Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/28a5222ce44bc1efda0d08f1feb5d05dc18df0d8.roa
File: 28a5222ce44bc1efda0d08f1feb5d05dc18df0d8.roa (raw, json)
Hash identifier: fH15iN5cSilJ5EP+sTNY1ZKrJbNJa+FLQIQSUmRgziE=
Subject key identifier: 38:6C:CB:98:9E:6E:BA:FC:3A:A3:7A:08:53:CA:90:B8:5E:7C:CA:A8
Certificate issuer: /CN=0e2555d6d6cd9849fdcea4cd3f4d423880fbd420
Certificate serial: 09709C
Authority key identifier: 38:2C:BB:1B:5E:B4:5B:2C:41:12:FB:09:8A:5D:5A:FE:89:5B:B3:D7
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/28a5222ce44bc1efda0d08f1feb5d05dc18df0d8.roa
Signing time: Wed 24 Mar 2021 22:51:24 +0000
ROA not before: Wed 24 Mar 2021 22:47:59 +0000
ROA not after: Fri 24 Mar 2023 22:47:59 +0000
asID: 52271
IP address blocks: 167.250.208.0/24 maxlen: 24
167.250.209.0/24 maxlen: 24
167.250.210.0/24 maxlen: 24
167.250.211.0/24 maxlen: 24
170.239.48.0/24 maxlen: 24
170.239.49.0/24 maxlen: 24
170.239.50.0/24 maxlen: 24
170.239.51.0/24 maxlen: 24
190.112.56.0/24 maxlen: 24
190.112.57.0/24 maxlen: 24
190.112.58.0/24 maxlen: 24
190.112.59.0/24 maxlen: 24
190.112.60.0/24 maxlen: 24
190.112.61.0/24 maxlen: 24
190.112.62.0/24 maxlen: 24
190.112.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 618652 (0x9709c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e2555d6d6cd9849fdcea4cd3f4d423880fbd420
Validity
Not Before: Mar 24 22:47:59 2021 GMT
Not After : Mar 24 22:47:59 2023 GMT
Subject: CN=28a5222ce44bc1efda0d08f1feb5d05dc18df0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:80:d5:92:36:9d:88:01:d8:0b:3e:23:54:f5:
12:b8:3c:20:95:90:03:db:8f:18:d6:46:34:d5:af:
56:37:23:a7:d8:3f:09:42:32:c6:e7:55:b2:07:d9:
6d:df:0c:0d:49:bf:4e:cd:d0:a8:ed:26:a8:53:f1:
11:83:d8:85:5e:d2:dd:1e:cd:0a:11:ab:7f:bf:ef:
df:c4:75:d1:df:13:f8:38:58:80:e6:b0:73:78:a5:
80:e7:b6:b0:b4:6a:ac:a8:9f:88:a5:5c:8a:d3:5d:
77:2c:b1:1c:2c:ad:27:81:35:e1:81:b4:46:d1:9b:
c9:c3:67:09:07:29:e7:dd:1c:98:49:0d:83:0c:63:
ca:be:5b:6e:bb:85:d3:16:7b:af:4f:83:6e:64:af:
36:8a:44:b5:54:78:3e:61:fa:74:9d:c7:bf:d0:55:
2a:e1:b8:52:96:df:fe:c8:ba:87:64:78:38:49:55:
bb:6d:7b:0c:8b:95:da:ff:64:8b:56:bf:42:1a:6a:
3a:13:aa:79:ea:89:1e:72:80:b9:ac:30:35:f1:fa:
15:bd:b4:82:bc:94:79:43:19:d9:b6:c1:04:58:b5:
66:95:64:5a:57:39:47:9c:a1:ff:91:39:38:b4:b5:
72:70:48:49:21:a4:13:7a:78:3d:d1:86:2d:3c:71:
39:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6C:CB:98:9E:6E:BA:FC:3A:A3:7A:08:53:CA:90:B8:5E:7C:CA:A8
X509v3 Authority Key Identifier:
keyid:38:2C:BB:1B:5E:B4:5B:2C:41:12:FB:09:8A:5D:5A:FE:89:5B:B3:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/28a5222ce44bc1efda0d08f1feb5d05dc18df0d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.250.208.0/22
