Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/dd3e3fed-93ed-4e6b-98b0-cd4dcf6317d1/aef0469051a5728a3b4a1f7ede5cca4e78c8a69b.roa
File:                     aef0469051a5728a3b4a1f7ede5cca4e78c8a69b.roa (raw, json)
Hash identifier:          CoxB4Eh+RFL3e1DqoZR9Rknl3vp1UnIfHHGRvcGTIJY=
Subject key identifier:   D9:54:58:37:04:E0:84:A8:5E:B7:76:B0:A0:ED:8D:9D:98:60:1E:10
Certificate issuer:       /CN=51cc36a73e0bbe2b338c61fa1df595670735aa98
Certificate serial:       0229
Authority key identifier: 9D:83:6B:D4:65:8F:74:C8:F7:10:6A:FE:03:A6:FD:62:01:88:BF:46
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/51cc36a73e0bbe2b338c61fa1df595670735aa98.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/dd3e3fed-93ed-4e6b-98b0-cd4dcf6317d1/aef0469051a5728a3b4a1f7ede5cca4e78c8a69b.roa
Signing time:             Thu 06 Oct 2022 23:26:02 +0000
ROA not before:           Thu 06 Oct 2022 23:25:06 +0000
ROA not after:            Sun 06 Oct 2024 23:25:06 +0000
asID:                     19422
IP address blocks:        152.156.0.0/16 maxlen: 16
                          152.156.0.0/18 maxlen: 18
                          152.156.0.0/19 maxlen: 19
                          152.156.136.0/22 maxlen: 22
                          152.156.168.0/23 maxlen: 23
                          152.156.168.0/24 maxlen: 24
                          152.156.169.0/24 maxlen: 24
                          152.156.208.0/23 maxlen: 23
                          152.156.210.0/23 maxlen: 23
                          152.156.210.0/24 maxlen: 24
                          152.156.211.0/24 maxlen: 24
                          152.156.212.0/22 maxlen: 22
                          152.156.212.0/23 maxlen: 23
                          152.156.212.0/24 maxlen: 24
                          152.156.213.0/24 maxlen: 24
                          152.156.214.0/23 maxlen: 23
                          152.156.214.0/24 maxlen: 24
                          152.156.215.0/24 maxlen: 24
                          152.156.216.0/22 maxlen: 22
                          152.156.216.0/23 maxlen: 23
                          152.156.216.0/24 maxlen: 24
                          152.156.217.0/24 maxlen: 24
                          152.156.218.0/23 maxlen: 23
                          152.156.218.0/24 maxlen: 24
                          152.156.219.0/24 maxlen: 24
                          152.156.220.0/22 maxlen: 22
                          152.156.220.0/23 maxlen: 23
                          152.156.220.0/24 maxlen: 24
                          152.156.221.0/24 maxlen: 24
                          152.156.222.0/23 maxlen: 23
                          152.156.222.0/24 maxlen: 24
                          152.156.223.0/24 maxlen: 24
                          152.156.32.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Wed 20 Mar 2024 10:44:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 553 (0x229)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51cc36a73e0bbe2b338c61fa1df595670735aa98
        Validity
            Not Before: Oct  6 23:25:06 2022 GMT
            Not After : Oct  6 23:25:06 2024 GMT
        Subject: CN=aef0469051a5728a3b4a1f7ede5cca4e78c8a69b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:a4:78:db:2a:26:1f:84:38:6a:41:fc:3d:49:
                    e1:50:ca:a5:6e:3f:12:62:08:54:3b:4c:2a:21:17:
                    22:e2:4c:70:9e:9b:a6:e2:3a:55:5f:b0:82:a6:15:
                    15:22:39:ef:e9:13:fa:47:cf:62:c6:ec:aa:ed:a9:
                    90:06:6c:eb:79:55:f5:95:4f:e3:ac:ee:e8:54:c0:
                    73:b4:45:fa:d1:42:88:e6:e6:db:c0:44:85:42:9c:
                    88:dd:b5:a8:3d:4c:be:f4:ae:7f:c4:c8:9b:45:aa:
                    cd:b4:1c:09:3f:aa:1d:fe:fc:bb:5d:8e:20:a0:b8:
                    21:e7:88:d2:a7:cd:b2:76:49:ea:49:f2:f1:a9:4f:
                    c3:11:7d:55:89:81:fe:4c:56:fd:85:47:aa:eb:10:
                    d2:5b:9c:f3:ca:cc:90:5a:3b:24:7e:02:06:cc:39:
                    43:8d:94:c9:ac:2f:2f:f8:71:8a:44:78:e2:5e:70:
                    80:4b:d1:ac:4f:8e:68:04:1d:e5:ad:81:f0:29:04:
                    fc:3c:45:e2:05:46:18:cf:88:1b:9e:0a:be:17:e8:
                    3b:3c:b0:cd:d1:5d:81:0d:0e:19:1d:2d:f6:db:ea:
                    c0:f7:18:36:2c:7c:67:70:25:a1:de:e8:2f:3b:cb:
                    c2:bb:20:52:3d:59:b9:c0:21:bb:62:ec:2c:e3:7a:
                    1b:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:54:58:37:04:E0:84:A8:5E:B7:76:B0:A0:ED:8D:9D:98:60:1E:10
            X509v3 Authority Key Identifier:
                keyid:9D:83:6B:D4:65:8F:74:C8:F7:10:6A:FE:03:A6:FD:62:01:88:BF:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/51cc36a73e0bbe2b338c61fa1df595670735aa98.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/dd3e3fed-93ed-4e6b-98b0-cd4dcf6317d1/aef0469051a5728a3b4a1f7ede5cca4e78c8a69b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/dd3e3fed-93ed-4e6b-98b0-cd4dcf6317d1/51cc36a73e0bbe2b338c61fa1df595670735aa98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.156.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1b:45:d8:df:b7:f6:d5:f8:98:b3:b1:6c:d0:3a:71:99:bf:cd:
         dc:f5:c0:8c:79:63:a9:3b:22:0f:17:be:c2:05:22:4d:d5:9d:
         f6:ec:0f:f3:c8:a9:63:0a:0b:93:46:e0:2a:c0:20:5a:0a:a1:
         08:35:9b:16:f0:8b:0f:0e:a3:ed:37:71:18:35:af:45:78:8f:
         ff:80:a9:dd:38:81:b3:c4:05:13:ce:53:af:0b:eb:87:82:62:
         3c:9b:59:7b:db:cb:96:5e:c5:6e:24:64:3c:d2:90:a0:7f:f9:
         bc:4b:79:11:d5:7d:19:ba:da:36:c8:fc:81:7b:72:8e:cb:71:
         0a:8e:f2:f0:c1:9d:fb:7c:7f:e1:8d:85:78:73:7b:94:93:61:
         5a:6f:b9:a2:9e:f8:c3:fb:eb:0e:83:87:c0:7d:00:45:48:58:
         6e:0e:fb:bd:de:5c:e9:e8:70:8c:c6:ba:23:88:91:d4:2f:dc:
         f4:81:4c:15:83:7a:a6:4d:70:26:f4:e7:f4:04:64:ea:66:f2:
         10:28:85:46:ba:23:2a:d6:b9:04:98:f7:a0:b6:32:d2:61:89:
         ff:dc:45:c4:74:24:cb:58:dd:4e:47:03:c6:47:25:6e:b2:8f:
         30:32:32:8f:32:7c:a2:98:5a:1b:c2:a6:0d:3e:ba:58:c1:37:
         2b:78:cf:34
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgICAikwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFj
YzM2YTczZTBiYmUyYjMzOGM2MWZhMWRmNTk1NjcwNzM1YWE5ODAeFw0yMjEwMDYy
MzI1MDZaFw0yNDEwMDYyMzI1MDZaMDMxMTAvBgNVBAMTKGFlZjA0NjkwNTFhNTcy
OGEzYjRhMWY3ZWRlNWNjYTRlNzhjOGE2OWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDspHjbKiYfhDhqQfw9SeFQyqVuPxJiCFQ7TCohFyLiTHCem6bi
OlVfsIKmFRUiOe/pE/pHz2LG7KrtqZAGbOt5VfWVT+Os7uhUwHO0RfrRQojm5tvA
RIVCnIjdtag9TL70rn/EyJtFqs20HAk/qh3+/LtdjiCguCHniNKnzbJ2SepJ8vGp
T8MRfVWJgf5MVv2FR6rrENJbnPPKzJBaOyR+AgbMOUONlMmsLy/4cYpEeOJecIBL
0axPjmgEHeWtgfApBPw8ReIFRhjPiBueCr4X6Ds8sM3RXYENDhkdLfbb6sD3GDYs
fGdwJaHe6C87y8K7IFI9WbnAIbti7CzjehvrAgMBAAGjggJaMIICVjAdBgNVHQ4E
FgQU2VRYNwTghKhet3awoO2NnZhgHhAwHwYDVR0jBBgwFoAUnYNr1GWPdMj3EGr+
A6b9YgGIv0YwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS81MWNjMzZh
NzNlMGJiZTJiMzM4YzYxZmExZGY1OTU2NzA3MzVhYTk4LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9kZDNlM2ZlZC05M2VkLTRlNmItOThiMC1jZDRkY2Y2
MzE3ZDEvYWVmMDQ2OTA1MWE1NzI4YTNiNGExZjdlZGU1Y2NhNGU3OGM4YTY5Yi5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2RkM2UzZmVkLTkzZWQtNGU2Yi05OGIwLWNkNGRj
ZjYzMTdkMS81MWNjMzZhNzNlMGJiZTJiMzM4YzYxZmExZGY1OTU2NzA3MzVhYTk4
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8w
DTALBAIAATAFAwMAmJwwDQYJKoZIhvcNAQELBQADggEBABtF2N+39tX4mLOxbNA6
cZm/zdz1wIx5Y6k7Ig8XvsIFIk3VnfbsD/PIqWMKC5NG4CrAIFoKoQg1mxbwiw8O
o+03cRg1r0V4j/+Aqd04gbPEBRPOU68L64eCYjybWXvby5ZexW4kZDzSkKB/+bxL
eRHVfRm62jbI/IF7co7LcQqO8vDBnft8f+GNhXhze5STYVpvuaKe+MP76w6Dh8B9
AEVIWG4O+73eXOnocIzGuiOIkdQv3PSBTBWDeqZNcCb05/QEZOpm8hAohUa6IyrW
uQSY96C2MtJhif/cRcR0JMtY3U5HA8ZHJW6yjzAyMo8yfKKYWhvCpg0+uljBNyt4
zzQ=
-----END CERTIFICATE-----
Generated at Wed Mar 20 14:21:14 2024 by rpki-client on console-fra.rpki-client.org