Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/518f1a92f31cc706e1d857995e62e8b88703fc7b.roa
File:                     518f1a92f31cc706e1d857995e62e8b88703fc7b.roa (raw, json)
Hash identifier:          7wP16/pGtLbAjFFPhNyBGQKMtrQ4kQBljZCpIjEF5xU=
Subject key identifier:   C6:1F:20:A5:E5:E6:87:25:1F:D5:1E:4F:DC:D1:39:27:01:2C:66:C9
Certificate issuer:       /CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
Certificate serial:       1C31A6
Authority key identifier: DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/518f1a92f31cc706e1d857995e62e8b88703fc7b.roa
Signing time:             Wed 28 Sep 2022 14:02:57 +0000
ROA not before:           Wed 28 Sep 2022 14:01:24 +0000
ROA not after:            Sat 28 Sep 2024 14:01:24 +0000
asID:                     3816
IP address blocks:        200.21.0.0/19 maxlen: 19
                          200.21.2.0/24 maxlen: 24
                          200.21.4.0/24 maxlen: 24
                          200.21.9.0/24 maxlen: 24
                          200.21.18.0/24 maxlen: 24
                          200.21.20.0/24 maxlen: 24
                          200.21.22.0/24 maxlen: 24
                          200.21.23.0/24 maxlen: 24
                          200.21.26.0/23 maxlen: 23
                          200.21.32.0/19 maxlen: 19
                          200.21.33.0/24 maxlen: 24
                          200.21.45.0/24 maxlen: 24
                          200.21.49.0/24 maxlen: 24
                          200.21.51.0/24 maxlen: 24
                          200.21.64.0/19 maxlen: 19
                          200.21.96.0/19 maxlen: 19
                          200.21.109.0/24 maxlen: 24
                          200.21.114.0/24 maxlen: 24
                          200.21.128.0/19 maxlen: 19
                          200.21.146.0/24 maxlen: 24
                          200.21.160.0/19 maxlen: 19
                          200.21.164.0/22 maxlen: 22
                          200.21.192.0/19 maxlen: 19
                          200.21.192.0/24 maxlen: 24
                          200.21.195.0/24 maxlen: 24
                          200.21.200.0/24 maxlen: 24
                          200.21.209.0/24 maxlen: 24
                          200.21.224.0/19 maxlen: 19
                          200.21.228.0/22 maxlen: 22
                          200.21.240.0/24 maxlen: 24
                          200.21.242.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1847718 (0x1c31a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
        Validity
            Not Before: Sep 28 14:01:24 2022 GMT
            Not After : Sep 28 14:01:24 2024 GMT
        Subject: CN=518f1a92f31cc706e1d857995e62e8b88703fc7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:3e:3b:85:ed:de:5e:35:01:ab:cf:6d:8e:c2:
                    e9:e0:a8:26:bd:cc:22:14:9b:dd:f8:9d:c1:d5:b1:
                    b7:ff:e8:f7:fb:87:0e:bd:bf:7e:0b:f9:c7:16:e0:
                    f0:cb:e2:9f:a9:fc:f4:49:39:e6:ff:d0:31:4a:67:
                    8e:b9:cc:52:de:de:57:e4:a1:ce:26:06:86:09:ec:
                    80:02:e2:0f:27:41:37:59:09:81:4b:20:fd:91:69:
                    f3:30:6d:66:28:d0:60:62:ce:f2:3e:7b:00:75:dc:
                    c4:97:3f:78:96:84:e0:08:da:ea:ce:6f:79:34:f7:
                    75:46:cd:44:f3:41:86:53:4d:e9:88:c3:6a:d7:a6:
                    f3:a8:b0:10:4a:2e:ae:34:b2:4c:c9:e4:37:92:5b:
                    ae:45:97:1b:7c:24:ea:b4:66:7f:d0:0f:78:12:81:
