Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e2efa464-0902-4477-a433-3476f42cc325/d6ddd7d635b26c6947291310215baa74167f3618.roa
File:                     d6ddd7d635b26c6947291310215baa74167f3618.roa (raw, json)
Hash identifier:          ar8mGddJ9tbOVpn0G0Nw0Ce94wQEVPlL5uPr7HAksog=
Subject key identifier:   33:D0:93:5F:97:29:21:C2:9D:9E:52:B3:DD:4B:20:E5:6C:78:45:1C
Certificate issuer:       /CN=58c2bc7895cd7c147803e7c9790ece03a9e82fa6
Certificate serial:       18F285
Authority key identifier: 18:DC:42:6A:C7:DA:80:CB:A2:FA:32:DB:5C:BD:9E:55:15:E2:8F:5B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/58c2bc7895cd7c147803e7c9790ece03a9e82fa6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e2efa464-0902-4477-a433-3476f42cc325/d6ddd7d635b26c6947291310215baa74167f3618.roa
Signing time:             Mon 27 Jun 2022 18:51:53 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     11014
IP address blocks:        143.0.76.0/22 maxlen: 24
                          170.83.4.0/22 maxlen: 24
                          170.150.152.0/22 maxlen: 24
                          190.12.96.0/20 maxlen: 24
                          190.12.112.0/22 maxlen: 24
                          190.12.116.0/24 maxlen: 24
                          190.12.117.0/24 maxlen: 24
                          190.12.119.0/24 maxlen: 24
                          190.12.120.0/21 maxlen: 24
                          190.104.194.0/23 maxlen: 24
                          190.104.196.0/23 maxlen: 24
                          190.104.198.0/24 maxlen: 24
                          190.104.199.0/24 maxlen: 24
                          190.104.200.0/21 maxlen: 24
                          190.104.208.0/20 maxlen: 24
                          190.104.224.0/20 maxlen: 24
                          190.104.240.0/24 maxlen: 24
                          190.104.241.0/24 maxlen: 24
                          190.104.242.0/23 maxlen: 24
                          190.104.244.0/22 maxlen: 24
                          190.104.248.0/21 maxlen: 24
                          190.111.192.0/19 maxlen: 24
                          190.111.224.0/21 maxlen: 24
                          190.111.232.0/23 maxlen: 24
                          190.111.234.0/24 maxlen: 24
                          190.111.237.0/24 maxlen: 24
                          190.111.238.0/23 maxlen: 24
                          190.111.240.0/20 maxlen: 24
                          200.110.216.0/22 maxlen: 24
                          200.110.220.0/23 maxlen: 24
                          200.110.222.0/24 maxlen: 24
                          200.110.223.0/24 maxlen: 24
                          2800:a10::/32 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1634949 (0x18f285)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58c2bc7895cd7c147803e7c9790ece03a9e82fa6
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=d6ddd7d635b26c6947291310215baa74167f3618
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:38:d6:f1:28:7e:a6:18:d0:17:20:56:e0:57:
                    6f:a4:7e:38:37:3e:4f:1f:f1:95:ed:07:9f:16:e2:
                    0a:10:89:85:59:61:54:06:eb:0b:56:74:40:5e:87:
                    d5:2e:05:b9:54:88:57:54:17:40:d6:75:39:5f:a0:
                    17:33:de:d1:3b:ed:8d:e6:1f:e4:81:44:4c:3b:24:
                    ce:98:45:cb:1c:e8:ad:3a:4c:b7:a7:9a:51:f5:fb:
                    c2:55:56:e9:8e:88:c6:c2:8c:fd:7e:33:75:78:a6:
                    ad:f0:e9:a0:5d:2f:1f:49:b7:81:0c:2e:41:3e:9d:
                    8e:11:e6:b5:89:be:d3:8f:f5:24:be:22:66:34:df:
                    b3:ac:69:57:2f:1e:82:53:25:d8:85:3a:3d:12:4a:
                    f2:6b:ea:8d:4f:b6:82:f7:44:f7:04:1a:3b:b1:bd:
                    4e:56:9b:5e:f2:7d:06:3a:7e:25:83:d8:c0:65:0f:
                    87:6d:46:3b:b8:5b:f5:5e:0f:2c:16:22:2e:c3:a4:
                    a6:4d:dd:b1:2f:ef:8b:fd:35:e8:3d:a9:2a:b9:b6:
                    87:66:b2:b1:ec:d7:1d:b9:6c:25:f4:96:74:e3:2d:
                    6b:b7:ec:0f:45:42:84:4a:30:d3:65:f0:b4:43:48:
