Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/09e2e02510da52f6d294fb906f818667c3ac19f0.roa
File:                     09e2e02510da52f6d294fb906f818667c3ac19f0.roa (raw, json)
Hash identifier:          CfkpKMP3amkl8afuwjCf0WW1YeR0RA4m3cSl/uLN96k=
Subject key identifier:   C4:F1:53:3F:37:CD:CF:BC:3E:F2:0F:0F:63:C7:05:EB:0F:CA:94:9F
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       1C27D4
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/09e2e02510da52f6d294fb906f818667c3ac19f0.roa
Signing time:             Tue 27 Sep 2022 23:03:19 +0000
ROA not before:           Tue 11 May 2021 03:00:00 +0000
ROA not after:            Thu 11 May 2023 03:00:00 +0000
asID:                     262589
IP address blocks:        179.1.0.0/21 maxlen: 24
                          179.1.8.0/21 maxlen: 24
                          179.1.6.0/24 maxlen: 24
                          179.1.8.0/24 maxlen: 24
                          179.1.9.0/24 maxlen: 24
                          179.1.10.0/24 maxlen: 24
                          179.1.14.0/24 maxlen: 24
                          179.1.80.0/24 maxlen: 24
                          179.1.81.0/24 maxlen: 24
                          179.1.82.0/24 maxlen: 24
                          179.1.16.0/20 maxlen: 24
                          179.1.32.0/20 maxlen: 24
                          179.1.48.0/20 maxlen: 24
                          179.1.69.0/24 maxlen: 24
                          179.1.91.0/24 maxlen: 24
                          179.1.89.0/24 maxlen: 24
                          179.1.70.0/24 maxlen: 24
                          179.1.96.0/20 maxlen: 24
                          179.1.115.0/24 maxlen: 24
                          179.1.128.0/20 maxlen: 24
                          179.1.129.0/24 maxlen: 24
                          179.1.130.0/24 maxlen: 24
                          179.1.131.0/24 maxlen: 24
                          179.1.132.0/24 maxlen: 24
                          179.1.133.0/24 maxlen: 24
                          179.1.134.0/24 maxlen: 24
                          179.1.135.0/24 maxlen: 24
                          179.1.192.0/18 maxlen: 24
                          179.1.127.0/24 maxlen: 24
                          179.1.128.0/24 maxlen: 24
                          179.1.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1845204 (0x1c27d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: May 11 03:00:00 2021 GMT
            Not After : May 11 03:00:00 2023 GMT
        Subject: CN=09e2e02510da52f6d294fb906f818667c3ac19f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6b:39:de:5a:14:17:46:dc:c1:33:89:15:b5:
                    3d:96:0d:06:a6:57:5f:a4:af:8a:3a:cf:90:d3:bc:
                    bf:d1:92:92:c7:a4:b4:e3:a1:44:60:03:8d:70:9f:
                    c9:f7:19:c0:1d:19:55:cc:6a:ec:a8:21:22:e9:db:
                    64:08:28:8a:13:59:21:83:ba:49:e8:45:8f:f9:30:
                    85:17:d2:5c:be:eb:ea:b0:91:12:3e:53:80:9f:76:
                    24:f7:29:3c:d9:5a:df:1a:3d:5c:02:a4:b3:9c:e4:
                    77:ef:5e:8e:3a:c2:d5:02:a3:de:d4:c8:63:e5:68:
                    8e:cd:b2:d8:9b:7d:4e:7e:12:42:f7:48:1b:e6:15:
                    74:fb:b2:96:48:50:80:75:47:51:d9:b9:5d:a5:37:
                    9f:d4:b4:0a:e9:ca:5e:ba:92:79:52:f8:be:46:10:
                    62:7b:f4:88:4a:c5:84:0b:bb:13:c8:c4:e2:1a:32:
