Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bf770d2c-8158-4eb0-a55c-b5be63ecb817/4f1ecce04916471f4e5465de705d16438ee4d95a.roa
File:                     4f1ecce04916471f4e5465de705d16438ee4d95a.roa (raw, json)
Hash identifier:          pWUAPixit1zWXVW00PnIYfMYyv4Cb27qdt0bqHH6egQ=
Subject key identifier:   9E:B9:60:EE:68:29:58:19:DE:93:5B:A8:A2:B1:C0:79:69:8D:61:67
Certificate issuer:       /CN=296ae134c63fda98feba9ece79438406ecc84f03
Certificate serial:       208225
Authority key identifier: 8C:CF:F6:AD:9A:13:14:73:58:AC:E2:D8:C7:E3:B8:F5:0E:34:30:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/296ae134c63fda98feba9ece79438406ecc84f03.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bf770d2c-8158-4eb0-a55c-b5be63ecb817/4f1ecce04916471f4e5465de705d16438ee4d95a.roa
Signing time:             Fri 12 May 2023 08:30:05 +0000
ROA not before:           Thu 11 May 2023 08:30:05 +0000
ROA not after:            Sat 10 May 2025 08:30:05 +0000
asID:                     17079
IP address blocks:        143.0.104.0/22 maxlen: 24
                          181.189.176.0/20 maxlen: 24
                          200.85.0.0/23 maxlen: 24
                          200.85.4.0/22 maxlen: 24
                          200.85.8.0/21 maxlen: 24
                          200.85.16.0/20 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2130469 (0x208225)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296ae134c63fda98feba9ece79438406ecc84f03
        Validity
            Not Before: May 11 08:30:05 2023 GMT
            Not After : May 10 08:30:05 2025 GMT
        Subject: CN=4f1ecce04916471f4e5465de705d16438ee4d95a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:40:9d:33:d2:d3:93:20:0d:47:c0:e7:0f:8e:
                    34:fa:44:db:d0:0f:cd:54:68:7a:8a:cf:db:de:75:
                    4b:b6:ac:32:fe:fa:56:52:0b:f2:9f:22:39:ea:7e:
                    dc:85:ee:44:53:46:b0:89:27:f9:49:89:f1:7f:92:
                    4d:db:d4:6f:9d:f5:e0:61:a6:4c:43:c2:63:55:70:
                    4c:d9:56:7a:50:a0:c2:87:6c:68:20:5e:59:8d:f6:
                    37:c5:4d:04:2c:31:20:83:90:ad:d2:b5:8c:28:00:
                    fb:3b:32:c9:3f:61:ac:54:67:37:f5:60:97:e5:46:
                    0e:81:5d:36:6d:d1:df:78:56:3a:99:03:ca:93:da:
                    d9:a9:90:63:ad:56:32:a9:45:b2:43:40:3d:60:8a:
                    15:52:55:e5:09:d9:bf:bd:0e:70:cf:72:0a:8f:60:
                    64:1e:3e:ce:27:51:82:a1:ef:76:23:9d:9d:b9:6b:
                    0e:d4:d9:d9:af:4b:16:38:76:1c:a1:9d:bb:f1:03:
                    a7:cf:c2:2c:3c:25:a8:0b:21:48:40:ff:02:ed:5a:
                    8e:a2:59:1f:66:df:ae:6d:3b:cb:30:09:78:74:92:
                    05:ff:6c:2a:ad:50:84:55:89:d7:cf:30:f6:9f:d8:
                    70:c5:4d:b4:cc:72:6b:ab:fd:59:a1:49:93:5b:d4:
                    93:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:B9:60:EE:68:29:58:19:DE:93:5B:A8:A2:B1:C0:79:69:8D:61:67
            X509v3 Authority Key Identifier:
