Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0328B18C5676A937ACD46D1956506C1A9DD781F270D2992C529B17585C065B59/0/3133312e37322e3136382e302f32322d3234203d3e20323639393138.roa
File:                     3133312e37322e3136382e302f32322d3234203d3e20323639393138.roa (raw, json)
Hash identifier:          2s5FIvvDUjvOSuNbp8gfGcUPHrgb1+q56LZ7KegSoeY=
Subject key identifier:   17:4F:63:0A:30:D3:5A:95:9D:65:C9:40:D5:1E:28:C4:5F:5A:F9:C8
Certificate issuer:       /CN=D439ACC51BC8AE7294E3E68A83FB67E034B93F54
Certificate serial:       18A12F243B8439BED1B745A4C99956121256D529
Authority key identifier: D4:39:AC:C5:1B:C8:AE:72:94:E3:E6:8A:83:FB:67:E0:34:B9:3F:54
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D439ACC51BC8AE7294E3E68A83FB67E034B93F54.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0328B18C5676A937ACD46D1956506C1A9DD781F270D2992C529B17585C065B59/0/3133312e37322e3136382e302f32322d3234203d3e20323639393138.roa
Signing time:             Mon 31 Mar 2025 20:05:00 +0000
ROA not before:           Mon 31 Mar 2025 20:00:00 +0000
ROA not after:            Mon 30 Mar 2026 20:05:00 +0000
asID:                     269918
IP address blocks:        131.72.168.0/22 maxlen: 24
Validation:               Failed, certificate revoked on Tue 01 Apr 2025 16:15:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:a1:2f:24:3b:84:39:be:d1:b7:45:a4:c9:99:56:12:12:56:d5:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D439ACC51BC8AE7294E3E68A83FB67E034B93F54
        Validity
            Not Before: Mar 31 20:00:00 2025 GMT
            Not After : Mar 30 20:05:00 2026 GMT
        Subject: CN=174F630A30D35A959D65C940D51E28C45F5AF9C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d8:b2:4e:0e:6d:bd:dc:69:da:84:6a:c2:d7:
                    8c:2e:64:08:a8:c3:57:16:bc:0e:bb:27:98:29:a2:
                    98:92:6f:24:90:75:c3:3a:60:c6:a6:c4:cd:58:d0:
                    e0:a8:3b:81:79:8a:20:6a:4d:15:56:1f:45:65:5d:
                    59:e6:ea:3b:30:ac:e4:bb:5a:00:ed:f3:8e:9d:52:
                    57:9c:b8:b0:8e:61:bc:c1:50:dc:0d:8c:46:50:c5:
                    85:8a:13:ec:03:80:ce:6a:c8:6c:be:be:f4:fd:77:
                    32:41:7c:a3:24:fa:84:3d:e8:7d:34:c6:6d:56:1d:
                    e6:89:86:e6:88:92:34:a4:99:10:c6:ad:bb:c5:db:
                    f2:8b:0b:ea:c0:fd:2a:cc:ea:31:62:87:78:d0:95:
                    da:e7:f4:a8:1c:a6:ba:4e:3b:83:12:92:98:01:1a:
                    fc:c3:ba:be:71:47:c8:a4:00:6e:1e:c6:51:36:f4:
                    ee:1a:b9:bb:6c:2a:e5:57:fd:ad:08:4f:ee:b1:14:
                    69:ba:e2:9d:e8:c1:47:56:fc:e5:54:e1:dd:8c:c4:
                    22:00:be:bf:10:18:37:2b:c5:84:9a:8e:a0:99:36:
                    a5:a3:fc:a8:00:8b:1b:2f:0d:2d:fe:70:81:bb:12:
                    d0:e9:00:f4:d3:35:d2:5c:05:12:1f:1c:45:85:13:
                    4f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:4F:63:0A:30:D3:5A:95:9D:65:C9:40:D5:1E:28:C4:5F:5A:F9:C8
            X509v3 Authority Key Identifier:
                keyid:D4:39:AC:C5:1B:C8:AE:72:94:E3:E6:8A:83:FB:67:E0:34:B9:3F:54

