Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0c4b4a0-6417-4a7c-8758-9e6f4b0e9679/ca863b6be84fcd757deb044eb5eaa6cf4ddfe01f.roa
File: ca863b6be84fcd757deb044eb5eaa6cf4ddfe01f.roa (raw, json)
Hash identifier: 4GGDddVYUDixfZJpZ6GpWwr+UAfBzcByIVqSSyCGGOY=
Subject key identifier: 15:6D:25:0E:FA:26:4E:93:B8:3E:2B:AC:44:DB:29:5D:20:68:CA:AE
Certificate issuer: /CN=9783ac9bad2b7b922f648c90e881bf44978069ad
Certificate serial: 1E273B
Authority key identifier: CA:8B:E9:06:BA:96:B2:C5:84:9F:86:46:40:0D:2D:0C:60:0D:97:60
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9783ac9bad2b7b922f648c90e881bf44978069ad.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/a0c4b4a0-6417-4a7c-8758-9e6f4b0e9679/ca863b6be84fcd757deb044eb5eaa6cf4ddfe01f.roa
Signing time: Mon 08 May 2023 17:10:35 +0000
ROA not before: Sun 07 May 2023 17:10:30 +0000
ROA not after: Thu 08 May 2025 17:10:30 +0000
asID: 18734
IP address blocks: 189.204.235.0/24 maxlen: 24
189.204.236.0/24 maxlen: 24
189.204.250.0/24 maxlen: 24
189.202.128.0/17 maxlen: 24
189.202.248.0/23 maxlen: 24
189.202.251.0/24 maxlen: 24
189.202.252.0/24 maxlen: 24
189.204.200.0/24 maxlen: 24
200.57.16.0/20 maxlen: 24
201.148.0.0/18 maxlen: 24
201.148.64.0/19 maxlen: 24
189.204.128.0/17 maxlen: 24
189.202.211.0/24 maxlen: 24
189.202.229.0/24 maxlen: 24
168.197.120.0/22 maxlen: 24
189.202.144.0/24 maxlen: 24
200.33.74.0/24 maxlen: 24
200.33.84.0/24 maxlen: 24
201.140.80.0/20 maxlen: 24
201.140.96.0/19 maxlen: 24
200.57.0.0/20 maxlen: 24
189.202.181.0/24 maxlen: 24
189.202.182.0/24 maxlen: 24
200.57.8.0/24 maxlen: 24
200.57.10.0/24 maxlen: 24
2001:1278:5::/48 maxlen: 48
2001:1278:6::/47 maxlen: 48
2001:1278:8::/45 maxlen: 48
2001:1278::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1976123 (0x1e273b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783ac9bad2b7b922f648c90e881bf44978069ad
Validity
Not Before: May 7 17:10:30 2023 GMT
Not After : May 8 17:10:30 2025 GMT
Subject: CN=ca863b6be84fcd757deb044eb5eaa6cf4ddfe01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:96:c1:0f:36:9a:2d:ec:2d:d3:6e:c0:0b:46:
b6:f5:50:5b:5c:00:d3:ed:b4:a0:d9:62:f3:bc:67:
f9:02:95:c2:11:bf:4c:a0:13:77:b9:67:3c:88:fe:
a2:15:ae:93:24:29:48:1c:1c:65:b7:9c:94:e9:d1:
83:03:ca:2f:92:db:19:21:58:de:8b:17:69:06:69:
a3:c8:f5:61:35:9c:f6:38:d7:f2:e4:6f:9b:66:08:
91:21:19:67:57:b7:39:39:a1:dd:1c:e5:ab:ff:fc:
b0:96:5b:fa:1f:03:5a:9f:ac:b1:9e:f5:c7:91:1a:
f4:70:5f:5c:4e:b3:76:fe:4f:79:8f:09:82:6a:3c:
38:59:99:91:42:e5:5b:16:b7:04:10:f7:c1:86:82:
e1:f8:3a:56:22:e6:ff:9b:09:c4:a6:b1:d6:b4:da:
3b:64:a3:fa:75:05:9e:80:1e:8f:a0:2f:d3:1f:17:
db:09:fa:c5:cf:ca:1c:e6:0b:6b:5f:fb:dd:c2:80:
06:c7:4f:08:c7:e3:d4:1f:ee:cb:5a:f3:f9:86:01:
4c:4f:86:78:66:69:82:5e:c6:d9:c4:86:62:8d:12:
58:8f:60:a4:46:9a:a3:33:74:cd:7e:9b:58:75:fc:
3f:34:00:1e:a7:fe:b5:e6:f1:56:de:d1:61:a3:79:
0f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:6D:25:0E:FA:26:4E:93:B8:3E:2B:AC:44:DB:29:5D:20:68:CA:AE
X509v3 Authority Key Identifier:
