Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/d7a1574c3d471f444aa417f540ed88a28c050a9c.roa
File:                     d7a1574c3d471f444aa417f540ed88a28c050a9c.roa (raw, json)
Hash identifier:          wMPd7mW9RMwML5HCtIMRVRvewK2OrmNp+1/DJi6y7+o=
Subject key identifier:   11:55:C3:2B:64:A9:99:CB:D0:CD:9D:DA:0E:E1:31:D2:47:E4:21:EC
Certificate issuer:       /CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
Certificate serial:       1DEC50
Authority key identifier: DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/d7a1574c3d471f444aa417f540ed88a28c050a9c.roa
Signing time:             Tue 18 Oct 2022 18:25:39 +0000
ROA not before:           Sun 25 Sep 2022 15:15:42 +0000
ROA not after:            Thu 26 Sep 2024 15:15:42 +0000
asID:                     3816
IP address blocks:        152.200.0.0/17 maxlen: 17
                          152.200.128.0/20 maxlen: 20
                          152.200.144.0/22 maxlen: 22
                          152.200.148.0/22 maxlen: 22
                          152.200.152.0/22 maxlen: 22
                          152.200.156.0/22 maxlen: 22
                          152.200.160.0/22 maxlen: 22
                          152.200.164.0/22 maxlen: 22
                          152.200.168.0/22 maxlen: 22
                          152.200.172.0/22 maxlen: 22
                          152.200.176.0/20 maxlen: 20
                          152.202.0.0/19 maxlen: 19
                          152.202.32.0/19 maxlen: 19
                          152.202.64.0/19 maxlen: 19
                          152.202.96.0/19 maxlen: 19
                          152.202.128.0/19 maxlen: 19
                          152.202.160.0/19 maxlen: 19
                          152.202.192.0/19 maxlen: 19
                          152.202.224.0/19 maxlen: 19
                          152.203.0.0/20 maxlen: 20
                          152.203.32.0/19 maxlen: 19
                          152.203.64.0/18 maxlen: 18
                          152.203.128.0/19 maxlen: 19
                          152.203.160.0/19 maxlen: 19
                          152.203.192.0/19 maxlen: 19
                          152.203.224.0/19 maxlen: 19

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1961040 (0x1dec50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
        Validity
            Not Before: Sep 25 15:15:42 2022 GMT
            Not After : Sep 26 15:15:42 2024 GMT
        Subject: CN=d7a1574c3d471f444aa417f540ed88a28c050a9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fa:dc:21:6f:fe:99:c9:d7:e2:6e:00:61:a1:
                    63:63:b5:17:9e:ca:8d:68:e5:c6:63:f9:8f:f9:44:
                    37:3b:ee:14:8f:20:54:01:2a:c0:a4:75:fa:7e:d7:
                    b9:b9:87:9b:5f:ec:cc:8e:f4:97:47:92:57:1d:6a:
                    2f:b4:76:04:cc:5f:4e:21:b9:79:36:a6:7e:be:f9:
                    71:23:b4:78:da:4b:f7:a2:8e:27:9d:5d:c6:60:1f:
                    e5:9a:ab:cb:20:7c:14:65:44:0d:b5:87:81:93:e4:
                    35:16:58:f4:f1:92:04:7e:59:92:aa:52:5c:b9:92:
                    cf:66:b3:9d:de:15:1d:25:f8:a9:13:24:4c:c2:78:
                    e9:3a:6a:da:e5:91:9a:7e:04:6b:4f:29:58:d3:0c:
                    24:f7:4e:13:81:57:f1:36:98:5a:89:d6:8e:bf:1e:
                    26:d3:69:d8:0f:0c:f6:46:42:de:dd:7e:66:5c:bc:
                    cb:83:40:5f:b3:dc:cb:9c:c4:d6:d6:61:92:03:3d:
                    b9:d3:1d:eb:ca:ba:6f:6f:4f:9e:ec:2d:de:d9:a0:
                    98:95:f4:76:21:bf:bf:a4:0d:2a:75:e0:c2:1e:d9:
                    95:4f:91:e5:65:3f:46:28:4d:33:d0:cf:b1:2d:29:
                    2b:bb:6c:8f:0c:4b:a1:1e:fa:5b:30:aa:79:70:ec:
                    06:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:55:C3:2B:64:A9:99:CB:D0:CD:9D:DA:0E:E1:31:D2:47:E4:21:EC
            X509v3 Authority Key Identifier:
                keyid:DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/d7a1574c3d471f444aa417f540ed88a28c050a9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.200.0.0-152.200.191.255
                  152.202.0.0-152.203.15.255
                  152.203.32.0-152.203.255.255

    Signature Algorithm: sha256WithRSAEncryption
         42:4c:2a:a8:40:a6:aa:cd:7a:a4:fa:b7:90:5a:81:45:f7:9c:
         a3:55:1f:f1:7c:90:25:0b:45:91:30:60:8a:6e:02:86:3c:9b:
         3b:17:98:45:af:94:ef:1c:61:13:8b:1a:fb:e1:ed:b2:d5:40:
         7e:9c:37:d1:9b:9c:35:2a:90:d4:25:5a:28:cb:3e:9b:7b:d4:
         5d:c1:d1:f3:aa:ac:0e:69:24:54:0b:f1:e0:f8:3b:0f:43:b1:
         81:d7:f4:a1:d5:69:b2:51:b0:1f:23:20:33:aa:ab:4a:f9:56:
         52:20:62:2c:af:81:2c:2e:2a:b6:d5:5a:94:e9:36:fe:28:16:
         28:bd:55:a5:2f:0a:82:f1:09:7f:b8:8e:02:01:5a:c1:89:44:
         d4:62:96:b1:63:e9:17:d5:62:ad:6a:1a:6a:34:48:ed:9d:ab:
         cd:a8:73:8c:32:a1:c7:fb:fd:68:25:83:66:2b:58:5a:2a:47:
         61:fe:6a:06:78:dc:d7:77:b4:18:cf:1f:2b:9c:d9:c5:d6:54:
         8a:4e:5b:f7:f5:87:56:29:c2:b1:12:47:5d:cd:4b:b9:0d:fb:
         df:d1:31:4c:aa:0f:e5:ce:e7:d2:55:3c:ec:c6:bc:54:21:2f:
         6e:49:48:6d:b6:3c:40:9e:c1:2b:13:5b:64:dd:01:70:57:b5:
         1e:5b:21:e6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDHexQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
NTgwMDc4ZjRmODk3ZmNmZGJhYTBkOTBjMmVjNmY0NjBlMzMyMjIwHhcNMjIwOTI1
MTUxNTQyWhcNMjQwOTI2MTUxNTQyWjAzMTEwLwYDVQQDEyhkN2ExNTc0YzNkNDcx
ZjQ0NGFhNDE3ZjU0MGVkODhhMjhjMDUwYTljMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqvrcIW/+mcnX4m4AYaFjY7UXnsqNaOXGY/mP+UQ3O+4UjyBU
ASrApHX6fte5uYebX+zMjvSXR5JXHWovtHYEzF9OIbl5NqZ+vvlxI7R42kv3oo4n
nV3GYB/lmqvLIHwUZUQNtYeBk+Q1Flj08ZIEflmSqlJcuZLPZrOd3hUdJfipEyRM
wnjpOmra5ZGafgRrTylY0wwk904TgVfxNphaidaOvx4m02nYDwz2RkLe3X5mXLzL
g0Bfs9zLnMTW1mGSAz250x3ryrpvb0+e7C3e2aCYlfR2Ib+/pA0qdeDCHtmVT5Hl
ZT9GKE0z0M+xLSkru2yPDEuhHvpbMKp5cOwGpwIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFBFVwytkqZnL0M2d2g7hMdJH5CHsMB8GA1UdIwQYMBaAFN/Gyo1ROTKXljh0
TDeMs6BDDpW1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjM1ODAw
NzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzIwYjU1OGEtODllMC00YzllLWI2YzgtZDdjNjk0
NjMyMTIwL2Q3YTE1NzRjM2Q0NzFmNDQ0YWE0MTdmNTQwZWQ4OGEyOGMwNTBhOWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMjBiNTU4YS04OWUwLTRjOWUtYjZjOC1kN2M2
OTQ2MzIxMjAvYjM1ODAwNzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIy
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wLQQCAAEwJzALAwMDmMgDBAaYyIAwCwMDAZjKAwQEmMsAMAsDBAWYyyADAwKY
yDANBgkqhkiG9w0BAQsFAAOCAQEAQkwqqECmqs16pPq3kFqBRfeco1Uf8XyQJQtF
kTBgim4ChjybOxeYRa+U7xxhE4sa++HtstVAfpw30ZucNSqQ1CVaKMs+m3vUXcHR
86qsDmkkVAvx4Pg7D0Oxgdf0odVpslGwHyMgM6qrSvlWUiBiLK+BLC4qttValOk2
/igWKL1VpS8KgvEJf7iOAgFawYlE1GKWsWPpF9VirWoaajRI7Z2rzahzjDKhx/v9
aCWDZitYWipHYf5qBnjc13e0GM8fK5zZxdZUik5b9/WHVinCsRJHXc1LuQ3739Ex
TKoP5c7n0lU87Ma8VCEvbklIbbY8QJ7BKxNbZN0BcFe1Hlsh5g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:39 2023 by rpki-client on console-fra.rpki-client.org