170.239.48.0/22
190.112.56.0/21
Signature Algorithm: sha256WithRSAEncryption
71:3e:4c:3d:b3:b7:81:c6:3b:f6:4d:b1:dd:7b:38:3b:c2:c8:
e4:59:e6:ba:9e:24:bf:57:eb:5a:d1:c3:75:ba:48:f8:d1:65:
3d:31:1f:e6:97:41:32:bd:a8:3b:37:08:73:e0:c7:c8:f3:39:
6a:19:be:7a:f9:06:03:b4:42:ae:ca:ab:56:e5:5f:05:f4:fc:
44:1a:f3:fe:ae:f2:64:6f:08:88:5d:36:9e:e9:c3:73:dd:03:
f7:8c:cc:3f:69:d9:ca:a3:09:14:00:e8:90:7a:c5:27:cb:d6:
56:c2:14:8e:27:81:2d:4f:c9:d6:35:78:87:d9:24:4f:29:47:
74:83:9f:d6:5c:13:b7:b1:1e:7a:bf:9b:36:7d:04:f8:73:e7:
e3:13:79:ea:51:38:aa:1a:47:fd:21:02:80:73:26:73:f6:43:
d6:6a:f2:f1:35:40:86:32:38:9f:bd:42:54:40:67:9d:d3:c2:
79:27:07:8b:82:37:83:20:d6:fc:b0:7e:7a:54:c3:cf:c4:80:
e5:ca:45:f3:8d:1b:af:de:f3:1b:d2:9d:60:56:48:34:e8:3a:
7f:b0:3a:e2:01:49:be:f7:1f:c7:b5:e9:11:48:2e:3d:07:32:
c6:ea:40:9c:1e:94:3b:9b:dd:df:98:3a:71:d9:39:96:79:9c:
b7:23:7b:1e
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDCXCcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBl
MjU1NWQ2ZDZjZDk4NDlmZGNlYTRjZDNmNGQ0MjM4ODBmYmQ0MjAwHhcNMjEwMzI0
MjI0NzU5WhcNMjMwMzI0MjI0NzU5WjAzMTEwLwYDVQQDEygyOGE1MjIyY2U0NGJj
MWVmZGEwZDA4ZjFmZWI1ZDA1ZGMxOGRmMGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA34DVkjadiAHYCz4jVPUSuDwglZAD248Y1kY01a9WNyOn2D8J
QjLG51WyB9lt3wwNSb9OzdCo7SaoU/ERg9iFXtLdHs0KEat/v+/fxHXR3xP4OFiA
5rBzeKWA57awtGqsqJ+IpVyK0113LLEcLK0ngTXhgbRG0ZvJw2cJBynn3RyYSQ2D
DGPKvltuu4XTFnuvT4NuZK82ikS1VHg+Yfp0nce/0FUq4bhSlt/+yLqHZHg4SVW7
bXsMi5Xa/2SLVr9CGmo6E6p56okecoC5rDA18foVvbSCvJR5QxnZtsEEWLVmlWRa
VzlHnKH/kTk4tLVycEhJIaQTeng90YYtPHE5AQIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFDhsy5iebrr8OqN6CFPKkLhefMqoMB8GA1UdIwQYMBaAFDgsuxtetFssQRL7
CYpdWv6JW7PXMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGUyNTU1
ZDZkNmNkOTg0OWZkY2VhNGNkM2Y0ZDQyMzg4MGZiZDQyMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWY0Mjg1NjgtZmEzNC00N2MyLWEzYjQtYWYzMjM2
Zjg3ODljLzI4YTUyMjJjZTQ0YmMxZWZkYTBkMDhmMWZlYjVkMDVkYzE4ZGYwZDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hZjQyODU2OC1mYTM0LTQ3YzItYTNiNC1hZjMy
MzZmODc4OWMvMGUyNTU1ZDZkNmNkOTg0OWZkY2VhNGNkM2Y0ZDQyMzg4MGZiZDQy
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAqf60AMEAqrvMAMEA75wODANBgkqhkiG9w0BAQsFAAOCAQEA
cT5MPbO3gcY79k2x3Xs4O8LI5Fnmup4kv1frWtHDdbpI+NFlPTEf5pdBMr2oOzcI
c+DHyPM5ahm+evkGA7RCrsqrVuVfBfT8RBrz/q7yZG8IiF02nunDc90D94zMP2nZ
yqMJFADokHrFJ8vWVsIUjieBLU/J1jV4h9kkTylHdIOf1lwTt7Eeer+bNn0E+HPn
4xN56lE4qhpH/SECgHMmc/ZD1mry8TVAhjI4n71CVEBnndPCeScHi4I3gyDW/LB+
elTDz8SA5cpF840br97zG9KdYFZINOg6f7A64gFJvvcfx7XpEUguPQcyxupAnB6U
O5vd35g6cdk5lnmctyN7Hg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:51 2023 by rpki-client on console-ams.rpki-client.org