Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1A24B429103563BD0B7D27A24793785DD8D1833B0B4B0AE40B8A5F8C161E947E/0/3230302e35392e3137392e302f32342d3234203d3e203237393934.roa
File:                     3230302e35392e3137392e302f32342d3234203d3e203237393934.roa (raw, json)
Hash identifier:          0NYfRS00fbinMmG1T8A5I9W6psjgmFDUGJ9ePEomoSY=
Subject key identifier:   26:19:5A:A5:CB:49:10:C5:8B:EB:CA:AA:C2:0F:DB:E5:05:06:9B:AC
Certificate issuer:       /CN=9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184
Certificate serial:       3D110F198B77532E91240161AAACA1D94609FD75
Authority key identifier: 9A:4A:C2:0F:38:CC:B7:E3:E5:E9:C8:3E:55:40:D3:D1:7F:CC:01:84
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1A24B429103563BD0B7D27A24793785DD8D1833B0B4B0AE40B8A5F8C161E947E/0/3230302e35392e3137392e302f32342d3234203d3e203237393934.roa
Signing time:             Tue 05 Mar 2024 17:52:48 +0000
ROA not before:           Tue 05 Mar 2024 17:47:48 +0000
ROA not after:            Tue 04 Mar 2025 17:52:48 +0000
asID:                     27994
IP address blocks:        200.59.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Sep 2024 13:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:11:0f:19:8b:77:53:2e:91:24:01:61:aa:ac:a1:d9:46:09:fd:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184
        Validity
            Not Before: Mar  5 17:47:48 2024 GMT
            Not After : Mar  4 17:52:48 2025 GMT
        Subject: CN=26195AA5CB4910C58BEBCAAAC20FDBE505069BAC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ff:f6:da:1e:be:19:57:74:29:01:44:32:82:
                    48:ae:3c:73:b8:b8:a0:e7:c3:8e:8d:99:70:e4:43:
                    35:18:f3:bb:71:5d:7a:8a:b6:67:ba:07:02:5e:dd:
                    ed:cb:a0:65:70:f4:4f:3e:94:19:ba:ce:ff:0d:8c:
                    db:28:23:fd:c3:2b:0e:e1:c5:48:83:0d:66:fa:74:
                    8f:5a:4d:60:52:2c:e1:f0:4a:c4:59:46:da:fc:d8:
                    06:e3:38:aa:c9:04:be:3c:57:2e:19:dd:47:b7:06:
                    d7:91:aa:a3:09:ef:ff:5f:48:63:b9:37:90:47:77:
                    5d:e5:c0:4f:8b:5c:43:c9:d3:74:0d:40:aa:ce:0f:
                    d0:26:70:89:10:85:bb:df:ec:6b:c5:b6:db:d8:30:
                    b4:4c:72:47:e2:5a:11:d0:6c:89:31:6b:23:4a:3d:
                    22:3b:3d:fd:13:aa:8b:2c:b5:d1:5e:ad:fa:76:71:
                    0c:90:2c:c0:4e:61:92:10:16:cd:5a:ca:d8:da:77:
                    f3:7b:3e:3d:a3:fe:61:1d:ee:8e:86:19:4f:be:7e:
                    96:ae:45:61:2a:1a:e7:29:23:f8:8c:f3:b9:59:30:
                    27:64:24:7e:7a:ee:c2:e1:b5:f6:8f:bb:73:62:e9:
                    b6:bb:a1:56:a8:df:e0:4b:58:69:c6:19:a0:b4:04:
                    83:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:19:5A:A5:CB:49:10:C5:8B:EB:CA:AA:C2:0F:DB:E5:05:06:9B:AC
            X509v3 Authority Key Identifier:
