Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/603a87d394ac407937cf2bcc1878a5d5b96f6762.roa
File: 603a87d394ac407937cf2bcc1878a5d5b96f6762.roa (raw, json)
Hash identifier: GurCJRFKDeNaOg9wTIK4DTi0nKw2m6xcv0acsaC5UUg=
Subject key identifier: 68:99:14:8E:B6:02:D4:E7:85:09:8D:8A:96:C7:CE:15:61:FC:E1:69
Certificate issuer: /CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
Certificate serial: 1BC929
Authority key identifier: DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/603a87d394ac407937cf2bcc1878a5d5b96f6762.roa
Signing time: Mon 26 Sep 2022 19:33:44 +0000
ROA not before: Mon 26 Sep 2022 19:32:08 +0000
ROA not after: Thu 26 Sep 2024 19:32:08 +0000
asID: 3816
IP address blocks: 167.0.0.0/19 maxlen: 19
167.0.32.0/19 maxlen: 19
167.0.64.0/19 maxlen: 19
167.0.96.0/19 maxlen: 19
167.0.128.0/19 maxlen: 19
167.0.160.0/19 maxlen: 19
167.0.192.0/20 maxlen: 20
167.0.208.0/20 maxlen: 20
167.0.224.0/20 maxlen: 20
167.0.240.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1820969 (0x1bc929)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
Validity
Not Before: Sep 26 19:32:08 2022 GMT
Not After : Sep 26 19:32:08 2024 GMT
Subject: CN=603a87d394ac407937cf2bcc1878a5d5b96f6762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:05:c2:0a:05:dd:92:42:95:6c:30:35:ea:f2:
8a:f7:27:87:10:f6:23:a5:9e:b5:4a:85:bd:d9:00:
8d:80:1e:f6:25:56:e8:d6:bc:7c:b7:a8:c4:53:5c:
80:92:31:35:10:16:8f:3a:11:8e:75:aa:fa:1d:64:
eb:8c:8a:e6:ca:40:18:09:d0:98:e4:01:3c:67:18:
de:b9:fc:70:45:0c:2e:a6:18:fa:cc:3a:3a:28:8c:
f6:c7:7a:b5:91:26:6c:01:ae:f7:28:b1:16:b0:8b:
1a:3c:25:d9:af:98:8d:20:22:37:ab:d1:53:89:d0:
ed:92:01:39:a4:b3:a3:32:f5:9b:5b:f2:75:2e:1c:
f0:79:a9:57:6f:00:aa:80:b9:7d:30:e1:4d:b5:5c:
eb:ef:f3:2d:f4:be:99:7a:f9:8d:47:59:b2:a5:57:
e3:03:91:8f:79:98:2d:f2:7e:53:26:04:90:08:bd:
9c:63:5d:ed:fd:b0:9f:6a:71:8d:1d:46:99:5a:e3:
38:be:0c:8a:88:aa:51:1a:05:e4:cb:bd:79:3b:71:
47:2d:3a:7b:ef:7a:20:30:00:4b:ce:36:f1:9a:1f:
84:d2:65:c2:ca:9b:36:1e:3a:4e:07:1b:47:5a:f1:
12:b3:a6:6d:e0:22:b7:26:9b:53:72:6d:50:f5:40:
89:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:99:14:8E:B6:02:D4:E7:85:09:8D:8A:96:C7:CE:15:61:FC:E1:69
X509v3 Authority Key Identifier:
keyid:DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/603a87d394ac407937cf2bcc1878a5d5b96f6762.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:db:37:b9:f3:ed:48:ff:37:7b:56:c1:21:8b:f4:55:f1:17:
13:59:6f:67:87:07:76:30:47:86:48:f7:62:b3:ac:22:bb:20:
d2:4a:27:fc:35:1a:0b:6e:4d:81:0b:4b:bf:63:a0:6e:58:62:
db:04:62:19:ea:c1:d8:79:aa:d0:73:3d:0e:30:ac:17:75:67:
86:25:0b:11:74:7a:30:7b:0a:6c:da:33:e2:a8:66:ef:dc:5f:
23:d8:d5:b1:7a:cb:9c:a1:4e:3e:d7:50:d1:06:3f:4e:5f:02:
10:22:fa:62:8f:1d:dd:ba:75:f2:39:0d:bd:52:71:cc:80:d6:
5b:73:ab:a1:08:d0:05:f0:cc:b8:ae:d3:8f:a2:6e:f5:6a:48:
60:12:81:b1:4a:99:46:4e:f4:11:be:b3:68:07:97:09:9a:cf:
db:b3:d7:be:71:9e:71:62:d1:37:6b:9b:a9:c5:f0:ea:19:9a:
34:d0:9c:4c:24:35:65:38:54:87:bf:99:64:96:45:eb:35:58:
d4:8c:68:81:2a:03:aa:7d:12:f6:64:17:c2:a1:ab:52:fd:3d:
9a:0f:fe:81:ae:b3:99:9a:52:6d:cd:ef:8c:95:a8:ce:6b:72:
ff:63:9d:f5:87:b1:48:c6:98:23:2c:e9:8d:e9:ec:ad:d4:f5:
de:d3:8a:91
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIDG8kpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
NTgwMDc4ZjRmODk3ZmNmZGJhYTBkOTBjMmVjNmY0NjBlMzMyMjIwHhcNMjIwOTI2
MTkzMjA4WhcNMjQwOTI2MTkzMjA4WjAzMTEwLwYDVQQDEyg2MDNhODdkMzk0YWM0
MDc5MzdjZjJiY2MxODc4YTVkNWI5NmY2NzYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApAXCCgXdkkKVbDA16vKK9yeHEPYjpZ61SoW92QCNgB72JVbo
1rx8t6jEU1yAkjE1EBaPOhGOdar6HWTrjIrmykAYCdCY5AE8ZxjeufxwRQwuphj6
zDo6KIz2x3q1kSZsAa73KLEWsIsaPCXZr5iNICI3q9FTidDtkgE5pLOjMvWbW/J1
LhzwealXbwCqgLl9MOFNtVzr7/Mt9L6ZevmNR1mypVfjA5GPeZgt8n5TJgSQCL2c
Y13t/bCfanGNHUaZWuM4vgyKiKpRGgXky715O3FHLTp773ogMABLzjbxmh+E0mXC
yps2HjpOBxtHWvESs6Zt4CK3JptTcm1Q9UCJDQIDAQABo4ICWjCCAlYwHQYDVR0O
BBYEFGiZFI62AtTnhQmNipbHzhVh/OFpMB8GA1UdIwQYMBaAFN/Gyo1ROTKXljh0
TDeMs6BDDpW1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjM1ODAw
NzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzIwYjU1OGEtODllMC00YzllLWI2YzgtZDdjNjk0
NjMyMTIwLzYwM2E4N2QzOTRhYzQwNzkzN2NmMmJjYzE4NzhhNWQ1Yjk2ZjY3NjIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMjBiNTU4YS04OWUwLTRjOWUtYjZjOC1kN2M2
OTQ2MzIxMjAvYjM1ODAwNzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIy
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAKcAMA0GCSqGSIb3DQEBCwUAA4IBAQBA2ze58+1I/zd7VsEh
i/RV8RcTWW9nhwd2MEeGSPdis6wiuyDSSif8NRoLbk2BC0u/Y6BuWGLbBGIZ6sHY
earQcz0OMKwXdWeGJQsRdHowewps2jPiqGbv3F8j2NWxesucoU4+11DRBj9OXwIQ
Ivpijx3dunXyOQ29UnHMgNZbc6uhCNAF8My4rtOPom71akhgEoGxSplGTvQRvrNo
B5cJms/bs9e+cZ5xYtE3a5upxfDqGZo00JxMJDVlOFSHv5lklkXrNVjUjGiBKgOq
fRL2ZBfCoatS/T2aD/6BrrOZmlJtze+MlajOa3L/Y531h7FIxpgjLOmN6eyt1PXe
04qR
-----END CERTIFICATE-----
Generated at Wed Aug 30 18:08:10 2023 by rpki-client on console-fra.rpki-client.org