Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0C636A1E47A2EA41D574CCAC3AF4962C1CC62538C4C56D9DB43DC13125DBD7B6/0/34352e3232392e3136382e302f32322d3232203d3e20323636363934.roa
File:                     34352e3232392e3136382e302f32322d3232203d3e20323636363934.roa (raw, json)
Hash identifier:          ATHyl2trxnM9nrxlpwX7Q6+wQ4JNsxw8ZiaUGhsawIg=
Subject key identifier:   0D:1A:C2:27:93:8E:3E:C9:91:19:27:88:C5:67:28:33:9F:A1:A1:70
Certificate issuer:       /CN=F16271A6D5A5968361D977B117B0281F2D2B08AE
Certificate serial:       2D3C0B0C9E1DEB1152C8AE1D1AB0EFD76FA2C8D7
Authority key identifier: F1:62:71:A6:D5:A5:96:83:61:D9:77:B1:17:B0:28:1F:2D:2B:08:AE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F16271A6D5A5968361D977B117B0281F2D2B08AE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0C636A1E47A2EA41D574CCAC3AF4962C1CC62538C4C56D9DB43DC13125DBD7B6/0/34352e3232392e3136382e302f32322d3232203d3e20323636363934.roa
Signing time:             Tue 05 Mar 2024 18:06:59 +0000
ROA not before:           Tue 05 Mar 2024 18:01:59 +0000
ROA not after:            Tue 04 Mar 2025 18:06:59 +0000
asID:                     266694
IP address blocks:        45.229.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 28 May 2024 17:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:3c:0b:0c:9e:1d:eb:11:52:c8:ae:1d:1a:b0:ef:d7:6f:a2:c8:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F16271A6D5A5968361D977B117B0281F2D2B08AE
        Validity
            Not Before: Mar  5 18:01:59 2024 GMT
            Not After : Mar  4 18:06:59 2025 GMT
        Subject: CN=0D1AC227938E3EC991192788C56728339FA1A170
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f2:f4:70:a5:04:d2:1d:cf:67:4d:b6:c7:21:
                    e7:bf:5c:0d:9f:1e:6c:f4:b8:f8:2e:ca:c0:a4:d8:
                    56:e6:21:af:5b:90:48:41:2d:35:f3:1e:34:4a:12:
                    e7:d6:43:81:f1:17:de:9a:0a:5e:42:f0:c4:aa:36:
                    9a:2d:79:24:ee:c5:b3:88:ba:83:8d:9f:c7:17:5a:
                    d5:2b:8a:c6:e8:ad:7f:0e:31:d5:c5:f0:0f:29:23:
                    28:fa:67:8c:b8:58:37:0f:d0:18:c7:b9:2e:5f:f0:
                    da:2f:98:41:ab:06:2e:af:66:d2:3a:57:4a:e7:6b:
                    ea:86:d5:3c:b4:4b:97:33:7a:8f:fa:2b:a8:bc:0a:
                    52:4a:db:a5:fb:0f:07:60:dd:48:52:85:8e:b0:eb:
                    9e:89:85:17:7e:b7:4b:02:2e:55:5d:18:78:05:c0:
                    4e:79:ba:3f:cc:db:09:ae:36:9f:59:5b:e5:1d:fc:
                    62:98:40:81:59:89:83:d5:89:ba:b0:df:19:d4:96:
                    2e:02:f4:7a:cd:32:f7:20:f9:25:b4:83:91:9b:39:
                    15:54:e0:4b:2b:f6:5c:11:b2:34:a7:37:be:51:1e:
                    7c:e3:76:37:bb:20:d2:46:47:c5:1c:0c:f5:2f:6e:
                    f6:5d:86:15:a1:bd:ef:b5:f9:6f:57:51:e9:d2:c3:
                    80:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:1A:C2:27:93:8E:3E:C9:91:19:27:88:C5:67:28:33:9F:A1:A1:70
            X509v3 Authority Key Identifier:
