Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/98634f2fc68d104a1627dd88a4003cd3ae385632.roa
File: 98634f2fc68d104a1627dd88a4003cd3ae385632.roa (raw, json)
Hash identifier: wZNNP/qkvZLcdIodgukaXLmKPI6QNoiYD3gQGH2lCQs=
Subject key identifier: CF:A6:95:4F:6E:02:BC:FF:DE:95:7F:74:40:E3:9E:4B:EC:C3:BF:67
Certificate issuer: /CN=aa536e2112fb6fbd4fd90b644c6fd66acba797ea
Certificate serial: 20956E
Authority key identifier: 34:98:A2:3B:7F:57:B4:51:CF:75:1E:21:7C:78:5E:0F:BE:35:87:87
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/98634f2fc68d104a1627dd88a4003cd3ae385632.roa
Signing time: Thu 27 Apr 2023 08:30:02 +0000
ROA not before: Wed 26 Apr 2023 08:30:02 +0000
ROA not after: Fri 25 Apr 2025 08:30:02 +0000
asID: 271906
IP address blocks: 200.85.128.0/21 maxlen: 24
200.85.128.0/24 maxlen: 24
200.85.129.0/24 maxlen: 24
200.85.130.0/24 maxlen: 24
200.85.131.0/24 maxlen: 24
200.85.132.0/24 maxlen: 24
200.85.133.0/24 maxlen: 24
200.85.134.0/24 maxlen: 24
200.85.135.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2135406 (0x20956e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa536e2112fb6fbd4fd90b644c6fd66acba797ea
Validity
Not Before: Apr 26 08:30:02 2023 GMT
Not After : Apr 25 08:30:02 2025 GMT
Subject: CN=98634f2fc68d104a1627dd88a4003cd3ae385632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3b:c5:e3:19:fe:ad:eb:15:0d:f8:82:74:56:
8a:1c:35:1a:f7:6a:cb:67:c5:3b:34:4b:20:9c:33:
bb:b1:61:19:7b:23:b8:17:47:32:1a:ef:1b:f6:a3:
3c:9e:cb:64:ff:6e:1b:d8:32:b1:e3:22:8e:51:82:
0f:dd:7f:1a:96:9d:6f:75:4b:dc:89:ec:5f:a8:42:
d1:6a:ba:87:f6:50:25:11:e8:d0:ca:d9:1b:71:5b:
b0:90:38:d9:e4:e1:be:25:71:21:94:19:e3:96:2c:
d3:86:7e:c2:eb:0f:7c:80:1c:e0:aa:3f:5a:94:f8:
8d:ef:ee:7a:71:42:c8:5d:f2:71:5f:a8:94:26:58:
ed:6b:55:0e:a1:67:e4:34:bf:5d:0c:41:20:71:ff:
f6:38:86:6b:4d:0b:90:44:67:1d:b2:f5:47:49:f7:
ea:1d:49:ef:fd:d5:6c:8f:8b:8e:55:61:38:2b:bc:
36:11:9c:92:db:83:ae:74:e2:f6:52:ad:97:0b:26:
0a:36:6a:4b:25:21:6a:c6:31:e4:a8:02:01:21:eb:
08:45:e1:4c:cc:a7:ac:c6:e9:84:01:8b:b7:80:7c:
35:08:71:74:c2:e2:4d:dc:0f:33:45:e5:de:80:9e:
51:df:5f:c2:fe:de:10:cc:78:88:13:ad:17:c2:90:
09:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A6:95:4F:6E:02:BC:FF:DE:95:7F:74:40:E3:9E:4B:EC:C3:BF:67
X509v3 Authority Key Identifier:
keyid:34:98:A2:3B:7F:57:B4:51:CF:75:1E:21:7C:78:5E:0F:BE:35:87:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/98634f2fc68d104a1627dd88a4003cd3ae385632.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.85.128.0/21
Signature Algorithm: sha256WithRSAEncryption