                    c3:ef:0d:3f:51:3d:79:bb:de:88:38:3a:df:c4:98:
                    de:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:D0:93:5F:97:29:21:C2:9D:9E:52:B3:DD:4B:20:E5:6C:78:45:1C
            X509v3 Authority Key Identifier:
                keyid:18:DC:42:6A:C7:DA:80:CB:A2:FA:32:DB:5C:BD:9E:55:15:E2:8F:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/58c2bc7895cd7c147803e7c9790ece03a9e82fa6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e2efa464-0902-4477-a433-3476f42cc325/d6ddd7d635b26c6947291310215baa74167f3618.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e2efa464-0902-4477-a433-3476f42cc325/58c2bc7895cd7c147803e7c9790ece03a9e82fa6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.0.76.0/22
                  170.83.4.0/22
                  170.150.152.0/22
                  190.12.96.0-190.12.117.255
                  190.12.119.0-190.12.127.255
                  190.104.194.0-190.104.255.255
                  190.111.192.0-190.111.234.255
                  190.111.237.0-190.111.255.255
                  200.110.216.0/21
                IPv6:
                  2800:a10::/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:d5:de:71:d6:8a:ff:ce:98:05:05:67:17:8b:de:70:2d:8e:
         57:cd:68:36:45:8a:37:e0:c3:81:1e:93:43:9a:dd:ff:9a:89:
         a2:31:7b:ba:b3:af:a1:a0:4b:bb:f3:b6:18:c4:6a:69:f8:c1:
         03:36:ad:10:1d:ca:c4:d2:bc:97:dd:a4:e5:b6:a5:23:12:ae:
         2c:d3:cd:03:d7:e6:d4:37:ef:b9:91:23:ee:3b:a5:37:ea:a6:
         26:c8:86:19:cd:ba:81:4e:3a:01:b4:20:d3:80:d4:e5:e5:d8:
         63:03:66:ba:53:79:d3:25:8c:f5:42:b5:24:3e:18:eb:85:c6:
         57:31:f0:3f:88:4e:65:0e:9c:04:36:b0:94:17:1d:10:41:8b:
         ff:f0:d6:9c:06:64:ab:20:38:b1:d5:78:d9:34:ca:8f:fc:67:
         e5:b1:98:48:2b:6b:4b:83:f5:46:f5:90:3c:42:f7:d2:a1:9c:
         6d:f1:84:a0:35:0e:2c:f8:6b:c8:f9:c1:d7:55:c3:12:5d:c5:
         ee:e8:84:ec:b9:36:44:c9:90:64:44:57:ea:7d:13:99:ec:f4:
         c1:68:c0:87:db:cd:cf:dc:6e:59:c3:4a:a4:4a:40:f9:a1:2a:
         90:06:a1:da:dc:d4:46:2b:99:51:fd:b3:69:1c:bb:7b:5e:c9:
         cb:57:f7:fc
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDGPKFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU4
YzJiYzc4OTVjZDdjMTQ3ODAzZTdjOTc5MGVjZTAzYTllODJmYTYwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhkNmRkZDdkNjM1YjI2
YzY5NDcyOTEzMTAyMTViYWE3NDE2N2YzNjE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiDjW8Sh+phjQFyBW4FdvpH44Nz5PH/GV7QefFuIKEImFWWFU
BusLVnRAXofVLgW5VIhXVBdA1nU5X6AXM97RO+2N5h/kgURMOyTOmEXLHOitOky3
p5pR9fvCVVbpjojGwoz9fjN1eKat8OmgXS8fSbeBDC5BPp2OEea1ib7Tj/UkviJm
NN+zrGlXLx6CUyXYhTo9Ekrya+qNT7aC90T3BBo7sb1OVpte8n0GOn4lg9jAZQ+H
bUY7uFv1Xg8sFiIuw6SmTd2xL++L/TXoPakqubaHZrKx7NcduWwl9JZ04y1rt+wP
RUKESjDTZfC0Q0jD7w0/UT15u96IODrfxJjeTQIDAQABo4ICwTCCAr0wHQYDVR0O
BBYEFDPQk1+XKSHCnZ5Ss91LIOVseEUcMB8GA1UdIwQYMBaAFBjcQmrH2oDLovoy
21y9nlUV4o9bMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNThjMmJj
Nzg5NWNkN2MxNDc4MDNlN2M5NzkwZWNlMDNhOWU4MmZhNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTJlZmE0NjQtMDkwMi00NDc3LWE0MzMtMzQ3NmY0
MmNjMzI1L2Q2ZGRkN2Q2MzViMjZjNjk0NzI5MTMxMDIxNWJhYTc0MTY3ZjM2MTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMmVmYTQ2NC0wOTAyLTQ0NzctYTQzMy0zNDc2
ZjQyY2MzMjUvNThjMmJjNzg5NWNkN2MxNDc4MDNlN2M5NzkwZWNlMDNhOWU4MmZh
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhAYIKwYBBQUHAQcBAf8E
dTBzMGIEAgABMFwDBAKPAEwDBAKqUwQDBAKqlpgwDAMEBb4MYAMEAb4MdDAMAwQA
vgx3AwQHvgwAMAsDBAG+aMIDAwC+aDAMAwQGvm/AAwQAvm/qMAsDBAC+b+0DAwS+
YAMEA8hu2DANBAIAAjAHAwUAKAAKEDANBgkqhkiG9w0BAQsFAAOCAQEAL9XecdaK
/86YBQVnF4vecC2OV81oNkWKN+DDgR6TQ5rd/5qJojF7urOvoaBLu/O2GMRqafjB
AzatEB3KxNK8l92k5balIxKuLNPNA9fm1DfvuZEj7julN+qmJsiGGc26gU46AbQg
04DU5eXYYwNmulN50yWM9UK1JD4Y64XGVzHwP4hOZQ6cBDawlBcdEEGL//DWnAZk
qyA4sdV42TTKj/xn5bGYSCtrS4P1RvWQPEL30qGcbfGEoDUOLPhryPnB11XDEl3F
7uiE7Lk2RMmQZERX6n0Tmez0wWjAh9vNz9xuWcNKpEpA+aEqkAah2tzURiuZUf2z
aRy7e17Jy1f3/A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:42 2023 by rpki-client on console-fra.rpki-client.org