                    81:0e:ab:20:28:bc:ea:4f:68:3c:c9:2d:4e:dd:ac:
                    c3:b4:c8:15:95:f7:e3:55:ec:a5:0b:65:7e:e2:d9:
                    f8:8a:e8:8c:22:a4:de:9f:2c:6f:b2:ad:09:b5:fb:
                    c9:bd:9a:69:50:3d:d0:00:12:e3:e2:14:0f:53:2b:
                    6d:63:c5:e2:aa:7a:9b:f5:54:74:41:84:dd:d6:51:
                    c2:c8:4f:c7:ff:df:7d:1a:a7:88:5b:05:7a:87:04:
                    59:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:1F:20:A5:E5:E6:87:25:1F:D5:1E:4F:DC:D1:39:27:01:2C:66:C9
            X509v3 Authority Key Identifier:
                keyid:DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/518f1a92f31cc706e1d857995e62e8b88703fc7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.21.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         32:33:32:96:7c:34:4b:11:e3:31:65:b8:b5:6b:e4:b6:cc:7d:
         93:cd:a1:77:31:f1:c0:01:60:53:e7:70:3c:8d:85:da:eb:63:
         7f:40:88:72:52:60:bd:4f:d5:5e:98:2d:14:ad:0c:2f:44:77:
         c9:24:30:28:d2:23:13:23:5c:5b:e2:21:79:e5:71:e0:40:e1:
         f1:e4:b1:db:60:56:3d:4b:af:56:65:78:f4:74:12:c4:c6:4d:
         d1:98:98:51:9b:22:b9:a7:36:29:27:e0:49:31:38:e3:e5:d8:
         91:67:d5:48:8c:3c:56:a4:3a:41:92:3a:49:59:1e:0c:35:e4:
         5c:8a:3d:0c:fb:70:b0:10:a6:a0:9f:e3:dc:52:d2:af:52:68:
         a1:a0:e3:87:f9:e1:0a:48:98:87:22:3e:b3:b5:6f:35:f7:94:
         7e:9a:e3:c3:89:e9:51:ad:81:e1:ff:2d:85:2b:e4:a4:78:50:
         07:22:17:5c:e5:4c:3a:db:e0:09:67:38:ad:38:6a:2c:e0:24:
         f2:ab:e5:94:12:5c:1a:38:26:24:2f:4f:35:b7:f1:a0:77:63:
         52:88:b1:80:f9:c7:e0:4c:2c:21:b3:5d:2d:92:28:73:10:2c:
         8f:b8:32:83:0f:52:36:74:b1:81:c2:3f:f6:2b:9a:0a:62:33:
         10:1e:41:5e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIDHDGmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
NTgwMDc4ZjRmODk3ZmNmZGJhYTBkOTBjMmVjNmY0NjBlMzMyMjIwHhcNMjIwOTI4
MTQwMTI0WhcNMjQwOTI4MTQwMTI0WjAzMTEwLwYDVQQDEyg1MThmMWE5MmYzMWNj
NzA2ZTFkODU3OTk1ZTYyZThiODg3MDNmYzdiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhD47he3eXjUBq89tjsLp4KgmvcwiFJvd+J3B1bG3/+j3+4cO
vb9+C/nHFuDwy+Kfqfz0STnm/9AxSmeOucxS3t5X5KHOJgaGCeyAAuIPJ0E3WQmB
SyD9kWnzMG1mKNBgYs7yPnsAddzElz94loTgCNrqzm95NPd1Rs1E80GGU03piMNq
16bzqLAQSi6uNLJMyeQ3kluuRZcbfCTqtGZ/0A94EoGBDqsgKLzqT2g8yS1O3azD
tMgVlffjVeylC2V+4tn4iuiMIqTenyxvsq0JtfvJvZppUD3QABLj4hQPUyttY8Xi
qnqb9VR0QYTd1lHCyE/H/999GqeIWwV6hwRZqwIDAQABo4ICWjCCAlYwHQYDVR0O
BBYEFMYfIKXl5oclH9UeT9zROScBLGbJMB8GA1UdIwQYMBaAFN/Gyo1ROTKXljh0
TDeMs6BDDpW1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjM1ODAw
NzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzIwYjU1OGEtODllMC00YzllLWI2YzgtZDdjNjk0
NjMyMTIwLzUxOGYxYTkyZjMxY2M3MDZlMWQ4NTc5OTVlNjJlOGI4ODcwM2ZjN2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMjBiNTU4YS04OWUwLTRjOWUtYjZjOC1kN2M2
OTQ2MzIxMjAvYjM1ODAwNzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIy
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAMgVMA0GCSqGSIb3DQEBCwUAA4IBAQAyMzKWfDRLEeMxZbi1
a+S2zH2TzaF3MfHAAWBT53A8jYXa62N/QIhyUmC9T9VemC0UrQwvRHfJJDAo0iMT
I1xb4iF55XHgQOHx5LHbYFY9S69WZXj0dBLExk3RmJhRmyK5pzYpJ+BJMTjj5diR
Z9VIjDxWpDpBkjpJWR4MNeRcij0M+3CwEKagn+PcUtKvUmihoOOH+eEKSJiHIj6z
tW8195R+muPDielRrYHh/y2FK+SkeFAHIhdc5Uw62+AJZzitOGos4CTyq+WUElwa
OCYkL081t/Ggd2NSiLGA+cfgTCwhs10tkihzECyPuDKDD1I2dLGBwj/2K5oKYjMQ
HkFe
-----END CERTIFICATE-----
Generated at Wed Aug 30 17:58:47 2023 by rpki-client on console-ams.rpki-client.org