74:86:7f:86:62:4c:dd:ba:98:ff:f0:17:93:a0:91:a4:01:df:
dc:90:17:7e:3b:ff:6f:01:bd:5d:32:9b:88:f7:02:b5:8e:e1:
ed:2b:0b:f8:fb:96:d3:79:46:8a:fb:e7:da:60:82:b0:d3:d4:
3b:62:b2:a7:3b:1f:69:8c:92:fb:4c:f5:5f:63:45:cf:17:78:
cb:23:49:db:31:93:72:28:3d:c7:c9:d9:df:11:eb:a7:83:13:
17:f7:57:92:7b:b6:52:a7:2b:81:86:b5:4c:e1:34:72:e7:30:
e8:07:1e:26:be:ed:06:34:e0:d7:6d:47:77:0e:2e:dc:c8:95:
ab:4c:c3:91:7f:26:b4:15:0f:93:6c:91:b1:00:ab:e0:7b:ff:
4f:cc:35:c5:f7:ba:c0:78:f1:ac:c1:d2:c9:fa:2b:41:5a:d6:
28:29:37:42:0d:a6:6d:ad:1b:62:b9:b2:55:ef:6c:31:eb:2e:
5b:45:7a:64:13:cd:11:78:97:22:1a:75:00:ac:8c:e1:9a:02:
bc:2c:41:15:9b:aa:1c:7f:eb:95:72:ea:ef:e3:c1:74:cd:55:
ac:5e:39:8f:01:ad:c8:6b:62:a4:f3:62:d4:af:e3:94:d6:f7:
6a:7e:47:cd:10:54:9b:5d:b9:c1:e9:de:63:d0:93:c5:ff:65:
ef:c5:35:f8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIJVuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFh
NTM2ZTIxMTJmYjZmYmQ0ZmQ5MGI2NDRjNmZkNjZhY2JhNzk3ZWEwHhcNMjMwNDI2
MDgzMDAyWhcNMjUwNDI1MDgzMDAyWjAzMTEwLwYDVQQDEyg5ODYzNGYyZmM2OGQx
MDRhMTYyN2RkODhhNDAwM2NkM2FlMzg1NjMyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmDvF4xn+resVDfiCdFaKHDUa92rLZ8U7NEsgnDO7sWEZeyO4
F0cyGu8b9qM8nstk/24b2DKx4yKOUYIP3X8alp1vdUvciexfqELRarqH9lAlEejQ
ytkbcVuwkDjZ5OG+JXEhlBnjlizThn7C6w98gBzgqj9alPiN7+56cULIXfJxX6iU
Jljta1UOoWfkNL9dDEEgcf/2OIZrTQuQRGcdsvVHSffqHUnv/dVsj4uOVWE4K7w2
EZyS24OudOL2Uq2XCyYKNmpLJSFqxjHkqAIBIesIReFMzKesxumEAYu3gHw1CHF0
wuJN3A8zReXegJ5R31/C/t4QzHiIE60XwpAJXwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFM+mlU9uArz/3pV/dEDjnkvsw79nMB8GA1UdIwQYMBaAFDSYojt/V7RRz3Ue
IXx4Xg++NYeHMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWE1MzZl
MjExMmZiNmZiZDRmZDkwYjY0NGM2ZmQ2NmFjYmE3OTdlYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjRiYzVkN2UtZWEzYS00YWIzLWE4YTUtNTkwM2Vi
NGYxNzI2Lzk4NjM0ZjJmYzY4ZDEwNGExNjI3ZGQ4OGE0MDAzY2QzYWUzODU2MzIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mNGJjNWQ3ZS1lYTNhLTRhYjMtYThhNS01OTAz
ZWI0ZjE3MjYvYWE1MzZlMjExMmZiNmZiZDRmZDkwYjY0NGM2ZmQ2NmFjYmE3OTdl
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8hVgDANBgkqhkiG9w0BAQsFAAOCAQEAdIZ/hmJM3bqY//AX
k6CRpAHf3JAXfjv/bwG9XTKbiPcCtY7h7SsL+PuW03lGivvn2mCCsNPUO2Kypzsf
aYyS+0z1X2NFzxd4yyNJ2zGTcig9x8nZ3xHrp4MTF/dXknu2UqcrgYa1TOE0cucw
6AceJr7tBjTg121Hdw4u3MiVq0zDkX8mtBUPk2yRsQCr4Hv/T8w1xfe6wHjxrMHS
yforQVrWKCk3Qg2mba0bYrmyVe9sMesuW0V6ZBPNEXiXIhp1AKyM4ZoCvCxBFZuq
HH/rlXLq7+PBdM1VrF45jwGtyGtipPNi1K/jlNb3an5HzRBUm125weneY9CTxf9l
78U1+A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:44 2023 by rpki-client on console-fra.rpki-client.org