                keyid:9A:4A:C2:0F:38:CC:B7:E3:E5:E9:C8:3E:55:40:D3:D1:7F:CC:01:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1A24B429103563BD0B7D27A24793785DD8D1833B0B4B0AE40B8A5F8C161E947E/0/9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9A4AC20F38CCB7E3E5E9C83E5540D3D17FCC0184.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1A24B429103563BD0B7D27A24793785DD8D1833B0B4B0AE40B8A5F8C161E947E/0/3230302e35392e3137392e302f32342d3234203d3e203237393934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:08:8c:70:59:7f:76:4f:9b:82:8a:63:26:b5:c6:ab:cb:10:
         4f:5f:8f:9a:de:b7:16:df:bc:58:7b:af:04:8b:b3:f2:07:3e:
         aa:08:31:ff:3c:f2:b4:1d:9f:db:81:4d:15:c5:dd:6f:37:c0:
         58:08:d1:3b:95:d0:ce:da:a7:93:64:44:78:c3:8c:32:c0:c7:
         b9:4b:db:4c:28:3b:12:b9:f8:7b:73:53:97:6e:47:fd:c6:ee:
         0c:65:4f:24:c4:31:19:c8:30:1f:a8:df:29:c8:41:dd:b8:df:
         8b:50:1d:95:1d:85:38:f7:f1:c8:4d:1b:27:ce:55:a9:e3:b8:
         9b:1f:a7:5d:43:98:32:36:d8:ab:23:df:b4:b6:6a:e1:49:af:
         fd:4d:d6:90:a9:54:1a:7f:70:51:c3:80:94:a4:e5:f6:b9:8a:
         a0:14:d9:02:81:54:aa:72:63:67:c3:8f:0d:81:50:c7:e5:df:
         41:20:4f:d2:13:11:2e:fc:bc:10:a2:bb:a6:7b:c7:3e:d5:87:
         7c:ff:46:61:2a:1a:0a:ac:d0:f4:a1:db:58:92:70:e2:fe:9c:
         e4:99:5a:15:a0:8c:9b:ad:2a:64:c2:53:bc:21:9b:a2:44:46:
         51:72:8c:ec:f9:76:b6:f8:ee:f9:dc:df:05:cc:88:dd:43:c4:
         04:b4:18:e7
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUPREPGYt3Uy6RJAFhqqyh2UYJ/XUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUE0QUMyMEYzOENDQjdFM0U1RTlDODNFNTU0MEQzRDE3
RkNDMDE4NDAeFw0yNDAzMDUxNzQ3NDhaFw0yNTAzMDQxNzUyNDhaMDMxMTAvBgNV
BAMTKDI2MTk1QUE1Q0I0OTEwQzU4QkVCQ0FBQUMyMEZEQkU1MDUwNjlCQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD//baHr4ZV3QpAUQygkiuPHO4
uKDnw46NmXDkQzUY87txXXqKtme6BwJe3e3LoGVw9E8+lBm6zv8NjNsoI/3DKw7h
xUiDDWb6dI9aTWBSLOHwSsRZRtr82AbjOKrJBL48Vy4Z3Ue3BteRqqMJ7/9fSGO5
N5BHd13lwE+LXEPJ03QNQKrOD9AmcIkQhbvf7GvFttvYMLRMckfiWhHQbIkxayNK
PSI7Pf0TqosstdFerfp2cQyQLMBOYZIQFs1aytjad/N7Pj2j/mEd7o6GGU++fpau
RWEqGucpI/iM87lZMCdkJH567sLhtfaPu3Ni6ba7oVao3+BLWGnGGaC0BIN9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUJhlapctJEMWL68qqwg/b5QUGm6wwHwYDVR0j
BBgwFoAUmkrCDzjMt+Pl6cg+VUDT0X/MAYQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQTI0QjQyOTEwMzU2M0JEMEI3RDI3QTI0NzkzNzg1REQ4
RDE4MzNCMEI0QjBBRTQwQjhBNUY4QzE2MUU5NDdFLzAvOUE0QUMyMEYzOENDQjdF
M0U1RTlDODNFNTU0MEQzRDE3RkNDMDE4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QTRBQzIwRjM4Q0NCN0UzRTVF
OUM4M0U1NTQwRDNEMTdGQ0MwMTg0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUEyNEI0MjkxMDM1NjNCRDBCN0QyN0EyNDc5Mzc4NUREOEQxODMzQjBC
NEIwQUU0MEI4QTVGOEMxNjFFOTQ3RS8wLzMyMzAzMDJlMzUzOTJlMzEzNzM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM5MzkzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg7szAN
BgkqhkiG9w0BAQsFAAOCAQEAxwiMcFl/dk+bgopjJrXGq8sQT1+Pmt63Ft+8WHuv
BIuz8gc+qggx/zzytB2f24FNFcXdbzfAWAjRO5XQztqnk2REeMOMMsDHuUvbTCg7
Ern4e3NTl25H/cbuDGVPJMQxGcgwH6jfKchB3bjfi1AdlR2FOPfxyE0bJ85VqeO4
mx+nXUOYMjbYqyPftLZq4Umv/U3WkKlUGn9wUcOAlKTl9rmKoBTZAoFUqnJjZ8OP
DYFQx+XfQSBP0hMRLvy8EKK7pnvHPtWHfP9GYSoaCqzQ9KHbWJJw4v6c5JlaFaCM
m60qZMJTvCGbokRGUXKM7Pl2tvju+dzfBcyI3UPEBLQY5w==
-----END CERTIFICATE-----
Generated at Mon Sep 9 14:25:11 2024 by rpki-client on console-fra.rpki-client.org