Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/145671AB572DC81AD198E25C92A3ED28BA545389B6D8E0875056BE0836AF0C33/0/3137302e3233392e3138382e302f32372d3237203d3e203237.roa
File:                     3137302e3233392e3138382e302f32372d3237203d3e203237.roa (raw, json)
Hash identifier:          jVF0EkPAvqKVvC9uBx3RVFgH8PklhkrYzWWem1xbYWg=
Subject key identifier:   2B:B3:BA:F6:50:8D:C0:D1:D7:32:D8:C9:B8:96:3D:05:8C:96:3E:B1
Certificate issuer:       /CN=6636DCC9897FE63452A0D96A7789AB31AEECB2FC
Certificate serial:       786754BEAF1915A867AB856FC62E595CA6EDA526
Authority key identifier: 66:36:DC:C9:89:7F:E6:34:52:A0:D9:6A:77:89:AB:31:AE:EC:B2:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6636DCC9897FE63452A0D96A7789AB31AEECB2FC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/145671AB572DC81AD198E25C92A3ED28BA545389B6D8E0875056BE0836AF0C33/0/3137302e3233392e3138382e302f32372d3237203d3e203237.roa
Signing time:             Tue 05 Mar 2024 18:02:24 +0000
ROA not before:           Tue 05 Mar 2024 17:57:24 +0000
ROA not after:            Tue 04 Mar 2025 18:02:24 +0000
asID:                     27
IP address blocks:        170.239.188.0/27 maxlen: 27

Validation:               Failed, certificate revoked on Mon 16 Sep 2024 21:20:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:67:54:be:af:19:15:a8:67:ab:85:6f:c6:2e:59:5c:a6:ed:a5:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6636DCC9897FE63452A0D96A7789AB31AEECB2FC
        Validity
            Not Before: Mar  5 17:57:24 2024 GMT
            Not After : Mar  4 18:02:24 2025 GMT
        Subject: CN=2BB3BAF6508DC0D1D732D8C9B8963D058C963EB1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:cc:e3:d3:c9:d5:52:1b:54:e0:83:e7:e0:ec:
                    af:df:16:5f:a9:f3:11:4f:6c:83:a0:97:f2:1a:ec:
                    9d:7e:e3:9a:c3:c4:33:00:42:20:1a:69:76:01:31:
                    fe:9b:2c:e5:67:6a:40:8a:bb:80:44:87:11:4f:10:
                    3d:62:e2:26:14:20:1d:df:85:f1:f1:c6:30:e9:97:
                    0d:2f:12:92:53:27:c7:16:86:e0:d1:d7:7e:0b:10:
                    36:a1:a3:86:95:d6:2a:b9:1c:b8:74:31:c8:c4:c9:
                    c7:31:97:c1:cf:10:83:b9:05:f7:0c:fc:af:9c:99:
                    d1:be:d6:97:72:83:bc:ce:ce:9a:18:b9:97:55:ef:
                    96:b7:b4:79:26:ca:0f:d3:7c:6b:97:f9:3b:0f:49:
                    3e:8b:a2:61:c3:48:71:49:fe:e5:28:f0:8b:43:13:
                    38:bc:f6:33:0a:ad:91:04:48:c1:f6:67:7d:e7:62:
                    77:ad:6a:49:30:03:22:89:47:50:3b:fd:5e:a9:ab:
                    e8:50:04:f2:cb:64:2b:61:04:d7:12:9d:37:40:4c:
                    d4:b8:39:b2:7e:cb:21:89:a6:3c:d5:7d:8d:7f:a8:
                    ee:84:31:b6:4e:aa:0e:b9:56:1f:25:55:64:8f:2b:
                    67:0a:82:e6:a7:45:2c:76:cf:6d:51:d1:2b:08:98:
                    d8:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:B3:BA:F6:50:8D:C0:D1:D7:32:D8:C9:B8:96:3D:05:8C:96:3E:B1
            X509v3 Authority Key Identifier:
