Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1C7C36DCB6F18C2C66F0A4D3589CFD1F0951B1CC300D7BB482FAEAF95E951F16/0/34352e3137312e3131322e302f32322d3232203d3e203532343635.roa
File:                     34352e3137312e3131322e302f32322d3232203d3e203532343635.roa (raw, json)
Hash identifier:          b7ZolgDi6CXf97TJfbBdkQOZ1u8BYXswvv3YMLpBuho=
Subject key identifier:   55:62:16:3F:6D:1A:C2:30:29:68:5F:5D:80:7E:08:28:A1:2E:1A:A6
Certificate issuer:       /CN=CFD2835EF2DA8C68B69290E421AE6ACB9E7B06BD
Certificate serial:       659C87ED9DB84E81B6CECAF43AD362D43249B424
Authority key identifier: CF:D2:83:5E:F2:DA:8C:68:B6:92:90:E4:21:AE:6A:CB:9E:7B:06:BD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CFD2835EF2DA8C68B69290E421AE6ACB9E7B06BD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1C7C36DCB6F18C2C66F0A4D3589CFD1F0951B1CC300D7BB482FAEAF95E951F16/0/34352e3137312e3131322e302f32322d3232203d3e203532343635.roa
Signing time:             Mon 01 Jul 2024 01:45:00 +0000
ROA not before:           Mon 01 Jul 2024 01:40:00 +0000
ROA not after:            Mon 30 Jun 2025 01:45:00 +0000
asID:                     52465
IP address blocks:        45.171.112.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jul 2024 11:35:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:9c:87:ed:9d:b8:4e:81:b6:ce:ca:f4:3a:d3:62:d4:32:49:b4:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CFD2835EF2DA8C68B69290E421AE6ACB9E7B06BD
        Validity
            Not Before: Jul  1 01:40:00 2024 GMT
            Not After : Jun 30 01:45:00 2025 GMT
        Subject: CN=5562163F6D1AC23029685F5D807E0828A12E1AA6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:dd:4b:af:28:20:59:72:57:0c:3f:9d:f5:57:
                    2d:cb:c6:f6:46:07:15:1a:d8:7d:84:9a:f3:d3:94:
                    3f:02:45:74:79:6c:b8:1a:52:12:26:a4:71:4b:6a:
                    bb:5c:f5:66:70:ab:c3:4b:47:94:4b:9b:0e:35:54:
                    f6:47:f2:20:b5:d1:54:3a:6a:d0:20:3f:52:52:49:
                    dc:d2:d0:62:68:30:b7:76:cf:a9:b9:96:cf:d9:79:
                    eb:5e:cc:49:31:f4:9d:18:aa:87:9e:2c:75:a2:46:
                    4a:6a:02:cf:c7:03:63:2e:f5:62:df:01:0a:ae:9f:
                    a6:1f:13:a5:17:df:72:2a:52:cd:c0:f8:30:6d:f5:
                    10:24:bb:47:f1:f6:16:3a:8a:c8:d1:8b:e5:6c:90:
                    79:9b:50:16:c1:aa:79:9b:13:48:47:f7:36:08:e4:
                    ff:f0:9b:3c:13:64:da:55:d8:05:8f:27:c9:dc:a8:
                    e3:71:e9:31:a5:c5:ed:11:e0:98:dd:3f:82:60:05:
                    a2:b2:b1:ef:07:9e:d8:5f:64:be:28:c6:64:64:89:
                    b2:d9:31:e6:77:94:f9:09:0c:cc:d0:89:0b:56:b8:
                    b1:99:86:94:e0:b0:6a:8b:5a:db:9f:13:21:a4:db:
                    cf:51:c2:f3:ca:67:57:8f:88:81:8e:9d:57:a2:9c:
                    1b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:62:16:3F:6D:1A:C2:30:29:68:5F:5D:80:7E:08:28:A1:2E:1A:A6
            X509v3 Authority Key Identifier:
                keyid:CF:D2:83:5E:F2:DA:8C:68:B6:92:90:E4:21:AE:6A:CB:9E:7B:06:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1C7C36DCB6F18C2C66F0A4D3589CFD1F0951B1CC300D7BB482FAEAF95E951F16/0/CFD2835EF2DA8C68B69290E421AE6ACB9E7B06BD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CFD2835EF2DA8C68B69290E421AE6ACB9E7B06BD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1C7C36DCB6F18C2C66F0A4D3589CFD1F0951B1CC300D7BB482FAEAF95E951F16/0/34352e3137312e3131322e302f32322d3232203d3e203532343635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.171.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b4:86:e6:16:d4:95:4a:a9:68:06:04:4c:2c:2f:cc:f3:d5:9f:
         b2:cb:60:23:dc:04:da:b4:88:1b:b0:17:e8:1e:0b:54:26:a6:
         ee:ba:6b:38:0e:54:7c:ff:ef:d4:7b:b6:e6:89:07:74:fd:4d:
         6b:c2:58:f2:cb:8a:56:37:f6:c2:9a:1d:2f:81:00:31:94:20:
         18:40:d5:ae:8e:b5:c9:eb:40:3b:5a:bf:ea:4b:b2:b9:20:8d:
         ea:89:59:cd:3f:9b:77:2c:71:5f:f5:59:a4:24:40:9e:c0:70:
         b8:5b:9b:dc:fb:83:fc:ab:8e:d6:2e:58:65:e0:49:e5:b6:58:
         c9:5f:13:bf:7e:44:18:f0:6b:f2:e4:f2:37:9b:03:cc:1d:54:
         0b:3f:5c:b0:45:e8:5a:c7:0d:4b:af:1a:4b:af:78:b3:a0:19:
         b9:09:2c:4e:c2:20:11:68:e7:36:b1:17:e6:da:7b:c6:f4:f1:
         f2:ec:18:37:65:16:4c:a6:d2:5a:04:64:f7:81:3e:e7:38:e0:
         f3:c3:a0:bc:b5:b8:67:c0:e1:54:e8:71:c8:43:3d:7b:91:12:
         c9:67:c7:cd:7d:a6:8f:25:d8:ce:c8:df:2a:88:20:79:9d:48:
         c0:f7:04:00:01:e9:60:e9:de:47:58:77:c5:28:2d:b2:8b:df:
         12:68:a6:4e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUZZyH7Z24ToG2zsr0OtNi1DJJtCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0ZEMjgzNUVGMkRBOEM2OEI2OTI5MEU0MjFBRTZBQ0I5
RTdCMDZCRDAeFw0yNDA3MDEwMTQwMDBaFw0yNTA2MzAwMTQ1MDBaMDMxMTAvBgNV
BAMTKDU1NjIxNjNGNkQxQUMyMzAyOTY4NUY1RDgwN0UwODI4QTEyRTFBQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd3UuvKCBZclcMP531Vy3LxvZG
BxUa2H2EmvPTlD8CRXR5bLgaUhImpHFLartc9WZwq8NLR5RLmw41VPZH8iC10VQ6
atAgP1JSSdzS0GJoMLd2z6m5ls/ZeetezEkx9J0YqoeeLHWiRkpqAs/HA2Mu9WLf
AQqun6YfE6UX33IqUs3A+DBt9RAku0fx9hY6isjRi+VskHmbUBbBqnmbE0hH9zYI
5P/wmzwTZNpV2AWPJ8ncqONx6TGlxe0R4JjdP4JgBaKyse8HnthfZL4oxmRkibLZ
MeZ3lPkJDMzQiQtWuLGZhpTgsGqLWtufEyGk289RwvPKZ1ePiIGOnVeinBurAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUVWIWP20awjApaF9dgH4IKKEuGqYwHwYDVR0j
BBgwFoAUz9KDXvLajGi2kpDkIa5qy557Br0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQzdDMzZEQ0I2RjE4QzJDNjZGMEE0RDM1ODlDRkQxRjA5
NTFCMUNDMzAwRDdCQjQ4MkZBRUFGOTVFOTUxRjE2LzAvQ0ZEMjgzNUVGMkRBOEM2
OEI2OTI5MEU0MjFBRTZBQ0I5RTdCMDZCRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRkQyODM1RUYyREE4QzY4QjY5
MjkwRTQyMUFFNkFDQjlFN0IwNkJELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUM3QzM2RENCNkYxOEMyQzY2RjBBNEQzNTg5Q0ZEMUYwOTUxQjFDQzMw
MEQ3QkI0ODJGQUVBRjk1RTk1MUYxNi8wLzM0MzUyZTMxMzczMTJlMzEzMTMyMmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzUzMjM0MzYzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2rcDAN
BgkqhkiG9w0BAQsFAAOCAQEAtIbmFtSVSqloBgRMLC/M89WfsstgI9wE2rSIG7AX
6B4LVCam7rprOA5UfP/v1Hu25okHdP1Na8JY8suKVjf2wpodL4EAMZQgGEDVro61
yetAO1q/6kuyuSCN6olZzT+bdyxxX/VZpCRAnsBwuFub3PuD/KuO1i5YZeBJ5bZY
yV8Tv35EGPBr8uTyN5sDzB1UCz9csEXoWscNS68aS694s6AZuQksTsIgEWjnNrEX
5tp7xvTx8uwYN2UWTKbSWgRk94E+5zjg88OgvLW4Z8DhVOhxyEM9e5ESyWfHzX2m
jyXYzsjfKoggeZ1IwPcEAAHpYOneR1h3xSgtsovfEmimTg==
-----END CERTIFICATE-----
Generated at Mon Jul 1 13:01:24 2024 by rpki-client on console-fra.rpki-client.org