                    8b:41:fb:6e:e9:9a:85:49:a1:89:54:11:19:db:db:
                    48:ed:75:03:2c:48:27:ab:1e:15:25:88:0f:98:07:
                    31:13:73:b8:d4:58:77:e9:65:0b:8b:53:a3:9c:26:
                    6f:71:61:05:38:47:c3:58:eb:d6:32:be:ff:10:e9:
                    c9:b2:31:58:57:f0:ea:6b:b4:2b:ed:85:e2:c7:44:
                    c2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:F1:53:3F:37:CD:CF:BC:3E:F2:0F:0F:63:C7:05:EB:0F:CA:94:9F
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/09e2e02510da52f6d294fb906f818667c3ac19f0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.1.0.0/18
                  179.1.69.0-179.1.70.255
                  179.1.80.0-179.1.82.255
                  179.1.89.0/24
                  179.1.91.0/24
                  179.1.96.0/20
                  179.1.115.0/24
                  179.1.127.0-179.1.143.255
                  179.1.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         88:80:5b:03:0a:d7:2f:b1:f0:62:6e:50:97:2b:3f:d6:e5:00:
         b6:b9:e6:1c:d8:37:11:8d:9b:55:1c:46:b5:8d:86:31:6c:77:
         de:3e:a3:51:9f:5c:4a:47:e2:c1:ed:8a:8b:cc:b0:1f:0c:ee:
         46:05:fc:7f:00:2f:aa:15:94:66:38:6f:33:a6:04:12:3c:61:
         e6:a8:7e:0b:f5:54:4f:a8:82:e6:d5:d6:e8:6e:84:85:b6:1c:
         cb:e5:c9:7e:4c:46:4e:e3:f2:0b:81:55:b1:17:7b:d5:50:b1:
         a0:c8:cd:d2:d2:01:49:9b:45:4c:eb:df:49:71:d8:82:a5:67:
         04:6b:70:61:47:7c:ce:5c:e0:44:2a:60:4d:11:71:7f:f4:77:
         4d:e3:55:c3:2c:5e:7b:71:2a:e7:a6:51:b4:99:38:67:5b:4b:
         3a:e6:5f:0a:97:e8:f0:63:66:7b:06:31:6a:57:8a:7b:fd:3b:
         ed:25:05:d4:e5:b3:10:95:2b:41:ac:1f:63:c2:b6:9c:dc:c2:
         3a:84:78:8e:b9:b2:80:2b:ee:d7:53:ad:fc:14:0b:7d:5b:9b:
         72:44:35:18:66:35:6f:52:74:89:dc:44:ea:00:1b:bb:ff:6a:
         cf:d7:bf:bd:b1:30:c7:39:7e:27:42:2a:32:2e:ed:e7:78:01:
         f4:9f:a2:2f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIDHCfUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwNTEx
MDMwMDAwWhcNMjMwNTExMDMwMDAwWjAzMTEwLwYDVQQDEygwOWUyZTAyNTEwZGE1
MmY2ZDI5NGZiOTA2ZjgxODY2N2MzYWMxOWYwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAt2s53loUF0bcwTOJFbU9lg0GpldfpK+KOs+Q07y/0ZKSx6S0
46FEYAONcJ/J9xnAHRlVzGrsqCEi6dtkCCiKE1khg7pJ6EWP+TCFF9JcvuvqsJES
PlOAn3Yk9yk82VrfGj1cAqSznOR3716OOsLVAqPe1Mhj5WiOzbLYm31OfhJC90gb
5hV0+7KWSFCAdUdR2bldpTef1LQK6cpeupJ5Uvi+RhBie/SISsWEC7sTyMTiGjKL
Qftu6ZqFSaGJVBEZ29tI7XUDLEgnqx4VJYgPmAcxE3O41Fh36WULi1OjnCZvcWEF
OEfDWOvWMr7/EOnJsjFYV/Dqa7Qr7YXix0TC+wIDAQABo4ICozCCAp8wHQYDVR0O
BBYEFMTxUz83zc+8PvIPD2PHBesPypSfMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5LzA5ZTJlMDI1MTBkYTUyZjZkMjk0ZmI5MDZmODE4NjY3YzNhYzE5ZjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRY
MFYwVAQCAAEwTgMEBrMBADAMAwQAswFFAwQAswFGMAwDBASzAVADBACzAVIDBACz
AVkDBACzAVsDBASzAWADBACzAXMwDAMEALMBfwMEBLMBgAMEBrMBwDANBgkqhkiG
9w0BAQsFAAOCAQEAiIBbAwrXL7HwYm5Qlys/1uUAtrnmHNg3EY2bVRxGtY2GMWx3
3j6jUZ9cSkfiwe2Ki8ywHwzuRgX8fwAvqhWUZjhvM6YEEjxh5qh+C/VUT6iC5tXW
6G6EhbYcy+XJfkxGTuPyC4FVsRd71VCxoMjN0tIBSZtFTOvfSXHYgqVnBGtwYUd8
zlzgRCpgTRFxf/R3TeNVwyxee3Eq56ZRtJk4Z1tLOuZfCpfo8GNmewYxaleKe/07
7SUF1OWzEJUrQawfY8K2nNzCOoR4jrmygCvu11Ot/BQLfVubckQ1GGY1b1J0idxE
6gAbu/9qz9e/vbEwxzl+J0IqMi7t53gB9J+iLw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:35 2023 by rpki-client on console-fra.rpki-client.org