Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/06d2356ae672e6b1c57a84707a6fdbdd33a78049.roa
File:                     06d2356ae672e6b1c57a84707a6fdbdd33a78049.roa (raw, json)
Hash identifier:          gFlubsb1HKKigMNYoPjctGGsIjZlqnTGWNrI3vpnVFw=
Subject key identifier:   4B:0D:1B:1C:E0:7A:CC:3A:32:5C:5F:72:6B:A0:F3:97:11:94:08:5A
Certificate issuer:       /CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
Certificate serial:       1C04F6
Authority key identifier: DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/06d2356ae672e6b1c57a84707a6fdbdd33a78049.roa
Signing time:             Tue 27 Sep 2022 14:11:25 +0000
ROA not before:           Tue 27 Sep 2022 14:09:59 +0000
ROA not after:            Fri 27 Sep 2024 14:09:59 +0000
asID:                     3816
IP address blocks:        186.168.0.0/20 maxlen: 20
                          186.168.16.0/20 maxlen: 20
                          186.168.32.0/19 maxlen: 19
                          186.168.64.0/21 maxlen: 21
                          186.168.72.0/21 maxlen: 21
                          186.168.80.0/21 maxlen: 21
                          186.168.88.0/23 maxlen: 23
                          186.168.90.0/24 maxlen: 24
                          186.168.91.0/24 maxlen: 24
                          186.168.92.0/22 maxlen: 22
                          186.168.96.0/19 maxlen: 19
                          186.168.128.0/19 maxlen: 19
                          186.168.160.0/19 maxlen: 19
                          186.168.192.0/20 maxlen: 20
                          186.168.208.0/21 maxlen: 21
                          186.168.216.0/22 maxlen: 22
                          186.168.224.0/24 maxlen: 24
                          186.168.225.0/24 maxlen: 24
                          186.168.226.0/24 maxlen: 24
                          186.168.227.0/24 maxlen: 24
                          186.168.228.0/22 maxlen: 22
                          186.168.232.0/21 maxlen: 21
                          186.168.240.0/20 maxlen: 20
                          186.169.4.0/22 maxlen: 22
                          186.169.8.0/21 maxlen: 21
                          186.169.16.0/21 maxlen: 21
                          186.169.24.0/21 maxlen: 21
                          186.169.32.0/20 maxlen: 20
                          186.169.48.0/20 maxlen: 20
                          186.169.64.0/20 maxlen: 20
                          186.169.80.0/20 maxlen: 20
                          186.169.96.0/19 maxlen: 19
                          186.169.128.0/17 maxlen: 17

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1836278 (0x1c04f6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
        Validity
            Not Before: Sep 27 14:09:59 2022 GMT
            Not After : Sep 27 14:09:59 2024 GMT
        Subject: CN=06d2356ae672e6b1c57a84707a6fdbdd33a78049
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:6a:5f:de:2e:db:17:43:d1:2c:80:1d:d2:02:
                    2b:36:10:3a:f4:e4:2a:00:de:9b:60:e0:a6:89:d3:
                    85:7e:cd:d9:84:0f:99:8d:b3:5a:09:f3:6b:10:fc:
                    d5:5b:68:73:77:ba:57:25:1a:fc:f8:65:3a:44:b8:
                    c3:d1:79:12:ec:3b:f0:e6:24:9b:4e:7b:b6:4c:73:
                    2c:49:cd:59:bf:b0:4b:18:b0:8e:50:2c:c5:f0:c0:
                    d1:8c:59:77:15:43:47:f4:aa:da:89:4a:fc:18:71:
                    2d:9d:a1:9c:69:90:ed:2e:aa:f5:e3:7c:62:85:a0:
                    d0:0f:03:16:52:06:ee:e9:68:9a:9e:56:fc:65:e8:
                    10:e4:33:16:99:b8:64:dc:2b:76:1a:cf:67:63:9f:
                    1a:29:2d:98:16:9a:1b:c6:76:35:d0:93:d3:53:95:
