Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e4e43743-cebb-4f29-956e-360d8d220f54/97d6952b954e43c6fbafbac89aa7e918aed1541a.roa
File:                     97d6952b954e43c6fbafbac89aa7e918aed1541a.roa (raw, json)
Hash identifier:          RhDFViU4w4G22rFXxiGZ8OzAuRUCfag9A9uEGm6iRr4=
Subject key identifier:   D5:FE:18:98:EE:79:17:77:A0:58:34:A3:5F:33:96:1F:17:73:C2:C2
Certificate issuer:       /CN=7aa34ce93acbfe70c4de64538dca0894b670f0d2
Certificate serial:       18EDA6
Authority key identifier: 5F:85:D3:6E:A2:27:14:35:40:49:19:8D:ED:3B:94:16:27:FD:D5:35
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7aa34ce93acbfe70c4de64538dca0894b670f0d2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e4e43743-cebb-4f29-956e-360d8d220f54/97d6952b954e43c6fbafbac89aa7e918aed1541a.roa
Signing time:             Thu 30 Jun 2022 20:35:13 +0000
ROA not before:           Thu 30 Jun 2022 03:00:00 +0000
ROA not after:            Sun 30 Jun 2024 03:00:00 +0000
asID:                     6429
IP address blocks:        200.14.200.0/24 maxlen: 24
                          200.14.203.0/24 maxlen: 24
                          200.14.213.0/24 maxlen: 24
                          200.14.214.0/24 maxlen: 24
                          200.14.222.0/23 maxlen: 24
                          200.14.226.0/23 maxlen: 24
                          200.14.245.0/24 maxlen: 24
                          200.14.246.0/23 maxlen: 24
                          200.14.248.0/22 maxlen: 24
                          200.14.252.0/24 maxlen: 24
                          200.14.254.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 04:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1633702 (0x18eda6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7aa34ce93acbfe70c4de64538dca0894b670f0d2
        Validity
            Not Before: Jun 30 03:00:00 2022 GMT
            Not After : Jun 30 03:00:00 2024 GMT
        Subject: CN=97d6952b954e43c6fbafbac89aa7e918aed1541a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:49:83:71:2a:82:7b:af:37:dc:af:ec:98:d3:
                    23:39:ae:26:3f:8c:bc:d0:9f:87:e1:ad:a3:be:9f:
                    cd:2d:c3:49:5d:1a:67:f7:28:a8:f9:f2:c9:0d:57:
                    04:3e:6f:e1:71:a7:b1:17:a3:fa:97:30:37:38:40:
                    13:6e:90:ac:b4:8e:2e:f4:38:2f:ed:b7:be:1a:0e:
                    dd:cf:2a:de:88:f7:e7:13:34:76:e3:f6:d5:a2:5f:
                    16:20:0e:47:e5:a0:9c:c0:b5:53:3f:0a:c5:bd:5c:
                    ac:0a:11:ac:8f:40:b7:52:f7:86:a1:ca:68:41:7e:
                    52:b7:a8:45:e9:27:21:20:96:96:88:b9:91:93:1a:
                    52:b9:a4:66:cb:da:b4:8c:47:0f:37:df:b7:15:bb:
                    d4:8f:72:bc:c3:ae:34:ed:27:a3:98:b6:1a:1d:6f:
                    36:11:6e:44:70:b2:5e:4a:c9:4e:ad:15:88:6f:b4:
                    26:19:ba:75:de:00:80:f3:3e:3b:ec:61:e3:87:b0:
                    65:22:3e:c1:61:8d:d0:4c:ad:c6:74:1f:e8:64:10:
                    78:ff:1f:bd:16:03:ed:b6:09:fc:23:ea:f4:03:29:
                    1f:09:75:c5:25:5c:21:c8:65:b3:65:81:5a:f8:05:
                    c4:84:72:3f:92:38:54:23:6a:08:d4:13:01:ee:77:
                    89:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:FE:18:98:EE:79:17:77:A0:58:34:A3:5F:33:96:1F:17:73:C2:C2
            X509v3 Authority Key Identifier:
                keyid:5F:85:D3:6E:A2:27:14:35:40:49:19:8D:ED:3B:94:16:27:FD:D5:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7aa34ce93acbfe70c4de64538dca0894b670f0d2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e4e43743-cebb-4f29-956e-360d8d220f54/97d6952b954e43c6fbafbac89aa7e918aed1541a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e4e43743-cebb-4f29-956e-360d8d220f54/7aa34ce93acbfe70c4de64538dca0894b670f0d2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.200.0/24
                  200.14.203.0/24
                  200.14.213.0-200.14.214.255
                  200.14.222.0/23
                  200.14.226.0/23
                  200.14.245.0-200.14.252.255
                  200.14.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         52:0a:87:3c:a7:84:31:14:80:1f:f1:61:2c:ae:ec:8e:52:36:
         21:1d:2f:d8:0f:57:c9:3c:78:02:09:cf:43:f9:a7:73:b8:49:
         73:ef:76:13:7f:b1:e7:c0:e4:b2:95:fd:83:a6:a4:5f:50:da:
         10:7e:4e:61:fb:9c:a1:90:5c:02:9d:cc:d7:a8:fb:15:6d:be:
         4e:02:14:b7:02:bd:2b:d1:35:56:33:33:05:24:ad:fe:c8:fa:
         1f:26:27:8d:43:df:b6:86:e0:a1:65:65:ee:94:a4:dc:46:7d:
         89:b2:14:9c:25:b5:68:65:93:24:59:95:92:cf:e1:10:5f:e0:
         86:5f:4e:d8:d3:99:4e:9b:77:25:52:d0:54:5e:08:f9:88:fd:
         7c:c9:de:68:60:55:a9:b6:06:90:14:b1:14:09:54:ff:8b:2a:
         57:ec:c4:22:f9:89:59:6f:61:0b:dc:80:25:de:5e:0c:72:8d:
         36:f9:39:35:75:1c:2d:1c:51:c2:b1:02:c1:a8:6e:03:84:59:
         d8:46:a3:07:17:ca:79:f3:73:ec:09:4b:2b:84:44:97:23:6f:
         b4:3a:57:52:fb:2f:e6:23:2c:bf:c6:82:17:53:ef:89:a6:0f:
         2f:0b:3b:9f:c6:65:0d:00:0c:68:d7:47:9e:32:b2:71:a7:0d:
         5b:da:fb:cb
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIDGO2mMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
YTM0Y2U5M2FjYmZlNzBjNGRlNjQ1MzhkY2EwODk0YjY3MGYwZDIwHhcNMjIwNjMw
MDMwMDAwWhcNMjQwNjMwMDMwMDAwWjAzMTEwLwYDVQQDEyg5N2Q2OTUyYjk1NGU0
M2M2ZmJhZmJhYzg5YWE3ZTkxOGFlZDE1NDFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnUmDcSqCe6833K/smNMjOa4mP4y80J+H4a2jvp/NLcNJXRpn
9yio+fLJDVcEPm/hcaexF6P6lzA3OEATbpCstI4u9Dgv7be+Gg7dzyreiPfnEzR2
4/bVol8WIA5H5aCcwLVTPwrFvVysChGsj0C3UveGocpoQX5St6hF6SchIJaWiLmR
kxpSuaRmy9q0jEcPN9+3FbvUj3K8w6407SejmLYaHW82EW5EcLJeSslOrRWIb7Qm
Gbp13gCA8z477GHjh7BlIj7BYY3QTK3GdB/oZBB4/x+9FgPttgn8I+r0AykfCXXF
JVwhyGWzZYFa+AXEhHI/kjhUI2oI1BMB7neJXQIDAQABo4ICjzCCAoswHQYDVR0O
BBYEFNX+GJjueRd3oFg0o18zlh8Xc8LCMB8GA1UdIwQYMBaAFF+F026iJxQ1QEkZ
je07lBYn/dU1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2FhMzRj
ZTkzYWNiZmU3MGM0ZGU2NDUzOGRjYTA4OTRiNjcwZjBkMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTRlNDM3NDMtY2ViYi00ZjI5LTk1NmUtMzYwZDhk
MjIwZjU0Lzk3ZDY5NTJiOTU0ZTQzYzZmYmFmYmFjODlhYTdlOTE4YWVkMTU0MWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNGU0Mzc0My1jZWJiLTRmMjktOTU2ZS0zNjBk
OGQyMjBmNTQvN2FhMzRjZTkzYWNiZmU3MGM0ZGU2NDUzOGRjYTA4OTRiNjcwZjBk
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBTBggrBgEFBQcBBwEB/wRE
MEIwQAQCAAEwOgMEAMgOyAMEAMgOyzAMAwQAyA7VAwQAyA7WAwQByA7eAwQByA7i
MAwDBADIDvUDBADIDvwDBAHIDv4wDQYJKoZIhvcNAQELBQADggEBAFIKhzynhDEU
gB/xYSyu7I5SNiEdL9gPV8k8eAIJz0P5p3O4SXPvdhN/sefA5LKV/YOmpF9Q2hB+
TmH7nKGQXAKdzNeo+xVtvk4CFLcCvSvRNVYzMwUkrf7I+h8mJ41D37aG4KFlZe6U
pNxGfYmyFJwltWhlkyRZlZLP4RBf4IZfTtjTmU6bdyVS0FReCPmI/XzJ3mhgVam2
BpAUsRQJVP+LKlfsxCL5iVlvYQvcgCXeXgxyjTb5OTV1HC0cUcKxAsGobgOEWdhG
owcXynnzc+wJSyuERJcjb7Q6V1L7L+YjLL/GghdT74mmDy8LO5/GZQ0ADGjXR54y
snGnDVva+8s=
-----END CERTIFICATE-----
Generated at Tue Jan 30 08:26:38 2024 by rpki-client on console-fra.rpki-client.org