Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/8ef6707a0ebc01fee3408cad2819969de16b0f13.roa
File:                     8ef6707a0ebc01fee3408cad2819969de16b0f13.roa (raw, json)
Hash identifier:          xAj+00WbovzlwOLir3NR9OPvHWrQMT3dLfKQjkk5x9g=
Subject key identifier:   BC:9C:65:F2:E1:7F:A9:43:E5:6B:AB:A7:56:0C:B1:B8:6E:E7:83:DF
Certificate issuer:       /CN=8a34b88edc7711ba98c357c0cd7c26b4d31bbe13
Certificate serial:       2781C9
Authority key identifier: AC:7D:06:CC:8D:9C:83:2B:CF:18:0B:CB:6C:01:5E:C2:4A:6D:A7:8F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/8ef6707a0ebc01fee3408cad2819969de16b0f13.roa
Signing time:             Sun 31 Dec 2023 19:59:37 +0000
ROA not before:           Sun 31 Dec 2023 19:59:37 +0000
ROA not after:            Wed 31 Dec 2025 19:59:37 +0000
asID:                     49581
IP address blocks:        192.188.59.0/24 maxlen: 24
                          200.9.176.0/24 maxlen: 24
                          200.10.147.0/24 maxlen: 24
                          200.10.148.0/22 maxlen: 24
                          200.126.0.0/19 maxlen: 24
                          2801:0:20::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2589129 (0x2781c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a34b88edc7711ba98c357c0cd7c26b4d31bbe13
        Validity
            Not Before: Dec 31 19:59:37 2023 GMT
            Not After : Dec 31 19:59:37 2025 GMT
        Subject: CN=8ef6707a0ebc01fee3408cad2819969de16b0f13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a4:8d:f2:de:e7:73:f2:ff:ad:f5:4e:bc:b1:
                    68:93:2e:3c:8b:a7:fc:15:52:e7:e3:c7:2e:78:61:
                    d0:95:cc:f5:38:12:42:6f:dc:22:be:99:24:f8:31:
                    d2:35:58:3e:eb:75:a3:91:c8:bb:5c:d3:7c:95:1b:
                    17:b1:be:9e:c2:4a:96:b1:99:47:9c:2d:79:79:b3:
                    21:2c:81:14:2d:19:a0:8b:ac:83:44:85:b5:5b:11:
                    27:35:fa:32:0b:e3:df:3b:21:6d:16:56:cf:a3:4a:
                    88:19:d1:b2:13:2c:72:64:2c:d6:7f:48:89:31:f3:
                    c3:72:4e:27:55:d2:e1:84:26:22:cd:8f:6f:23:f8:
                    cc:91:f3:bc:02:2e:41:57:e5:b9:df:e0:74:b2:5e:
                    48:0d:51:b5:7b:b5:2a:58:35:0f:c5:1e:3d:7a:6b:
                    b0:50:2b:36:31:bb:e3:a7:63:d1:04:eb:3f:df:cb:
                    82:5f:49:40:db:d5:b1:59:75:c3:f9:5c:11:09:ad:
                    70:3a:a5:7a:d7:14:44:79:9d:bd:e7:81:ad:fe:cc:
                    fd:dc:73:80:f8:61:d1:ab:c2:bf:02:3d:51:dd:fc:
                    cb:11:8b:f4:7e:b0:c4:62:e0:59:cc:72:25:5b:e4:
                    87:12:6b:c8:ea:7c:4e:11:e2:bc:49:3d:9d:4a:0c:
                    0a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:9C:65:F2:E1:7F:A9:43:E5:6B:AB:A7:56:0C:B1:B8:6E:E7:83:DF
            X509v3 Authority Key Identifier:
                keyid:AC:7D:06:CC:8D:9C:83:2B:CF:18:0B:CB:6C:01:5E:C2:4A:6D:A7:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/8ef6707a0ebc01fee3408cad2819969de16b0f13.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.188.59.0/24
