Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/4437a4cfaaaff91b6cd2508fabb3fca008e46236.roa
File: 4437a4cfaaaff91b6cd2508fabb3fca008e46236.roa (raw, json)
Hash identifier: byxP/a01m6fYRGEwzoB7mILZIRN61kebfnHSM7vDgq4=
Subject key identifier: 8D:F6:0F:77:34:5D:57:71:0B:F5:42:8E:0C:4C:3C:35:86:0E:08:96
Certificate issuer: /CN=3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8
Certificate serial: 18CD20
Authority key identifier: C5:95:24:B5:C8:D5:68:1E:4A:E5:E7:6A:72:31:62:8B:87:82:41:88
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/4437a4cfaaaff91b6cd2508fabb3fca008e46236.roa
Signing time: Thu 16 Jun 2022 16:31:19 +0000
ROA not before: Sat 01 Jan 2022 03:00:00 +0000
ROA not after: Mon 01 Apr 2024 03:00:00 +0000
asID: 11014
IP address blocks: 131.0.232.0/22 maxlen: 24
2803:f580::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 31 Mar 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1625376 (0x18cd20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8
Validity
Not Before: Jan 1 03:00:00 2022 GMT
Not After : Apr 1 03:00:00 2024 GMT
Subject: CN=4437a4cfaaaff91b6cd2508fabb3fca008e46236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a5:34:1f:d8:98:6a:64:74:b6:79:d4:91:9e:
f2:07:72:9d:1d:8f:f8:80:ee:86:c8:79:f3:03:f6:
a3:28:44:42:02:05:af:15:06:41:7b:3e:a0:ca:5c:
1d:93:80:0e:e1:e7:00:0e:e8:0c:e2:29:5a:ea:3c:
a2:26:92:d3:15:06:75:96:30:92:6c:ab:75:60:c6:
eb:04:a7:7a:03:05:a4:53:42:c0:e7:9b:f4:d9:d9:
70:76:f2:9c:fa:63:12:07:e3:c6:4f:87:80:a6:42:
12:bc:dc:3e:0e:12:35:1b:e9:6b:ba:14:b9:63:59:
bf:85:2a:94:44:fc:b6:9e:08:d7:a4:10:b5:41:26:
14:5c:fd:51:3f:12:78:13:7f:9a:2e:c3:4b:12:9c:
87:a7:40:2d:a3:cd:76:d9:f9:02:46:c5:51:d8:11:
a9:bd:05:d3:49:bc:24:df:38:5c:28:dc:69:48:54:
39:b2:6c:f8:d5:04:70:34:3d:a7:66:b4:65:87:8e:
53:63:4f:27:c5:ce:ec:93:6d:aa:8f:70:fa:15:95:
1b:84:bc:7f:e1:30:28:21:5a:21:89:a3:c9:f7:45:
fe:c8:e0:f1:ef:9f:61:db:46:39:30:86:70:5f:8c:
0e:32:5d:fc:d0:7f:62:c8:4f:0f:ed:8c:56:49:61:
e2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F6:0F:77:34:5D:57:71:0B:F5:42:8E:0C:4C:3C:35:86:0E:08:96
X509v3 Authority Key Identifier:
keyid:C5:95:24:B5:C8:D5:68:1E:4A:E5:E7:6A:72:31:62:8B:87:82:41:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/4437a4cfaaaff91b6cd2508fabb3fca008e46236.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.0.232.0/22
IPv6:
2803:f580::/32
Signature Algorithm: sha256WithRSAEncryption
1e:64:75:bd:20:3c:2f:7f:24:f9:1b:83:98:d1:54:0e:e1:3a:
23:f0:dd:5c:de:80:6d:1c:98:8d:41:75:a9:81:7f:87:a9:63:
a3:88:53:75:0e:e9:36:be:51:7f:bc:12:3a:47:c9:bf:02:4f:
97:1d:e9:75:88:bd:75:f6:b9:70:d6:04:3b:8d:a0:bf:9a:60:
2f:4f:94:b1:77:30:0e:6c:61:d3:0f:51:a3:14:9d:d0:e2:12:
a4:5c:73:71:3c:b0:cd:19:2e:77:d8:89:77:ae:a2:51:29:79:
84:5e:f3:62:11:15:3f:d4:a6:52:ec:b8:9f:15:d0:f6:b0:53:
3b:5c:5a:7a:4a:7b:81:f9:07:2b:e2:e7:ad:a6:3c:40:e5:75:
43:ba:7b:08:d5:39:52:04:ff:1e:da:95:f2:fd:8b:f2:cd:d1:
a0:18:f5:da:6b:12:1e:9f:50:fd:ce:d2:e4:08:fe:2e:fc:4d:
65:1e:80:b7:fc:7b:07:e2:22:e2:90:a7:f6:38:e8:64:d1:94:
0d:b0:cb:9a:ae:95:60:fc:fd:7d:e4:7c:3d:15:ff:33:08:28:
ae:a3:a4:64:24:02:b6:1e:40:01:5d:fa:3c:ce:9a:8a:b4:df:
47:a0:5f:75:1b:79:72:c8:3c:d2:ff:78:f5:7f:9d:98:a4:70:
7d:aa:2e:aa
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGM0gMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNh
NjQyZjBmNWJmMWY0MjZjMTRhYjk4NGE1ZWVjNWNjMTIxOWY0YTgwHhcNMjIwMTAx
MDMwMDAwWhcNMjQwNDAxMDMwMDAwWjAzMTEwLwYDVQQDEyg0NDM3YTRjZmFhYWZm
OTFiNmNkMjUwOGZhYmIzZmNhMDA4ZTQ2MjM2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh6U0H9iYamR0tnnUkZ7yB3KdHY/4gO6GyHnzA/ajKERCAgWv
FQZBez6gylwdk4AO4ecADugM4ila6jyiJpLTFQZ1ljCSbKt1YMbrBKd6AwWkU0LA
55v02dlwdvKc+mMSB+PGT4eApkISvNw+DhI1G+lruhS5Y1m/hSqURPy2ngjXpBC1
QSYUXP1RPxJ4E3+aLsNLEpyHp0Ato8122fkCRsVR2BGpvQXTSbwk3zhcKNxpSFQ5
smz41QRwND2nZrRlh45TY08nxc7sk22qj3D6FZUbhLx/4TAoIVohiaPJ90X+yODx
759h20Y5MIZwX4wOMl380H9iyE8P7YxWSWHi4QIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFI32D3c0XVdxC/VCjgxMPDWGDgiWMB8GA1UdIwQYMBaAFMWVJLXI1WgeSuXn
anIxYouHgkGIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2E2NDJm
MGY1YmYxZjQyNmMxNGFiOTg0YTVlZWM1Y2MxMjE5ZjRhOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmE1YTE1OGMtMjdiNy00OGE2LThlOTYtYmJmOTAy
YzIwNDA4LzQ0MzdhNGNmYWFhZmY5MWI2Y2QyNTA4ZmFiYjNmY2EwMDhlNDYyMzYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYTVhMTU4Yy0yN2I3LTQ4YTYtOGU5Ni1iYmY5
MDJjMjA0MDgvM2E2NDJmMGY1YmYxZjQyNmMxNGFiOTg0YTVlZWM1Y2MxMjE5ZjRh
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoMA6DANBAIAAjAHAwUAKAP1gDANBgkqhkiG9w0BAQsFAAOC
AQEAHmR1vSA8L38k+RuDmNFUDuE6I/DdXN6AbRyYjUF1qYF/h6ljo4hTdQ7pNr5R
f7wSOkfJvwJPlx3pdYi9dfa5cNYEO42gv5pgL0+UsXcwDmxh0w9RoxSd0OISpFxz
cTywzRkud9iJd66iUSl5hF7zYhEVP9SmUuy4nxXQ9rBTO1xaekp7gfkHK+LnraY8
QOV1Q7p7CNU5UgT/HtqV8v2L8s3RoBj12msSHp9Q/c7S5Aj+LvxNZR6At/x7B+Ii
4pCn9jjoZNGUDbDLmq6VYPz9feR8PRX/MwgorqOkZCQCth5AAV36PM6airTfR6Bf
dRt5csg80v949X+dmKRwfaouqg==
-----END CERTIFICATE-----
Generated at Sun Mar 31 16:34:05 2024 by rpki-client on console-fra.rpki-client.org