Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/7149388e420fb96d734e1159fc2e9d12f77e6d8d.roa
File:                     7149388e420fb96d734e1159fc2e9d12f77e6d8d.roa (raw, json)
Hash identifier:          Mha5CYU4pVfxi9s+bu3l3a3ifYs28DlEbZdiRVFk7Kk=
Subject key identifier:   68:62:A4:5F:1F:5E:95:9B:B8:59:F9:9B:8C:6A:69:D9:2B:FB:43:31
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       204001
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/7149388e420fb96d734e1159fc2e9d12f77e6d8d.roa
Signing time:             Fri 20 Jan 2023 15:45:24 +0000
ROA not before:           Mon 26 Apr 2021 03:00:00 +0000
ROA not after:            Thu 11 May 2023 03:00:00 +0000
asID:                     262589
IP address blocks:        190.90.0.0/21 maxlen: 21
                          190.90.8.0/21 maxlen: 21
                          190.90.16.0/21 maxlen: 21
                          190.90.24.0/24 maxlen: 24
                          190.90.28.0/22 maxlen: 24
                          190.90.33.0/24 maxlen: 24
                          190.90.34.0/24 maxlen: 24
                          190.90.36.0/22 maxlen: 24
                          190.90.52.0/22 maxlen: 24
                          190.90.60.0/22 maxlen: 24
                          190.90.64.0/20 maxlen: 24
                          190.90.80.0/20 maxlen: 24
                          190.90.96.0/20 maxlen: 24
                          190.90.112.0/21 maxlen: 24
                          190.90.128.0/20 maxlen: 24
                          190.90.144.0/21 maxlen: 24
                          190.90.154.0/24 maxlen: 24
                          190.90.208.0/21 maxlen: 24
                          190.90.252.0/24 maxlen: 24
                          190.90.240.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2113537 (0x204001)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Apr 26 03:00:00 2021 GMT
            Not After : May 11 03:00:00 2023 GMT
        Subject: CN=7149388e420fb96d734e1159fc2e9d12f77e6d8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:5b:6b:3f:81:5f:12:fb:9c:4b:e7:a3:eb:9d:
                    f7:55:9a:6a:4c:9c:07:b7:49:a1:a5:0a:b6:26:56:
                    f1:97:07:46:81:b8:34:54:2d:19:cd:7a:ce:4a:75:
                    cb:f8:da:3d:87:fe:e2:9c:39:a9:e7:18:69:0d:7f:
                    47:f0:fb:e0:5c:1b:b3:52:99:8a:82:af:cd:27:ab:
                    25:38:ce:b2:fa:a1:1c:74:23:14:e4:15:ff:c4:48:
                    f2:d5:b3:44:26:cb:39:1a:01:98:34:21:c3:f4:5e:
                    3c:db:3c:55:e5:92:e1:b5:4b:2f:b3:18:1c:26:56:
                    69:85:44:8e:80:f3:2b:c6:39:20:df:7c:8c:89:17:
                    ed:55:8b:49:29:2f:60:c0:76:66:b2:7c:36:a3:cf:
                    6a:5b:bb:91:bd:e2:ab:6a:f7:9f:80:3c:83:41:47:
                    4f:f6:d8:a1:bd:a2:96:03:f8:d7:63:c9:f3:dd:a2:
                    8a:ff:9e:57:f6:ba:65:d8:af:06:5e:72:6d:32:75:
                    d8:89:b7:f0:5c:4b:19:9c:1c:d7:01:ce:16:00:19:
                    ea:40:16:8e:a9:e7:3e:34:21:d9:05:e8:3f:07:1e:
                    b4:b4:74:90:bf:40:59:47:ac:62:60:49:55:9a:e1:
                    59:f5:8c:6c:1c:51:97:c9:06:ad:59:2f:8f:71:13:
