Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/197b99d3f43a388468121c4378778588d946378c.roa
File:                     197b99d3f43a388468121c4378778588d946378c.roa (raw, json)
Hash identifier:          aYC5krE9lggnJZoOUsyXefC330cuBg0/mL8IUgMsYXE=
Subject key identifier:   98:51:A3:CA:EA:AB:A0:F4:C8:C3:4F:FE:4D:FF:B5:C7:64:5B:99:C5
Certificate issuer:       /CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
Certificate serial:       1BC450
Authority key identifier: DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/197b99d3f43a388468121c4378778588d946378c.roa
Signing time:             Mon 26 Sep 2022 19:32:05 +0000
ROA not before:           Mon 26 Sep 2022 19:30:02 +0000
ROA not after:            Thu 26 Sep 2024 19:30:02 +0000
asID:                     3816
IP address blocks:        161.18.0.0/20 maxlen: 20
                          161.18.32.0/22 maxlen: 22
                          161.18.36.0/22 maxlen: 22
                          161.18.40.0/22 maxlen: 22
                          161.18.44.0/22 maxlen: 22
                          161.18.48.0/22 maxlen: 22
                          161.18.52.0/22 maxlen: 22
                          161.18.56.0/22 maxlen: 22
                          161.18.60.0/22 maxlen: 22
                          161.18.64.0/20 maxlen: 20
                          161.18.80.0/20 maxlen: 20
                          161.18.104.0/21 maxlen: 21
                          161.18.112.0/20 maxlen: 20
                          161.18.128.0/19 maxlen: 19
                          161.18.160.0/19 maxlen: 19
                          161.18.192.0/20 maxlen: 20
                          161.18.208.0/20 maxlen: 20
                          161.18.224.0/22 maxlen: 22
                          161.18.228.0/22 maxlen: 22
                          161.18.232.0/22 maxlen: 22
                          161.18.236.0/22 maxlen: 22
                          161.18.240.0/22 maxlen: 22
                          161.18.244.0/22 maxlen: 22
                          161.18.248.0/22 maxlen: 22
                          161.18.252.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1819728 (0x1bc450)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
        Validity
            Not Before: Sep 26 19:30:02 2022 GMT
            Not After : Sep 26 19:30:02 2024 GMT
        Subject: CN=197b99d3f43a388468121c4378778588d946378c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:4e:29:8a:98:cb:d6:82:a8:5e:18:e3:0f:c9:
                    5d:6d:06:41:8e:8a:73:7e:e2:47:7e:46:65:b0:e1:
                    df:c2:16:24:d5:0c:21:c1:28:e2:40:a6:7e:f8:70:
                    61:34:5e:8b:e4:62:93:50:b9:c2:10:52:68:17:2b:
                    f4:73:fa:88:b7:6b:2e:4d:36:29:16:45:ec:5d:a1:
                    ea:ac:cc:ec:d5:71:1f:23:0a:ee:1a:12:7e:43:bb:
                    fe:b5:27:09:ac:e0:5d:ce:b5:50:6d:7a:da:75:76:
                    77:f4:84:60:6e:12:42:3e:98:4e:3b:7e:12:d5:4c:
                    78:99:f5:70:ef:f0:3e:59:a9:93:2e:85:88:19:c6:
                    2e:3a:eb:65:63:87:14:b2:25:fc:e0:92:e5:7a:a2:
                    27:37:c3:68:59:6b:fd:82:71:79:d1:e7:22:f6:f5:
                    50:a8:ad:a2:de:74:cc:a9:78:23:28:13:e0:b9:b3:
                    2a:18:ba:03:c1:cb:77:f2:3f:3b:22:43:f9:c7:4c:
                    48:eb:31:59:90:ef:c3:97:34:a8:fa:dc:f7:b0:1d:
                    b9:d4:87:ea:2f:60:31:12:d7:58:98:e4:01:06:55:
                    ff:ba:21:e8:60:aa:3a:3f:67:11:5d:0d:45:de:ab:
                    9a:3f:a4:fc:b8:39:7a:ad:51:32:d0:3d:51:ef:a5:
                    6e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:51:A3:CA:EA:AB:A0:F4:C8:C3:4F:FE:4D:FF:B5:C7:64:5B:99:C5
            X509v3 Authority Key Identifier:
                keyid:DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/197b99d3f43a388468121c4378778588d946378c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.18.0.0/20
                  161.18.32.0-161.18.95.255
                  161.18.104.0-161.18.255.255

    Signature Algorithm: sha256WithRSAEncryption
         13:51:02:46:ef:e1:a4:a2:42:05:02:3b:ad:ad:e2:6e:85:3e:
         b5:0f:c4:bd:4e:39:86:b7:19:ed:67:9f:ad:4a:83:7b:2a:44:
         52:a1:d0:0f:37:65:39:64:7e:c1:8b:26:d7:b2:06:2f:52:80:
         0f:ec:d0:fb:99:90:0a:e2:93:09:f5:76:76:a5:5c:90:70:ce:
         53:5d:f3:11:36:61:cd:5e:c7:ea:cd:39:db:b8:7a:7a:06:0a:
         69:a5:6e:79:91:ac:d7:9a:b7:ce:48:f9:7a:2c:27:d7:9e:cc:
         ee:24:eb:46:1a:35:b2:b8:6e:45:4c:83:c0:47:89:4f:d5:40:
         47:9d:ea:d1:21:31:a6:fb:17:7f:59:a6:6a:4a:ef:f9:e9:f4:
         32:17:8b:e1:be:e2:b0:19:15:f5:2f:20:40:a5:5b:ad:a4:7d:
         88:b8:c5:4b:d9:43:7d:ad:6e:53:dc:bb:d0:75:68:eb:65:59:
         d6:06:c5:48:a4:70:cb:da:d4:d3:d2:71:b2:d7:03:4d:07:c2:
         42:28:45:00:56:69:6c:b7:e1:45:9b:33:3c:b1:f3:92:5d:1c:
         f3:a7:63:34:bc:84:8a:36:0d:d5:15:49:f4:8c:18:ca:db:2a:
         66:6e:f9:81:13:1e:7f:37:05:58:ba:f9:a4:d8:9f:fd:71:27:
         d3:51:0c:26
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDG8RQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
NTgwMDc4ZjRmODk3ZmNmZGJhYTBkOTBjMmVjNmY0NjBlMzMyMjIwHhcNMjIwOTI2
MTkzMDAyWhcNMjQwOTI2MTkzMDAyWjAzMTEwLwYDVQQDEygxOTdiOTlkM2Y0M2Ez
ODg0NjgxMjFjNDM3ODc3ODU4OGQ5NDYzNzhjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgE4pipjL1oKoXhjjD8ldbQZBjopzfuJHfkZlsOHfwhYk1Qwh
wSjiQKZ++HBhNF6L5GKTULnCEFJoFyv0c/qIt2suTTYpFkXsXaHqrMzs1XEfIwru
GhJ+Q7v+tScJrOBdzrVQbXradXZ39IRgbhJCPphOO34S1Ux4mfVw7/A+WamTLoWI
GcYuOutlY4cUsiX84JLleqInN8NoWWv9gnF50eci9vVQqK2i3nTMqXgjKBPgubMq
GLoDwct38j87IkP5x0xI6zFZkO/DlzSo+tz3sB251IfqL2AxEtdYmOQBBlX/uiHo
YKo6P2cRXQ1F3quaP6T8uDl6rVEy0D1R76VuLwIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFJhRo8rqq6D0yMNP/k3/tcdkW5nFMB8GA1UdIwQYMBaAFN/Gyo1ROTKXljh0
TDeMs6BDDpW1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjM1ODAw
NzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzIwYjU1OGEtODllMC00YzllLWI2YzgtZDdjNjk0
NjMyMTIwLzE5N2I5OWQzZjQzYTM4ODQ2ODEyMWM0Mzc4Nzc4NTg4ZDk0NjM3OGMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMjBiNTU4YS04OWUwLTRjOWUtYjZjOC1kN2M2
OTQ2MzIxMjAvYjM1ODAwNzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIy
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQr
MCkwJwQCAAEwIQMEBKESADAMAwQFoRIgAwQFoRJAMAsDBAOhEmgDAwChEjANBgkq
hkiG9w0BAQsFAAOCAQEAE1ECRu/hpKJCBQI7ra3iboU+tQ/EvU45hrcZ7WefrUqD
eypEUqHQDzdlOWR+wYsm17IGL1KAD+zQ+5mQCuKTCfV2dqVckHDOU13zETZhzV7H
6s0527h6egYKaaVueZGs15q3zkj5eiwn157M7iTrRho1srhuRUyDwEeJT9VAR53q
0SExpvsXf1mmakrv+en0MheL4b7isBkV9S8gQKVbraR9iLjFS9lDfa1uU9y70HVo
62VZ1gbFSKRwy9rU09JxstcDTQfCQihFAFZpbLfhRZszPLHzkl0c86djNLyEijYN
1RVJ9IwYytsqZm75gRMefzcFWLr5pNif/XEn01EMJg==
-----END CERTIFICATE-----
Generated at Wed Aug 30 17:58:47 2023 by rpki-client on console-ams.rpki-client.org