                    a1:b7:21:1a:46:10:e0:07:eb:59:98:eb:cf:1c:c7:
                    2f:a4:46:5d:d9:58:d0:46:96:d9:97:ee:8f:0a:44:
                    77:a5:1f:7e:38:78:1d:ba:18:c8:d9:42:cc:72:73:
                    07:ed:dd:96:7c:c7:c7:e9:65:0c:5b:bd:78:f2:5a:
                    35:b2:6d:60:22:00:c8:e3:05:96:d8:76:0d:c4:db:
                    d2:d6:08:93:de:22:1d:d7:d2:fe:b7:ac:c4:36:41:
                    af:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:0D:1B:1C:E0:7A:CC:3A:32:5C:5F:72:6B:A0:F3:97:11:94:08:5A
            X509v3 Authority Key Identifier:
                keyid:DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/06d2356ae672e6b1c57a84707a6fdbdd33a78049.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.168.0.0-186.168.219.255
                  186.168.224.0/19
                  186.169.4.0-186.169.255.255

    Signature Algorithm: sha256WithRSAEncryption
         07:60:8e:f1:07:c1:a6:70:07:81:a1:f3:97:5d:be:78:80:d6:
         4c:3f:16:75:ef:b3:23:1e:aa:61:a1:7f:dd:dd:d7:f0:96:a2:
         92:b9:94:3a:80:cf:a9:1f:7e:29:c5:25:69:77:ce:00:c3:50:
         20:eb:59:75:7b:a3:b5:40:29:fb:7c:69:1c:ea:06:8c:5c:44:
         94:74:23:c3:d1:45:d7:1a:b4:c5:db:ec:6a:f3:6d:23:bd:01:
         51:81:5b:2e:2f:74:83:81:6f:79:94:0f:74:69:e4:79:09:76:
         0e:de:62:5b:09:ab:b6:8a:7c:89:f6:04:64:bd:b1:99:19:22:
         39:c2:62:4b:6b:20:14:82:27:a0:45:bb:05:22:b7:81:09:c8:
         00:5a:af:ed:dd:3f:d2:e8:2d:d6:c7:1b:27:3e:47:65:5a:d1:
         08:6a:aa:67:c1:ba:76:ab:c5:83:5b:14:a1:82:26:4d:cc:7d:
         15:be:c4:e8:af:83:9d:32:de:16:30:55:b2:aa:f9:86:58:aa:
         d1:b0:4e:2b:ae:ce:7c:b4:27:09:c5:bd:b8:34:db:bf:c1:b1:
         95:99:f8:e0:e6:5f:14:9f:f8:df:d5:08:9a:6c:9a:d3:3d:1c:
         55:f9:d1:10:e6:f5:be:aa:06:4c:46:10:23:ee:76:a2:9a:76:
         63:33:ac:8c
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDHAT2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
NTgwMDc4ZjRmODk3ZmNmZGJhYTBkOTBjMmVjNmY0NjBlMzMyMjIwHhcNMjIwOTI3
MTQwOTU5WhcNMjQwOTI3MTQwOTU5WjAzMTEwLwYDVQQDEygwNmQyMzU2YWU2NzJl
NmIxYzU3YTg0NzA3YTZmZGJkZDMzYTc4MDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyWpf3i7bF0PRLIAd0gIrNhA69OQqAN6bYOCmidOFfs3ZhA+Z
jbNaCfNrEPzVW2hzd7pXJRr8+GU6RLjD0XkS7Dvw5iSbTnu2THMsSc1Zv7BLGLCO
UCzF8MDRjFl3FUNH9KraiUr8GHEtnaGcaZDtLqr143xihaDQDwMWUgbu6Wianlb8
ZegQ5DMWmbhk3Ct2Gs9nY58aKS2YFpobxnY10JPTU5WhtyEaRhDgB+tZmOvPHMcv
pEZd2VjQRpbZl+6PCkR3pR9+OHgduhjI2ULMcnMH7d2WfMfH6WUMW7148lo1sm1g
IgDI4wWW2HYNxNvS1giT3iId19L+t6zENkGveQIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFEsNGxzgesw6Mlxfcmug85cRlAhaMB8GA1UdIwQYMBaAFN/Gyo1ROTKXljh0
TDeMs6BDDpW1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjM1ODAw
NzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzIwYjU1OGEtODllMC00YzllLWI2YzgtZDdjNjk0
NjMyMTIwLzA2ZDIzNTZhZTY3MmU2YjFjNTdhODQ3MDdhNmZkYmRkMzNhNzgwNDku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMjBiNTU4YS04OWUwLTRjOWUtYjZjOC1kN2M2
OTQ2MzIxMjAvYjM1ODAwNzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIy
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIDALAwMDuqgDBAK6qNgDBAW6qOAwCwMEArqpBAMDAbqoMA0GCSqG
SIb3DQEBCwUAA4IBAQAHYI7xB8GmcAeBofOXXb54gNZMPxZ177MjHqphoX/d3dfw
lqKSuZQ6gM+pH34pxSVpd84Aw1Ag61l1e6O1QCn7fGkc6gaMXESUdCPD0UXXGrTF
2+xq820jvQFRgVsuL3SDgW95lA90aeR5CXYO3mJbCau2inyJ9gRkvbGZGSI5wmJL
ayAUgiegRbsFIreBCcgAWq/t3T/S6C3WxxsnPkdlWtEIaqpnwbp2q8WDWxShgiZN
zH0VvsTor4OdMt4WMFWyqvmGWKrRsE4rrs58tCcJxb24NNu/wbGVmfjg5l8Un/jf
1QiabJrTPRxV+dEQ5vW+qgZMRhAj7naimnZjM6yM
-----END CERTIFICATE-----
Generated at Wed Aug 30 18:08:10 2023 by rpki-client on console-fra.rpki-client.org