                keyid:8C:CF:F6:AD:9A:13:14:73:58:AC:E2:D8:C7:E3:B8:F5:0E:34:30:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/296ae134c63fda98feba9ece79438406ecc84f03.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bf770d2c-8158-4eb0-a55c-b5be63ecb817/4f1ecce04916471f4e5465de705d16438ee4d95a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bf770d2c-8158-4eb0-a55c-b5be63ecb817/296ae134c63fda98feba9ece79438406ecc84f03.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.0.104.0/22
                  181.189.176.0/20
                  200.85.0.0/23
                  200.85.4.0-200.85.31.255

    Signature Algorithm: sha256WithRSAEncryption
         76:f6:3b:81:a8:53:0a:87:d9:d5:1d:bf:b6:fa:28:a3:c0:5d:
         97:a8:1b:01:46:e0:02:92:05:07:b1:36:94:37:fa:91:e5:4c:
         c3:a1:28:1c:96:2f:dd:a9:a5:52:1c:2a:0d:ae:d0:aa:ed:29:
         9e:23:2c:9a:2d:2e:f5:31:78:8f:05:46:07:ff:b8:5c:43:13:
         ba:cf:6b:5e:7c:0e:b0:f0:ee:17:5c:e3:46:f5:db:30:99:7a:
         fe:4c:ce:4e:d8:62:7d:10:c8:2e:29:55:db:f9:0e:39:84:68:
         41:ac:ff:b1:33:b2:4f:05:ee:c2:7c:52:95:9b:67:46:fd:e2:
         7d:af:d2:d9:8a:3d:65:d4:a6:03:f6:42:10:84:89:7c:ac:44:
         b6:94:94:ba:b9:ee:4e:78:90:d0:65:6c:a4:e9:a2:24:65:a9:
         25:5b:a0:3d:ed:5b:18:d9:e2:46:53:f5:03:28:02:81:2e:2a:
         5a:30:6d:3e:5f:6a:47:14:5b:04:1d:d5:d7:fd:38:9f:fc:cd:
         dd:66:c8:82:d6:ca:a7:8e:e8:29:e8:11:33:7e:e3:55:8a:1e:
         e3:82:08:1a:8a:05:82:92:f9:08:d7:10:e8:2a:db:54:57:ac:
         9f:b1:93:13:1f:ef:ab:26:7e:c5:b9:ba:94:90:63:a3:ef:ee:
         5c:34:e8:d9
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDIIIlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
NmFlMTM0YzYzZmRhOThmZWJhOWVjZTc5NDM4NDA2ZWNjODRmMDMwHhcNMjMwNTEx
MDgzMDA1WhcNMjUwNTEwMDgzMDA1WjAzMTEwLwYDVQQDEyg0ZjFlY2NlMDQ5MTY0
NzFmNGU1NDY1ZGU3MDVkMTY0MzhlZTRkOTVhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy0CdM9LTkyANR8DnD440+kTb0A/NVGh6is/b3nVLtqwy/vpW
UgvynyI56n7che5EU0awiSf5SYnxf5JN29RvnfXgYaZMQ8JjVXBM2VZ6UKDCh2xo
IF5ZjfY3xU0ELDEgg5Ct0rWMKAD7OzLJP2GsVGc39WCX5UYOgV02bdHfeFY6mQPK
k9rZqZBjrVYyqUWyQ0A9YIoVUlXlCdm/vQ5wz3IKj2BkHj7OJ1GCoe92I52duWsO
1NnZr0sWOHYcoZ278QOnz8IsPCWoCyFIQP8C7VqOolkfZt+ubTvLMAl4dJIF/2wq
rVCEVYnXzzD2n9hwxU20zHJrq/1ZoUmTW9STQQIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFJ65YO5oKVgZ3pNbqKKxwHlpjWFnMB8GA1UdIwQYMBaAFIzP9q2aExRzWKzi
2MfjuPUONDASMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjk2YWUx
MzRjNjNmZGE5OGZlYmE5ZWNlNzk0Mzg0MDZlY2M4NGYwMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmY3NzBkMmMtODE1OC00ZWIwLWE1NWMtYjViZTYz
ZWNiODE3LzRmMWVjY2UwNDkxNjQ3MWY0ZTU0NjVkZTcwNWQxNjQzOGVlNGQ5NWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iZjc3MGQyYy04MTU4LTRlYjAtYTU1Yy1iNWJl
NjNlY2I4MTcvMjk2YWUxMzRjNjNmZGE5OGZlYmE5ZWNlNzk0Mzg0MDZlY2M4NGYw
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMEAo8AaAMEBLW9sAMEAchVADAMAwQCyFUEAwQFyFUAMA0GCSqG
SIb3DQEBCwUAA4IBAQB29juBqFMKh9nVHb+2+iijwF2XqBsBRuACkgUHsTaUN/qR
5UzDoSgcli/dqaVSHCoNrtCq7SmeIyyaLS71MXiPBUYH/7hcQxO6z2tefA6w8O4X
XONG9dswmXr+TM5O2GJ9EMguKVXb+Q45hGhBrP+xM7JPBe7CfFKVm2dG/eJ9r9LZ
ij1l1KYD9kIQhIl8rES2lJS6ue5OeJDQZWyk6aIkZaklW6A97VsY2eJGU/UDKAKB
LipaMG0+X2pHFFsEHdXX/Tif/M3dZsiC1sqnjugp6BEzfuNVih7jgggaigWCkvkI
1xDoKttUV6yfsZMTH++rJn7FubqUkGOj7+5cNOjZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:38 2023 by rpki-client on console-fra.rpki-client.org