TqJNs4H73UiZ85Fb02Y6LBpaQIDAQABo4ICsTCCAq0wHQYDVR0O
BBYEFKEwRbSJ+WY9rEmI8JS68v1ydKIZMB8GA1UdIwQYMBaAFIewmCMawQ5rTiev
qIwX5Jsg8hqMMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzljNTY1
YmJjMWJlY2E3MGNhOTUzZDIzZmVmZjc1M2IzOTJhMTdhNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTYzOWI4MGItOWQ1OS00NDAyLWI0NzctYTJiMjQ5
Y2FlZWU5LzhhNTQ4MmYyYWMyZjM3OTFmMjNhYmNiZGYyMjg1NDRmM2FkYjY4NDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hNjM5YjgwYi05ZDU5LTQ0MDItYjQ3Ny1hMmIy
NDljYWVlZTkvMzljNTY1YmJjMWJlY2E3MGNhOTUzZDIzZmVmZjc1M2IzOTJhMTdh
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1BggrBgEFBQcBBwEB/wRm
MGQwYgQCAAEwXAMEALXhQQMEALXhSQMEALXhTgMEAL4A8gMEAL4A9AMEAL4O9gME
AL4O+QMEAL4O+zAMAwQAvmsTAwQAvmsUAwQAvnmAAwQAvnmCAwQBvnmOAwQAvnmV
AwQAvnmdMA0GCSqGSIb3DQEBCwUAA4IBAQB1tQjrHpfl3FLKTsF6POBU/4ReGs1S
sKCZLmi22U/YFCVYlzRd+oN3vTHQdsfVQltVSninwof+R8bZ2UPzHPoMKQJZ5L9b
BE0d5dBsTdl5lhy1VlL46ux0gPX2JLDvS6w5bUFZVHf9e5B7XunPXtJY16zatGJO
KS69a+Dcsyd3zsek7xBfVQdTTy8/LF6KQhNMte66p+ymdnwWbilnTimOfpFDUG4x
4r7a9ZE/6gdCDqNN8wCCvS9+EdULfIJdbwATTa5h10LhLmPBWbyrrtyGjOrwc9Lh
B5MF3lfU9yPWNFfIFp0P2qwSpQ9GfmuInYTmDiyRFO1IYmC8BwYsgFgo
-----END CERTIFICATE-----
Generated at Mon Jul 31 21:51:06 2023 by rpki-client on console-fra.rpki-client.org