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0328B18C5676A937ACD46D1956506C1A9DD781F270D2992C529B17585C065B59/0/D439ACC51BC8AE7294E3E68A83FB67E034B93F54.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D439ACC51BC8AE7294E3E68A83FB67E034B93F54.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0328B18C5676A937ACD46D1956506C1A9DD781F270D2992C529B17585C065B59/0/3133312e37322e3136382e302f32322d3234203d3e20323639393138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         00:e8:9d:8b:7f:6f:fd:7d:a6:15:4f:71:78:34:fe:6d:7e:7c:
         94:16:27:8a:00:ee:36:52:2e:d0:df:b4:22:df:c3:36:13:99:
         59:ab:0d:13:18:0f:e7:c4:65:cb:93:f8:a5:78:e4:fc:44:51:
         d3:c9:22:3d:e1:2a:35:1f:31:66:ab:c9:30:92:38:91:3f:3a:
         bb:90:51:00:05:1e:a6:15:15:a9:a0:88:77:12:f9:97:b1:4c:
         bd:c1:b5:20:04:ae:56:0d:58:4d:1c:80:0b:b3:df:3a:59:e9:
         21:c6:c7:9d:ed:d5:99:3b:14:fa:87:5f:7f:6c:f1:63:b2:8d:
         08:47:34:6d:aa:f9:51:23:65:66:7c:cb:c0:2d:0f:61:08:91:
         a7:53:a2:0e:dc:8a:22:aa:44:24:dc:94:ef:ce:b5:91:dc:32:
         e5:47:3f:75:64:3a:02:a9:7f:5b:bc:d9:01:25:f4:71:ab:62:
         44:57:ff:d7:66:f2:b9:9e:e0:49:12:79:7f:d2:ff:d7:ba:37:
         e0:0b:5e:b7:c5:77:2d:d3:69:30:f2:28:d3:f5:df:13:c0:72:
         c4:aa:64:f9:f9:7f:ae:b4:57:fe:f3:31:45:0c:dc:64:a5:fd:
         f4:99:e8:a8:ef:f7:8e:4c:2f:ff:76:27:6e:55:ee:2a:70:fd:
         fd:98:f9:92
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUGKEvJDuEOb7Rt0WkyZlWEhJW1SkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDQzOUFDQzUxQkM4QUU3Mjk0RTNFNjhBODNGQjY3RTAz
NEI5M0Y1NDAeFw0yNTAzMzEyMDAwMDBaFw0yNjAzMzAyMDA1MDBaMDMxMTAvBgNV
BAMTKDE3NEY2MzBBMzBEMzVBOTU5RDY1Qzk0MEQ1MUUyOEM0NUY1QUY5QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe2LJODm293GnahGrC14wuZAio
w1cWvA67J5gpopiSbySQdcM6YMamxM1Y0OCoO4F5iiBqTRVWH0VlXVnm6jswrOS7
WgDt846dUlecuLCOYbzBUNwNjEZQxYWKE+wDgM5qyGy+vvT9dzJBfKMk+oQ96H00
xm1WHeaJhuaIkjSkmRDGrbvF2/KLC+rA/SrM6jFih3jQldrn9KgcprpOO4MSkpgB
GvzDur5xR8ikAG4exlE29O4aubtsKuVX/a0IT+6xFGm64p3owUdW/OVU4d2MxCIA
vr8QGDcrxYSajqCZNqWj/KgAixsvDS3+cIG7EtDpAPTTNdJcBRIfHEWFE08lAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUF09jCjDTWpWdZclA1R4oxF9a+cgwHwYDVR0j
BBgwFoAU1DmsxRvIrnKU4+aKg/tn4DS5P1QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMzI4QjE4QzU2NzZBOTM3QUNENDZEMTk1NjUwNkMxQTlE
RDc4MUYyNzBEMjk5MkM1MjlCMTc1ODVDMDY1QjU5LzAvRDQzOUFDQzUxQkM4QUU3
Mjk0RTNFNjhBODNGQjY3RTAzNEI5M0Y1NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENDM5QUNDNTFCQzhBRTcyOTRF
M0U2OEE4M0ZCNjdFMDM0QjkzRjU0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDMyOEIxOEM1Njc2QTkzN0FDRDQ2RDE5NTY1MDZDMUE5REQ3ODFGMjcw
RDI5OTJDNTI5QjE3NTg1QzA2NUI1OS8wLzMxMzMzMTJlMzczMjJlMzEzNjM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM5MzkzMTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCg0io
MA0GCSqGSIb3DQEBCwUAA4IBAQAA6J2Lf2/9faYVT3F4NP5tfnyUFieKAO42Ui7Q
37Qi38M2E5lZqw0TGA/nxGXLk/ileOT8RFHTySI94So1HzFmq8kwkjiRPzq7kFEA
BR6mFRWpoIh3EvmXsUy9wbUgBK5WDVhNHIALs986Wekhxsed7dWZOxT6h19/bPFj
so0IRzRtqvlRI2VmfMvALQ9hCJGnU6IO3IoiqkQk3JTvzrWR3DLlRz91ZDoCqX9b
vNkBJfRxq2JEV//XZvK5nuBJEnl/0v/XujfgC163xXct02kw8ijT9d8TwHLEqmT5
+X+utFf+8zFFDNxkpf30meio7/eOTC//diduVe4qcP39mPmS
-----END CERTIFICATE-----