Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1A24B429103563BD0B7D27A24793785DD8D1833B0B4B0AE40B8A5F8C161E947E/0/3230302e35392e3137382e302f32342d3234203d3e203237393934.roa
File:                     3230302e35392e3137382e302f32342d3234203d3e203237393934.roa (raw, json)
Hash identifier:          3bb3XFPrZOXh5hsCpyTZ82pDdOseWfigFQ2Kw93CfVw=
Subject key identifier:   0F:61:BF:EF:A0:6D:94:06:C1:85:7D:7C:02:A0:E7:2F:62:B7:C1:EF
Certificate issuer:       /CN=9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184
Certificate serial:       09A87874F79D13091242A52D3834F8D54D28D397
Authority key identifier: 9A:4A:C2:0F:38:CC:B7:E3:E5:E9:C8:3E:55:40:D3:D1:7F:CC:01:84
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1A24B429103563BD0B7D27A24793785DD8D1833B0B4B0AE40B8A5F8C161E947E/0/3230302e35392e3137382e302f32342d3234203d3e203237393934.roa
Signing time:             Tue 05 Mar 2024 17:52:48 +0000
ROA not before:           Tue 05 Mar 2024 17:47:48 +0000
ROA not after:            Tue 04 Mar 2025 17:52:48 +0000
asID:                     27994
IP address blocks:        200.59.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Sep 2024 13:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:a8:78:74:f7:9d:13:09:12:42:a5:2d:38:34:f8:d5:4d:28:d3:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184
        Validity
            Not Before: Mar  5 17:47:48 2024 GMT
            Not After : Mar  4 17:52:48 2025 GMT
        Subject: CN=0F61BFEFA06D9406C1857D7C02A0E72F62B7C1EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e2:e3:02:f8:fe:f2:ea:4a:f4:89:2b:63:6f:
                    b9:e1:40:83:cb:ba:04:ab:69:54:b2:69:be:d4:be:
                    93:8e:31:31:7e:7b:90:46:b5:93:eb:e8:7b:a0:21:
                    f5:e7:77:0f:34:9b:57:16:46:dc:06:63:9e:a4:9b:
                    34:21:51:78:ff:03:65:f9:58:c8:21:93:bd:6d:17:
                    60:60:5a:98:b1:c7:ac:24:a2:78:25:40:d0:aa:a2:
                    ee:21:cc:ac:93:0a:2d:fa:be:0b:f7:6f:be:e1:fb:
                    d5:22:75:94:d5:ee:64:7f:da:24:ed:99:be:6a:a3:
                    35:e5:c1:fc:c6:d6:14:29:ac:a3:a8:f2:0d:d6:f8:
                    43:cc:51:eb:17:6d:5d:cd:cc:a0:24:53:f7:d9:5e:
                    a2:bd:a4:fd:9a:06:30:8d:0f:2d:3e:8d:ab:b5:db:
                    1c:99:06:25:c5:ab:de:58:7d:33:ce:90:12:ad:fc:
                    2c:4c:ce:34:4c:43:18:54:ba:7c:c2:50:27:58:c2:
                    4c:95:a2:cd:41:e2:5f:9c:bb:cd:0e:e1:b9:7a:58:
                    04:50:32:85:10:d1:86:6f:7b:14:e5:c3:3f:5c:a1:
                    86:c2:c9:d1:11:5b:d8:1f:5c:9b:66:67:1e:2e:64:
                    c8:13:17:5d:fc:b9:9c:93:e5:29:83:b4:59:d8:8a:
                    a3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:61:BF:EF:A0:6D:94:06:C1:85:7D:7C:02:A0:E7:2F:62:B7:C1:EF
            X509v3 Authority Key Identifier:
                keyid:9A:4A:C2:0F:38:CC:B7:E3:E5:E9:C8:3E:55:40:D3:D1:7F:CC:01:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1A24B429103563BD0B7D27A24793785DD8D1833B0B4B0AE40B8A5F8C161E947E/0/9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1A24B429103563BD0B7D27A24793785DD8D1833B0B4B0AE40B8A5F8C161E947E/0/3230302e35392e3137382e302f32342d3234203d3e203237393934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:fa:80:f1:f7:41:02:50:9a:1e:f4:cf:04:5a:96:56:e7:75:
         9a:ff:82:ab:73:b4:3f:03:92:66:61:11:38:52:0f:a5:59:48:
         06:f8:fa:18:bf:4a:13:d0:6a:17:b1:d2:7b:c1:31:34:81:8c:
         47:b5:87:a8:71:de:81:be:09:c2:5f:87:ba:48:cf:0b:53:19:
         00:3a:3a:25:ed:24:4e:3d:cc:e2:07:c3:54:2d:5b:a1:32:61:
         12:cf:e5:5d:0d:a4:48:08:69:52:88:c2:6f:ec:95:29:38:b9:
         42:10:cd:f1:53:40:5e:b9:22:d3:a5:41:13:66:c6:78:c8:10:
         10:c5:91:4e:db:65:e3:47:79:02:5d:20:3b:ba:c6:0c:16:e4:
         08:cd:b8:96:37:f1:7f:68:97:45:a8:c8:39:0f:e9:16:96:f0:
         d2:04:47:30:fc:33:88:52:98:6a:8f:6e:02:9d:6b:40:86:46:
         30:7a:17:ba:17:eb:34:88:3c:9b:cd:15:cd:e8:00:30:c4:db:
         a2:dd:03:d1:fe:f8:76:80:6e:f1:b6:cb:32:dc:d4:68:d5:c1:
         e4:5f:e8:6f:6b:8e:ed:69:ce:c3:8b:91:34:58:3d:35:e6:6f:
         c5:77:b3:e2:be:a2:2d:8a:4f:a3:be:2e:9e:83:d9:6e:66:55:
         0f:cd:69:46
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUCah4dPedEwkSQqUtODT41U0o05cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUE0QUMyMEYzOENDQjdFM0U1RTlDODNFNTU0MEQzRDE3
RkNDMDE4NDAeFw0yNDAzMDUxNzQ3NDhaFw0yNTAzMDQxNzUyNDhaMDMxMTAvBgNV
BAMTKDBGNjFCRkVGQTA2RDk0MDZDMTg1N0Q3QzAyQTBFNzJGNjJCN0MxRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl4uMC+P7y6kr0iStjb7nhQIPL
ugSraVSyab7UvpOOMTF+e5BGtZPr6HugIfXndw80m1cWRtwGY56kmzQhUXj/A2X5
WMghk71tF2BgWpixx6wkonglQNCqou4hzKyTCi36vgv3b77h+9UidZTV7mR/2iTt
mb5qozXlwfzG1hQprKOo8g3W+EPMUesXbV3NzKAkU/fZXqK9pP2aBjCNDy0+jau1
2xyZBiXFq95YfTPOkBKt/CxMzjRMQxhUunzCUCdYwkyVos1B4l+cu80O4bl6WARQ
MoUQ0YZvexTlwz9coYbCydERW9gfXJtmZx4uZMgTF138uZyT5SmDtFnYiqNPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUD2G/76BtlAbBhX18AqDnL2K3we8wHwYDVR0j
BBgwFoAUmkrCDzjMt+Pl6cg+VUDT0X/MAYQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQTI0QjQyOTEwMzU2M0JEMEI3RDI3QTI0NzkzNzg1REQ4
RDE4MzNCMEI0QjBBRTQwQjhBNUY4QzE2MUU5NDdFLzAvOUE0QUMyMEYzOENDQjdF
M0U1RTlDODNFNTU0MEQzRDE3RkNDMDE4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QTRBQzIwRjM4Q0NCN0UzRTVF
OUM4M0U1NTQwRDNEMTdGQ0MwMTg0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUEyNEI0MjkxMDM1NjNCRDBCN0QyN0EyNDc5Mzc4NUREOEQxODMzQjBC
NEIwQUU0MEI4QTVGOEMxNjFFOTQ3RS8wLzMyMzAzMDJlMzUzOTJlMzEzNzM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM5MzkzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg7sjAN
BgkqhkiG9w0BAQsFAAOCAQEAJPqA8fdBAlCaHvTPBFqWVud1mv+Cq3O0PwOSZmER
OFIPpVlIBvj6GL9KE9BqF7HSe8ExNIGMR7WHqHHegb4Jwl+HukjPC1MZADo6Je0k
Tj3M4gfDVC1boTJhEs/lXQ2kSAhpUojCb+yVKTi5QhDN8VNAXrki06VBE2bGeMgQ
EMWRTttl40d5Al0gO7rGDBbkCM24ljfxf2iXRajIOQ/pFpbw0gRHMPwziFKYao9u
Ap1rQIZGMHoXuhfrNIg8m80VzegAMMTbot0D0f74doBu8bbLMtzUaNXB5F/ob2uO
7WnOw4uRNFg9NeZvxXez4r6iLYpPo74unoPZbmZVD81pRg==
-----END CERTIFICATE-----
Generated at Mon Sep 9 15:05:12 2024 by rpki-client on console-ams.rpki-client.org