                  200.9.176.0/24
                  200.10.147.0-200.10.151.255
                  200.126.0.0/19
                IPv6:
                  2801:0:20::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:e9:14:c3:bb:dc:13:a0:90:cb:2b:c2:cc:21:66:48:21:60:
         b2:9b:60:64:25:1b:64:35:d1:d7:d4:68:cb:9c:a6:9b:8e:cc:
         4a:bc:49:0b:57:91:c7:1d:ab:36:80:ba:b1:85:f7:40:2e:2d:
         ba:3e:bd:b4:d3:a4:a3:22:86:c4:a2:6b:b0:01:bb:3e:b0:29:
         f5:66:20:91:b8:9c:a2:2a:c3:96:8c:2d:0f:e8:e6:4d:04:6a:
         46:82:2d:36:ce:0d:34:63:ec:bd:fa:fa:af:0d:51:e5:e0:49:
         44:27:b4:17:2d:e4:40:7c:b1:5d:70:39:62:d3:b4:af:59:d6:
         db:a9:34:94:f1:2b:75:6a:df:d2:70:9a:eb:a7:f3:36:db:8c:
         1f:ca:e4:52:32:4f:6d:d6:91:a9:f7:5a:73:e5:47:c5:55:01:
         75:9f:1d:05:9f:68:f5:35:3b:b9:9e:e6:89:b0:4f:73:bf:2b:
         40:b9:9f:38:53:f8:40:42:b8:ca:95:8e:a0:04:d4:a5:3a:bb:
         96:13:74:67:0c:db:e7:0a:2f:13:92:fe:8c:88:a8:2e:61:26:
         b0:d0:30:14:d9:bc:b9:b9:c5:4c:a2:d5:37:73:90:d7:38:f6:
         e1:32:ad:65:aa:d2:6d:5c:c6:20:aa:c0:0d:0a:af:6c:5a:5c:
         51:70:06:5b
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIDJ4HJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhh
MzRiODhlZGM3NzExYmE5OGMzNTdjMGNkN2MyNmI0ZDMxYmJlMTMwHhcNMjMxMjMx
MTk1OTM3WhcNMjUxMjMxMTk1OTM3WjAzMTEwLwYDVQQDEyg4ZWY2NzA3YTBlYmMw
MWZlZTM0MDhjYWQyODE5OTY5ZGUxNmIwZjEzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhqSN8t7nc/L/rfVOvLFoky48i6f8FVLn48cueGHQlcz1OBJC
b9wivpkk+DHSNVg+63Wjkci7XNN8lRsXsb6ewkqWsZlHnC15ebMhLIEULRmgi6yD
RIW1WxEnNfoyC+PfOyFtFlbPo0qIGdGyEyxyZCzWf0iJMfPDck4nVdLhhCYizY9v
I/jMkfO8Ai5BV+W53+B0sl5IDVG1e7UqWDUPxR49emuwUCs2Mbvjp2PRBOs/38uC
X0lA29WxWXXD+VwRCa1wOqV61xREeZ2954Gt/sz93HOA+GHRq8K/Aj1R3fzLEYv0
frDEYuBZzHIlW+SHEmvI6nxOEeK8ST2dSgwKFQIDAQABo4IChjCCAoIwHQYDVR0O
BBYEFLycZfLhf6lD5Wurp1YMsbhu54PfMB8GA1UdIwQYMBaAFKx9BsyNnIMrzxgL
y2wBXsJKbaePMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGEzNGI4
OGVkYzc3MTFiYTk4YzM1N2MwY2Q3YzI2YjRkMzFiYmUxMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDlhOWI2ODUtMzk3ZC00ZDRmLTg3MzQtNmU4ZmI5
NjUxZjIxLzhlZjY3MDdhMGViYzAxZmVlMzQwOGNhZDI4MTk5NjlkZTE2YjBmMTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wOWE5YjY4NS0zOTdkLTRkNGYtODczNC02ZThm
Yjk2NTFmMjEvOGEzNGI4OGVkYzc3MTFiYTk4YzM1N2MwY2Q3YzI2YjRkMzFiYmUx
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBKBggrBgEFBQcBBwEB/wQ7
MDkwJgQCAAEwIAMEAMC8OwMEAMgJsDAMAwQAyAqTAwQDyAqQAwQFyH4AMA8EAgAC
MAkDBwAoAQAAACAwDQYJKoZIhvcNAQELBQADggEBAHXpFMO73BOgkMsrwswhZkgh
YLKbYGQlG2Q10dfUaMucppuOzEq8SQtXkccdqzaAurGF90AuLbo+vbTTpKMihsSi
a7ABuz6wKfVmIJG4nKIqw5aMLQ/o5k0EakaCLTbODTRj7L36+q8NUeXgSUQntBct
5EB8sV1wOWLTtK9Z1tupNJTxK3Vq39Jwmuun8zbbjB/K5FIyT23Wkan3WnPlR8VV
AXWfHQWfaPU1O7me5omwT3O/K0C5nzhT+EBCuMqVjqAE1KU6u5YTdGcM2+cKLxOS
/oyIqC5hJrDQMBTZvLm5xUyi1TdzkNc49uEyrWWq0m1cxiCqwA0Kr2xaXFFwBls=
-----END CERTIFICATE-----