                keyid:F1:62:71:A6:D5:A5:96:83:61:D9:77:B1:17:B0:28:1F:2D:2B:08:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0C636A1E47A2EA41D574CCAC3AF4962C1CC62538C4C56D9DB43DC13125DBD7B6/0/F16271A6D5A5968361D977B117B0281F2D2B08AE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F16271A6D5A5968361D977B117B0281F2D2B08AE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0C636A1E47A2EA41D574CCAC3AF4962C1CC62538C4C56D9DB43DC13125DBD7B6/0/34352e3232392e3136382e302f32322d3232203d3e20323636363934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.229.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:29:80:bd:48:47:6f:cc:12:61:a4:c3:9e:21:73:65:a6:0f:
         b4:e7:3e:44:eb:79:22:bf:6a:90:56:99:78:1d:f4:c2:38:1c:
         b9:35:25:6d:dc:f6:62:b9:7a:d2:2a:4e:97:06:fa:f5:8b:5b:
         bb:e2:ca:21:29:7a:a0:e9:8d:44:ab:b2:3a:ca:ae:94:b1:35:
         4a:2a:5c:7a:2e:a4:c3:e0:6b:0d:22:dc:de:06:0c:b5:0a:45:
         e4:75:d2:7c:1f:8e:23:91:87:d0:49:87:d5:03:73:0d:12:28:
         a8:d9:f4:f5:78:50:05:cc:10:8f:2f:5c:eb:c7:07:42:a6:5e:
         19:79:33:b3:be:3e:6c:ce:48:76:d2:6c:22:fa:19:4a:6f:30:
         92:65:87:56:21:55:d6:ee:b8:23:2a:5f:5f:5c:98:22:dd:af:
         b9:d8:66:c7:a4:9f:5d:57:3b:53:4f:97:0b:86:ec:6b:8a:9a:
         b6:98:7a:6d:da:de:6c:40:c0:a6:0c:c6:70:3c:9c:3d:dd:d0:
         6f:74:d0:5e:d8:05:99:b6:7a:14:8f:13:c8:50:5e:b0:c5:01:
         02:3d:21:33:28:ba:b3:27:39:21:31:89:0d:08:e8:ec:a7:b7:
         03:99:a7:87:f9:98:e4:2e:b2:67:52:5f:1b:28:ac:bc:f0:d9:
         e0:22:36:17
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIULTwLDJ4d6xFSyK4dGrDv12+iyNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjE2MjcxQTZENUE1OTY4MzYxRDk3N0IxMTdCMDI4MUYy
RDJCMDhBRTAeFw0yNDAzMDUxODAxNTlaFw0yNTAzMDQxODA2NTlaMDMxMTAvBgNV
BAMTKDBEMUFDMjI3OTM4RTNFQzk5MTE5Mjc4OEM1NjcyODMzOUZBMUExNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM8vRwpQTSHc9nTbbHIee/XA2f
Hmz0uPguysCk2FbmIa9bkEhBLTXzHjRKEufWQ4HxF96aCl5C8MSqNpoteSTuxbOI
uoONn8cXWtUrisborX8OMdXF8A8pIyj6Z4y4WDcP0BjHuS5f8NovmEGrBi6vZtI6
V0rna+qG1Ty0S5czeo/6K6i8ClJK26X7Dwdg3UhShY6w656JhRd+t0sCLlVdGHgF
wE55uj/M2wmuNp9ZW+Ud/GKYQIFZiYPVibqw3xnUli4C9HrNMvcg+SW0g5GbORVU
4Esr9lwRsjSnN75RHnzjdje7INJGR8UcDPUvbvZdhhWhve+1+W9XUenSw4D1AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUDRrCJ5OOPsmRGSeIxWcoM5+hoXAwHwYDVR0j
BBgwFoAU8WJxptWlloNh2XexF7AoHy0rCK4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQzYzNkExRTQ3QTJFQTQxRDU3NENDQUMzQUY0OTYyQzFD
QzYyNTM4QzRDNTZEOURCNDNEQzEzMTI1REJEN0I2LzAvRjE2MjcxQTZENUE1OTY4
MzYxRDk3N0IxMTdCMDI4MUYyRDJCMDhBRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMTYyNzFBNkQ1QTU5NjgzNjFE
OTc3QjExN0IwMjgxRjJEMkIwOEFFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEM2MzZBMUU0N0EyRUE0MUQ1NzRDQ0FDM0FGNDk2MkMxQ0M2MjUzOEM0
QzU2RDlEQjQzREMxMzEyNURCRDdCNi8wLzM0MzUyZTMyMzIzOTJlMzEzNjM4MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM2MzYzOTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLeWo
MA0GCSqGSIb3DQEBCwUAA4IBAQBNKYC9SEdvzBJhpMOeIXNlpg+05z5E63kiv2qQ
Vpl4HfTCOBy5NSVt3PZiuXrSKk6XBvr1i1u74sohKXqg6Y1Eq7I6yq6UsTVKKlx6
LqTD4GsNItzeBgy1CkXkddJ8H44jkYfQSYfVA3MNEiio2fT1eFAFzBCPL1zrxwdC
pl4ZeTOzvj5szkh20mwi+hlKbzCSZYdWIVXW7rgjKl9fXJgi3a+52GbHpJ9dVztT
T5cLhuxripq2mHpt2t5sQMCmDMZwPJw93dBvdNBe2AWZtnoUjxPIUF6wxQECPSEz
KLqzJzkhMYkNCOjsp7cDmaeH+ZjkLrJnUl8bKKy88NngIjYX
-----END CERTIFICATE-----