keyid:CA:8B:E9:06:BA:96:B2:C5:84:9F:86:46:40:0D:2D:0C:60:0D:97:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9783ac9bad2b7b922f648c90e881bf44978069ad.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0c4b4a0-6417-4a7c-8758-9e6f4b0e9679/ca863b6be84fcd757deb044eb5eaa6cf4ddfe01f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/a0c4b4a0-6417-4a7c-8758-9e6f4b0e9679/9783ac9bad2b7b922f648c90e881bf44978069ad.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.197.120.0/22
189.202.128.0/17
189.204.128.0/17
200.33.74.0/24
200.33.84.0/24
200.57.0.0/19
201.140.80.0-201.140.127.255
201.148.0.0-201.148.95.255
IPv6:
2001:1278::/32
Signature Algorithm: sha256WithRSAEncryption
84:32:a3:d1:2d:82:1d:82:7c:6e:1d:7f:3a:5e:bb:f9:df:e6:
f2:06:10:9b:4d:a4:f1:98:bb:86:22:c1:2a:cf:03:5b:9b:0f:
c2:5d:a5:7b:46:e8:45:2e:a1:73:68:ed:97:02:a0:05:1e:e1:
22:af:45:61:10:eb:04:0d:ac:2a:3c:dc:5f:67:f0:88:7b:33:
8e:53:a2:4f:1a:47:79:32:d0:81:26:9b:fb:f7:96:36:8e:11:
ff:ef:d0:e4:1c:4b:de:a4:12:51:50:e1:bb:28:a9:1b:26:d0:
8c:71:1e:bd:bc:30:08:c8:8a:12:24:27:c6:33:f8:be:be:5a:
c7:e0:02:8e:ec:8a:5c:63:24:67:8f:fe:3e:27:7e:31:a0:cf:
0c:1f:da:7f:2b:f3:17:7b:6c:f8:d5:99:b6:2b:55:9b:23:43:
a9:39:91:6a:70:4c:1f:34:99:7d:6f:cc:ad:03:59:71:9b:64:
f7:5f:c8:20:f7:e9:9c:9b:85:ca:07:e0:19:9a:b0:e0:85:cb:
ee:ce:ea:b8:ad:9e:29:ba:fe:75:5e:b6:f8:d3:ab:c2:68:ec:
61:71:da:0a:b5:5d:12:1f:e6:4b:63:55:ef:b0:bb:2e:3d:8d:
95:45:b5:f4:41:39:56:a9:1e:60:b0:36:34:da:8d:2e:38:f2:
28:8a:9b:43
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIDHic7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk3
ODNhYzliYWQyYjdiOTIyZjY0OGM5MGU4ODFiZjQ0OTc4MDY5YWQwHhcNMjMwNTA3
MTcxMDMwWhcNMjUwNTA4MTcxMDMwWjAzMTEwLwYDVQQDEyhjYTg2M2I2YmU4NGZj
ZDc1N2RlYjA0NGViNWVhYTZjZjRkZGZlMDFmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1ZbBDzaaLewt027AC0a29VBbXADT7bSg2WLzvGf5ApXCEb9M
oBN3uWc8iP6iFa6TJClIHBxlt5yU6dGDA8ovktsZIVjeixdpBmmjyPVhNZz2ONfy
5G+bZgiRIRlnV7c5OaHdHOWr//ywllv6HwNan6yxnvXHkRr0cF9cTrN2/k95jwmC
ajw4WZmRQuVbFrcEEPfBhoLh+DpWIub/mwnEprHWtNo7ZKP6dQWegB6PoC/THxfb
CfrFz8oc5gtrX/vdwoAGx08Ix+PUH+7LWvP5hgFMT4Z4ZmmCXsbZxIZijRJYj2Ck
RpqjM3TNfptYdfw/NAAep/615vFW3tFho3kPxwIDAQABo4ICozCCAp8wHQYDVR0O
BBYEFBVtJQ76Jk6TuD4rrETbKV0gaMquMB8GA1UdIwQYMBaAFMqL6Qa6lrLFhJ+G
RkANLQxgDZdgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTc4M2Fj
OWJhZDJiN2I5MjJmNjQ4YzkwZTg4MWJmNDQ5NzgwNjlhZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTBjNGI0YTAtNjQxNy00YTdjLTg3NTgtOWU2ZjRi
MGU5Njc5L2NhODYzYjZiZTg0ZmNkNzU3ZGViMDQ0ZWI1ZWFhNmNmNGRkZmUwMWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMGM0YjRhMC02NDE3LTRhN2MtODc1OC05ZTZm
NGIwZTk2NzkvOTc4M2FjOWJhZDJiN2I5MjJmNjQ4YzkwZTg4MWJmNDQ5NzgwNjlh
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRY
MFYwRQQCAAEwPwMEAqjFeAMEB73KgAMEB73MgAMEAMghSgMEAMghVAMEBcg5ADAM
AwQEyYxQAwQHyYwAMAsDAwLJlAMEBcmUQDANBAIAAjAHAwUAIAESeDANBgkqhkiG
9w0BAQsFAAOCAQEAhDKj0S2CHYJ8bh1/Ol67+d/m8gYQm02k8Zi7hiLBKs8DW5sP
wl2le0boRS6hc2jtlwKgBR7hIq9FYRDrBA2sKjzcX2fwiHszjlOiTxpHeTLQgSab
+/eWNo4R/+/Q5BxL3qQSUVDhuyipGybQjHEevbwwCMiKEiQnxjP4vr5ax+ACjuyK
XGMkZ4/+Pid+MaDPDB/afyvzF3ts+NWZtitVmyNDqTmRanBMHzSZfW/MrQNZcZtk
91/IIPfpnJuFygfgGZqw4IXL7s7quK2eKbr+dV62+NOrwmjsYXHaCrVdEh/mS2NV
77C7Lj2NlUW19EE5VqkeYLA2NNqNLjjyKIqbQw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net