Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/da77dfad434ae2b71e795e5205c61358a6bca9ec.roa
File:                     da77dfad434ae2b71e795e5205c61358a6bca9ec.roa (raw, json)
Hash identifier:          i9eRZJEYfDcWR6LLHc8P5QhUmXPrC1HF8WdPq6RMPwA=
Subject key identifier:   45:EE:7A:43:49:C0:DA:6E:89:30:C6:8A:85:1F:FC:CA:EC:18:3F:7C
Certificate issuer:       /CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
Certificate serial:       073847
Authority key identifier: 8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/da77dfad434ae2b71e795e5205c61358a6bca9ec.roa
Signing time:             Mon 13 Mar 2023 19:52:42 +0000
ROA not before:           Sun 12 Mar 2023 19:50:23 +0000
ROA not after:            Thu 13 Mar 2025 19:50:23 +0000
asID:                     17072
IP address blocks:        187.188.220.0/24 maxlen: 24
                          187.188.227.0/24 maxlen: 24
                          187.189.216.0/24 maxlen: 24
                          187.190.158.0/24 maxlen: 24
                          187.190.223.0/24 maxlen: 24
                          189.203.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 473159 (0x73847)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
        Validity
            Not Before: Mar 12 19:50:23 2023 GMT
            Not After : Mar 13 19:50:23 2025 GMT
        Subject: CN=da77dfad434ae2b71e795e5205c61358a6bca9ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:75:f4:ac:77:c4:97:ff:10:cc:95:7f:95:69:
                    93:e3:4e:d5:6d:6a:00:87:10:1d:0a:5c:ef:81:2a:
                    24:83:dd:d5:c5:2f:53:30:66:c6:65:0c:e8:27:bc:
                    55:57:93:c7:f0:25:7c:89:cc:c2:f8:63:35:87:f7:
                    71:6b:71:e9:f2:4c:6c:0c:d3:6d:df:61:dd:9e:00:
                    50:73:4f:23:08:e6:1d:f3:db:32:47:91:8e:e0:82:
                    8d:5a:c4:a5:7f:ae:93:bb:50:8a:4e:72:f7:74:2e:
                    fe:80:d7:f8:ec:1f:cc:a8:5e:bc:ac:40:3c:d7:c6:
                    db:d4:b2:cd:fc:bb:df:54:e3:45:f8:6d:01:e6:cb:
                    78:0f:88:55:59:4e:b0:ec:b0:a3:ba:fb:fa:5a:40:
                    6c:5c:ee:4f:60:01:32:6d:14:c0:1c:04:65:79:6a:
                    8a:b2:dc:9f:43:50:08:f7:d6:25:a4:f8:b2:da:d2:
                    ea:6f:ad:9a:d3:7a:72:34:a4:c8:04:95:19:6f:63:
                    a0:8c:9a:bc:1c:14:12:f6:a0:1d:ec:6a:ee:6a:30:
                    09:e3:ab:6d:44:81:c1:d7:e1:f5:5f:04:f2:4c:ea:
                    68:ca:f5:5e:17:ef:e7:03:cc:66:c8:25:c1:86:56:
                    a0:e5:2b:ee:cb:77:11:bf:87:4a:92:9b:c9:be:34:
                    21:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:EE:7A:43:49:C0:DA:6E:89:30:C6:8A:85:1F:FC:CA:EC:18:3F:7C
            X509v3 Authority Key Identifier:
                keyid:8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/da77dfad434ae2b71e795e5205c61358a6bca9ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.188.220.0/24
                  187.188.227.0/24