                keyid:66:36:DC:C9:89:7F:E6:34:52:A0:D9:6A:77:89:AB:31:AE:EC:B2:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/145671AB572DC81AD198E25C92A3ED28BA545389B6D8E0875056BE0836AF0C33/0/6636DCC9897FE63452A0D96A7789AB31AEECB2FC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6636DCC9897FE63452A0D96A7789AB31AEECB2FC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/145671AB572DC81AD198E25C92A3ED28BA545389B6D8E0875056BE0836AF0C33/0/3137302e3233392e3138382e302f32372d3237203d3e203237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.239.188.0/27

    Signature Algorithm: sha256WithRSAEncryption
         0a:98:b9:36:6d:92:24:98:15:13:84:9b:d7:ef:ab:84:80:89:
         34:c6:c0:e0:cf:c0:a3:1d:a0:1a:a6:44:03:8d:87:5e:e7:fd:
         d6:33:37:cd:07:8d:c4:1f:33:f5:4b:67:4a:8a:d7:ac:d6:88:
         80:a2:59:ea:9a:d1:72:33:45:92:b6:f5:0d:c2:1e:ec:b9:d9:
         66:90:a0:6c:28:14:ad:b1:74:54:eb:ef:92:6e:5e:39:68:ba:
         5c:2b:37:bb:ae:55:0c:37:31:0b:40:37:6b:3a:0c:34:f1:dc:
         bf:af:e6:f8:ea:e1:e8:9c:8e:cf:16:03:0e:50:b6:b0:0b:08:
         b7:54:8c:9f:2f:c2:19:1e:4b:52:40:9f:37:27:0d:64:ec:35:
         1f:c3:17:75:ee:9b:45:ca:54:ba:1d:d1:b1:f4:93:9d:9b:9d:
         78:66:7e:13:be:1d:a3:73:15:ee:92:9b:1f:28:b8:50:dc:26:
         79:1c:3f:3b:3b:8b:2b:21:57:b9:18:23:54:ad:80:b2:ff:3a:
         0d:27:6b:60:24:d8:b8:01:89:d5:6c:20:40:b9:b1:91:d9:df:
         7d:59:cf:ce:ec:80:31:52:91:c0:ff:6a:fe:24:e4:1f:c9:91:
         f7:74:12:c3:ff:cc:09:95:d3:79:ac:86:73:49:b5:41:05:85:
         44:3a:27:f9
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUeGdUvq8ZFahnq4Vvxi5ZXKbtpSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYzNkRDQzk4OTdGRTYzNDUyQTBEOTZBNzc4OUFCMzFB
RUVDQjJGQzAeFw0yNDAzMDUxNzU3MjRaFw0yNTAzMDQxODAyMjRaMDMxMTAvBgNV
BAMTKDJCQjNCQUY2NTA4REMwRDFENzMyRDhDOUI4OTYzRDA1OEM5NjNFQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5zOPTydVSG1Tgg+fg7K/fFl+p
8xFPbIOgl/Ia7J1+45rDxDMAQiAaaXYBMf6bLOVnakCKu4BEhxFPED1i4iYUIB3f
hfHxxjDplw0vEpJTJ8cWhuDR134LEDaho4aV1iq5HLh0McjEyccxl8HPEIO5BfcM
/K+cmdG+1pdyg7zOzpoYuZdV75a3tHkmyg/TfGuX+TsPST6LomHDSHFJ/uUo8ItD
Ezi89jMKrZEESMH2Z33nYnetakkwAyKJR1A7/V6pq+hQBPLLZCthBNcSnTdATNS4
ObJ+yyGJpjzVfY1/qO6EMbZOqg65Vh8lVWSPK2cKguanRSx2z21R0SsImNhbAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUK7O69lCNwNHXMtjJuJY9BYyWPrEwHwYDVR0j
BBgwFoAUZjbcyYl/5jRSoNlqd4mrMa7ssvwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNDU2NzFBQjU3MkRDODFBRDE5OEUyNUM5MkEzRUQyOEJB
NTQ1Mzg5QjZEOEUwODc1MDU2QkUwODM2QUYwQzMzLzAvNjYzNkRDQzk4OTdGRTYz
NDUyQTBEOTZBNzc4OUFCMzFBRUVDQjJGQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NjM2RENDOTg5N0ZFNjM0NTJB
MEQ5NkE3Nzg5QUIzMUFFRUNCMkZDLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTQ1NjcxQUI1NzJEQzgxQUQxOThFMjVDOTJBM0VEMjhCQTU0NTM4OUI2
RDhFMDg3NTA1NkJFMDgzNkFGMEMzMy8wLzMxMzczMDJlMzIzMzM5MmUzMTM4Mzgy
ZTMwMmYzMjM3MmQzMjM3MjAzZDNlMjAzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUFqu+8ADANBgkq
hkiG9w0BAQsFAAOCAQEACpi5Nm2SJJgVE4Sb1++rhICJNMbA4M/Aox2gGqZEA42H
Xuf91jM3zQeNxB8z9UtnSorXrNaIgKJZ6prRcjNFkrb1DcIe7LnZZpCgbCgUrbF0
VOvvkm5eOWi6XCs3u65VDDcxC0A3azoMNPHcv6/m+Orh6JyOzxYDDlC2sAsIt1SM
ny/CGR5LUkCfNycNZOw1H8MXde6bRcpUuh3RsfSTnZudeGZ+E74do3MV7pKbHyi4
UNwmeRw/OzuLKyFXuRgjVK2Asv86DSdrYCTYuAGJ1WwgQLmxkdnffVnPzuyAMVKR
wP9q/iTkH8mR93QSw//MCZXTeayGc0m1QQWFRDon+Q==
-----END CERTIFICATE-----