                    8a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:62:A4:5F:1F:5E:95:9B:B8:59:F9:9B:8C:6A:69:D9:2B:FB:43:31
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/7149388e420fb96d734e1159fc2e9d12f77e6d8d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.0.0-190.90.24.255
                  190.90.28.0/22
                  190.90.33.0-190.90.34.255
                  190.90.36.0/22
                  190.90.52.0/22
                  190.90.60.0-190.90.119.255
                  190.90.128.0-190.90.151.255
                  190.90.154.0/24
                  190.90.208.0/21
                  190.90.240.0/24
                  190.90.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:83:c9:f1:02:5c:c8:3e:c8:ac:6b:d3:41:d1:ce:cf:b6:71:
         bb:ae:c6:ce:b0:85:d5:1a:5b:e5:84:2f:32:c4:68:c4:e0:ac:
         ff:8b:b1:0a:68:48:40:3f:17:f3:bd:34:f7:f1:6a:46:c6:fc:
         83:cf:83:87:10:a4:49:13:eb:0e:d0:cc:85:9b:2a:b7:0b:21:
         57:ea:4c:a0:95:2b:3a:33:27:be:bc:b1:67:7a:1e:fb:2c:a4:
         28:4b:23:74:68:87:0b:26:cc:98:41:bc:99:99:4c:ee:6f:5b:
         1b:7d:c9:20:c7:da:53:b5:00:58:ed:e1:b2:a9:3a:af:98:0b:
         f6:ef:71:da:d8:43:c3:a2:75:c7:8a:24:00:c3:20:3a:26:df:
         35:4f:c2:da:8b:78:93:e8:e0:e2:47:07:f9:c9:ae:e7:2f:1f:
         a4:bd:4c:51:15:15:31:aa:4c:fa:2e:df:8f:32:33:7e:07:d5:
         33:89:d2:b6:c2:01:c9:9f:a1:f8:5f:07:ca:ca:d3:a0:d7:50:
         79:64:02:28:25:38:39:57:4f:f7:1d:70:8d:29:89:4c:d0:76:
         5b:4e:e8:3a:db:2a:17:74:c6:fc:5b:33:17:20:b1:ba:6c:8e:
         44:31:06:2f:42:6f:c5:3f:9d:5c:08:d3:63:d2:f0:91:65:7f:
         77:cf:62:6b
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDIEABMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwNDI2
MDMwMDAwWhcNMjMwNTExMDMwMDAwWjAzMTEwLwYDVQQDEyg3MTQ5Mzg4ZTQyMGZi
OTZkNzM0ZTExNTlmYzJlOWQxMmY3N2U2ZDhkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjFtrP4FfEvucS+ej6533VZpqTJwHt0mhpQq2JlbxlwdGgbg0
VC0ZzXrOSnXL+No9h/7inDmp5xhpDX9H8PvgXBuzUpmKgq/NJ6slOM6y+qEcdCMU
5BX/xEjy1bNEJss5GgGYNCHD9F482zxV5ZLhtUsvsxgcJlZphUSOgPMrxjkg33yM
iRftVYtJKS9gwHZmsnw2o89qW7uRveKravefgDyDQUdP9tihvaKWA/jXY8nz3aKK
/55X9rpl2K8GXnJtMnXYibfwXEsZnBzXAc4WABnqQBaOqec+NCHZBeg/Bx60tHSQ
v0BZR6xiYElVmuFZ9YxsHFGXyQatWS+PcROK/QIDAQABo4ICtjCCArIwHQYDVR0O
BBYEFGhipF8fXpWbuFn5m4xqadkr+0MxMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5LzcxNDkzODhlNDIwZmI5NmQ3MzRlMTE1OWZjMmU5ZDEyZjc3ZTZkOGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB6BggrBgEFBQcBBwEB/wRr
MGkwZwQCAAEwYTALAwMBvloDBAC+WhgDBAK+WhwwDAMEAL5aIQMEAL5aIgMEAr5a
JAMEAr5aNDAMAwQCvlo8AwQDvlpwMAwDBAe+WoADBAO+WpADBAC+WpoDBAO+WtAD
BAC+WvADBAC+WvwwDQYJKoZIhvcNAQELBQADggEBADuDyfECXMg+yKxr00HRzs+2
cbuuxs6whdUaW+WELzLEaMTgrP+LsQpoSEA/F/O9NPfxakbG/IPPg4cQpEkT6w7Q
zIWbKrcLIVfqTKCVKzozJ768sWd6HvsspChLI3RohwsmzJhBvJmZTO5vWxt9ySDH
2lO1AFjt4bKpOq+YC/bvcdrYQ8OidceKJADDIDom3zVPwtqLeJPo4OJHB/nJrucv
H6S9TFEVFTGqTPou348yM34H1TOJ0rbCAcmfofhfB8rK06DXUHlkAiglODlXT/cd
cI0piUzQdltO6DrbKhd0xvxbMxcgsbpsjkQxBi9Cb8U/nVwI02PS8JFlf3fPYms=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:36 2023 by rpki-client on console-fra.rpki-client.org