                  187.189.216.0/24
                  187.190.158.0/24
                  187.190.223.0/24
                  189.203.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:1b:c7:b3:44:74:ba:2f:c0:c1:d2:b2:7b:ed:48:68:30:fb:
         b2:86:9c:2b:38:89:3d:f7:5b:ed:2b:88:b8:43:72:1c:a7:6d:
         c0:41:bf:32:75:a7:c6:94:94:cd:05:f9:3a:19:88:6f:dc:7e:
         66:57:4c:f6:4b:85:52:8e:c6:6b:a9:64:ff:17:4e:f2:51:18:
         fc:7e:08:5f:4d:40:ea:bb:d3:68:98:4d:c4:8a:43:69:48:44:
         0d:0c:d6:9a:f3:80:9a:66:c9:5b:fc:db:d2:35:fc:52:45:b2:
         bc:29:e1:29:fd:cd:fd:51:bd:4b:97:97:0d:c8:03:92:c7:c9:
         a3:8c:34:7e:d8:76:a1:2a:ab:c1:60:e3:b6:ac:61:44:ec:d8:
         65:19:05:61:52:fe:31:7c:89:3b:7a:9f:da:3f:da:fa:f6:f3:
         84:5e:4b:f4:b2:c1:cc:d9:70:f5:f5:6d:26:be:5a:3c:53:2e:
         3a:e0:b5:e6:8c:36:8f:df:9b:cb:a1:08:b9:da:3d:17:5e:e7:
         57:f7:c6:ee:e4:c8:75:05:76:fa:5c:80:9b:d0:0c:0b:7e:5e:
         e8:ce:0f:27:7a:e8:74:cd:bb:e4:c1:5e:02:a1:7a:e1:ce:04:
         ea:3b:1c:ef:57:85:5a:1e:6c:e5:9c:80:8a:92:36:5f:40:34:
         e3:55:bf:e0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIDBzhHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkx
M2Q1Y2RiMTYwNzI2ZGM5MmUwNGVkNDZhNjU4ZWM2YmZjYmJkZDEwHhcNMjMwMzEy
MTk1MDIzWhcNMjUwMzEzMTk1MDIzWjAzMTEwLwYDVQQDEyhkYTc3ZGZhZDQzNGFl
MmI3MWU3OTVlNTIwNWM2MTM1OGE2YmNhOWVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoXX0rHfEl/8QzJV/lWmT407VbWoAhxAdClzvgSokg93VxS9T
MGbGZQzoJ7xVV5PH8CV8iczC+GM1h/dxa3Hp8kxsDNNt32HdngBQc08jCOYd89sy
R5GO4IKNWsSlf66Tu1CKTnL3dC7+gNf47B/MqF68rEA818bb1LLN/LvfVONF+G0B
5st4D4hVWU6w7LCjuvv6WkBsXO5PYAEybRTAHARleWqKstyfQ1AI99YlpPiy2tLq
b62a03pyNKTIBJUZb2OgjJq8HBQS9qAd7GruajAJ46ttRIHB1+H1XwTyTOpoyvVe
F+/nA8xmyCXBhlag5Svuy3cRv4dKkpvJvjQh5QIDAQABo4ICeTCCAnUwHQYDVR0O
BBYEFEXuekNJwNpuiTDGioUf/MrsGD98MB8GA1UdIwQYMBaAFI9xTwL31bpGSCLp
2dR7u2DVk6EyMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTEzZDVj
ZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRkMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2Q1YWQ2YzAtNDk5Yi00MzgwLTk4NGYtODc0Yzlm
NTFkMmZmL2RhNzdkZmFkNDM0YWUyYjcxZTc5NWU1MjA1YzYxMzU4YTZiY2E5ZWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZDVhZDZjMC00OTliLTQzODAtOTg0Zi04NzRj
OWY1MWQyZmYvOTEzZDVjZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRk
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQu
MCwwKgQCAAEwJAMEALu83AMEALu84wMEALu92AMEALu+ngMEALu+3wMEAL3LVTAN
BgkqhkiG9w0BAQsFAAOCAQEAGBvHs0R0ui/AwdKye+1IaDD7soacKziJPfdb7SuI
uENyHKdtwEG/MnWnxpSUzQX5OhmIb9x+ZldM9kuFUo7Ga6lk/xdO8lEY/H4IX01A
6rvTaJhNxIpDaUhEDQzWmvOAmmbJW/zb0jX8UkWyvCnhKf3N/VG9S5eXDcgDksfJ
o4w0fth2oSqrwWDjtqxhROzYZRkFYVL+MXyJO3qf2j/a+vbzhF5L9LLBzNlw9fVt
Jr5aPFMuOuC15ow2j9+by6EIudo9F17nV/fG7uTIdQV2+lyAm9AMC35e6M4PJ3ro
dM275MFeAqF64c4E6jsc71eFWh5s5ZyAipI2X0A041W/4A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:54 2023 by rpki-client on console-ams.rpki-client.org