Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/bd0d48fdcca341052020a38c3338f3f5ae274a56.roa
File:                     bd0d48fdcca341052020a38c3338f3f5ae274a56.roa (raw, json)
Hash identifier:          BkN/yRCaVT1+xoGuRkFTkV60Gfv6Miiys3ATGpW11v4=
Subject key identifier:   A0:03:8F:4D:2D:EB:A1:86:F2:1B:AF:09:23:50:51:06:73:DB:A8:4E
Certificate issuer:       /CN=aa536e2112fb6fbd4fd90b644c6fd66acba797ea
Certificate serial:       1BE84E
Authority key identifier: 34:98:A2:3B:7F:57:B4:51:CF:75:1E:21:7C:78:5E:0F:BE:35:87:87
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/bd0d48fdcca341052020a38c3338f3f5ae274a56.roa
Signing time:             Mon 31 Oct 2022 13:55:23 +0000
ROA not before:           Tue 23 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     27714
IP address blocks:        200.85.128.0/21 maxlen: 24
                          200.85.128.0/24 maxlen: 24
                          200.85.129.0/24 maxlen: 24
                          200.85.130.0/24 maxlen: 24
                          200.85.131.0/24 maxlen: 24
                          200.85.132.0/24 maxlen: 24
                          200.85.133.0/24 maxlen: 24
                          200.85.134.0/24 maxlen: 24
                          200.85.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1828942 (0x1be84e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa536e2112fb6fbd4fd90b644c6fd66acba797ea
        Validity
            Not Before: Mar 23 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=bd0d48fdcca341052020a38c3338f3f5ae274a56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:9a:56:48:14:d6:03:cf:6a:95:6e:de:24:3f:
                    a8:3e:ee:cc:f7:88:cb:0c:62:92:0c:00:8c:8f:70:
                    23:87:77:51:10:c0:3b:bf:70:f8:ce:9b:22:ca:b5:
                    0f:af:cd:59:0f:bc:6f:9c:81:7c:09:8f:24:d0:5c:
                    21:07:9c:20:9f:f4:2e:f9:45:4a:0a:c0:10:0f:66:
                    36:b5:0e:97:e2:20:04:8b:fb:74:49:bf:dd:81:3a:
                    2e:d4:88:f6:48:df:7a:d4:1f:04:f8:36:d1:25:34:
                    a9:9b:97:82:13:b5:b3:e6:d0:71:2e:40:4d:8c:02:
                    aa:44:2d:64:d4:ec:00:b8:94:57:69:f8:9e:5d:2a:
                    e0:88:2c:3c:51:6f:c5:95:ec:4b:13:08:1d:43:ed:
                    e5:cd:d5:0b:bb:4f:89:6e:aa:fc:12:65:a1:81:96:
                    4d:d3:ec:9b:52:a9:1c:e5:1a:4a:70:0d:da:c7:5f:
                    16:9b:36:e6:42:40:b5:cc:70:37:e2:1e:8f:96:b3:
                    1b:6d:27:9c:43:9e:79:31:19:67:23:d3:09:44:91:
                    68:e6:3d:53:cb:73:96:17:e7:32:2f:92:be:e0:b0:
                    ed:58:68:5d:ff:97:52:bb:68:61:70:f7:1d:94:ea:
                    b0:d9:a8:6d:99:21:49:7c:9f:d4:14:d0:41:f5:27:
                    b8:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:03:8F:4D:2D:EB:A1:86:F2:1B:AF:09:23:50:51:06:73:DB:A8:4E
            X509v3 Authority Key Identifier:
                keyid:34:98:A2:3B:7F:57:B4:51:CF:75:1E:21:7C:78:5E:0F:BE:35:87:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/bd0d48fdcca341052020a38c3338f3f5ae274a56.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f4bc5d7e-ea3a-4ab3-a8a5-5903eb4f1726/aa536e2112fb6fbd4fd90b644c6fd66acba797ea.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.85.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         64:8a:c5:48:c8:e7:77:aa:f6:7a:49:55:ad:66:9f:47:f5:62:
         ad:dc:8b:a7:29:ec:f5:e2:f2:51:4f:fe:97:65:f5:53:c8:db:
         be:03:3f:60:9c:91:2c:3d:82:6d:bc:85:1a:41:ec:14:10:5d:
         d3:89:65:8b:3e:3d:40:32:2a:2e:fa:46:64:0b:41:e6:8d:86:
         0d:b1:12:ba:da:4e:53:b4:f2:47:7d:91:86:f1:8d:19:6d:b6:
         10:30:27:5f:07:07:e1:c8:fe:1c:a1:d9:40:69:4e:6e:e9:0e:
         cd:c0:eb:96:08:a1:48:b2:ee:91:27:0b:c0:0e:84:0f:2d:80:
         f6:4a:0e:92:ed:4f:f9:0a:1a:dd:88:56:9e:84:1d:bf:ba:96:
         07:b4:c5:93:91:de:4b:02:9e:cc:c7:07:0e:f8:73:d6:7e:b9:
         41:66:80:c8:cd:be:92:67:d7:49:9a:39:ac:bd:50:4c:c3:6f:
         54:af:82:ba:54:bd:1d:b4:0a:39:08:eb:30:f8:f6:e1:cb:c8:
         f3:20:cf:6c:bd:03:5d:46:09:ff:d9:b0:50:e4:f0:d7:a8:d6:
         2e:3e:a1:39:2f:16:6b:d4:54:b4:90:c5:d6:10:1d:80:f6:a8:
         4c:b0:9b:7e:cb:82:67:07:a6:2b:e4:bd:aa:4a:8b:98:df:5e:
         e7:28:48:76
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDG+hOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFh
NTM2ZTIxMTJmYjZmYmQ0ZmQ5MGI2NDRjNmZkNjZhY2JhNzk3ZWEwHhcNMjEwMzIz
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhiZDBkNDhmZGNjYTM0
MTA1MjAyMGEzOGMzMzM4ZjNmNWFlMjc0YTU2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAj5pWSBTWA89qlW7eJD+oPu7M94jLDGKSDACMj3Ajh3dREMA7
v3D4zpsiyrUPr81ZD7xvnIF8CY8k0FwhB5wgn/Qu+UVKCsAQD2Y2tQ6X4iAEi/t0
Sb/dgTou1Ij2SN961B8E+DbRJTSpm5eCE7Wz5tBxLkBNjAKqRC1k1OwAuJRXafie
XSrgiCw8UW/FlexLEwgdQ+3lzdULu0+Jbqr8EmWhgZZN0+ybUqkc5RpKcA3ax18W
mzbmQkC1zHA34h6PlrMbbSecQ555MRlnI9MJRJFo5j1Ty3OWF+cyL5K+4LDtWGhd
/5dSu2hhcPcdlOqw2ahtmSFJfJ/UFNBB9Se4+QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKADj00t66GG8huvCSNQUQZz26hOMB8GA1UdIwQYMBaAFDSYojt/V7RRz3Ue
IXx4Xg++NYeHMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWE1MzZl
MjExMmZiNmZiZDRmZDkwYjY0NGM2ZmQ2NmFjYmE3OTdlYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjRiYzVkN2UtZWEzYS00YWIzLWE4YTUtNTkwM2Vi
NGYxNzI2L2JkMGQ0OGZkY2NhMzQxMDUyMDIwYTM4YzMzMzhmM2Y1YWUyNzRhNTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mNGJjNWQ3ZS1lYTNhLTRhYjMtYThhNS01OTAz
ZWI0ZjE3MjYvYWE1MzZlMjExMmZiNmZiZDRmZDkwYjY0NGM2ZmQ2NmFjYmE3OTdl
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8hVgDANBgkqhkiG9w0BAQsFAAOCAQEAZIrFSMjnd6r2eklV
rWafR/VirdyLpyns9eLyUU/+l2X1U8jbvgM/YJyRLD2CbbyFGkHsFBBd04lliz49
QDIqLvpGZAtB5o2GDbESutpOU7TyR32RhvGNGW22EDAnXwcH4cj+HKHZQGlObukO
zcDrlgihSLLukScLwA6EDy2A9koOku1P+Qoa3YhWnoQdv7qWB7TFk5HeSwKezMcH
Dvhz1n65QWaAyM2+kmfXSZo5rL1QTMNvVK+CulS9HbQKOQjrMPj24cvI8yDPbL0D
XUYJ/9mwUOTw16jWLj6hOS8Wa9RUtJDF1hAdgPaoTLCbfsuCZwemK+S9qkqLmN9e
5yhIdg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:58 2023 by rpki-client on console-ams.rpki-client.org