Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e302e302f31382d3234203d3e203138363738.roa
File:                     3139302e39302e302e302f31382d3234203d3e203138363738.roa (raw, json)
Hash identifier:          5EtHbYHx75qHk5W5EdSvO3HKph9YSL5KEawn7UaAk6M=
Subject key identifier:   95:A6:34:42:E0:30:86:A7:56:4B:4F:1C:D2:29:7C:89:B5:23:17:8C
Certificate issuer:       /CN=CBDE88C65320D3EBD8ED2F568D896F3935E87CC5
Certificate serial:       31DC67233474774ADD60A415F363F490FE6E167F
Authority key identifier: CB:DE:88:C6:53:20:D3:EB:D8:ED:2F:56:8D:89:6F:39:35:E8:7C:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e302e302f31382d3234203d3e203138363738.roa
Signing time:             Fri 14 Feb 2025 22:00:01 +0000
ROA not before:           Fri 14 Feb 2025 21:55:01 +0000
ROA not after:            Fri 13 Feb 2026 22:00:01 +0000
asID:                     18678
IP address blocks:        190.90.0.0/18 maxlen: 24
Validation:               Failed, certificate revoked on Tue 25 Feb 2025 20:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:dc:67:23:34:74:77:4a:dd:60:a4:15:f3:63:f4:90:fe:6e:16:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CBDE88C65320D3EBD8ED2F568D896F3935E87CC5
        Validity
            Not Before: Feb 14 21:55:01 2025 GMT
            Not After : Feb 13 22:00:01 2026 GMT
        Subject: CN=95A63442E03086A7564B4F1CD2297C89B523178C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c9:d4:5b:f1:1c:e5:9c:ca:7d:64:a3:4c:61:
                    4a:58:be:d3:5e:4c:5a:7e:7e:cb:0e:5e:5e:18:2d:
                    4c:71:94:d1:92:06:b2:1f:e7:00:6f:36:4b:87:4c:
                    51:4d:f1:25:07:d3:2f:e6:31:24:01:62:da:7c:dd:
                    3d:1a:d5:8b:fd:85:8d:de:83:78:49:ef:d3:35:eb:
                    00:20:99:9d:3f:71:68:de:c7:9c:42:01:1d:45:c8:
                    36:b2:66:a5:66:5e:82:27:40:c3:b1:35:91:0c:7b:
                    43:1e:e0:96:49:f6:b8:84:7c:79:0e:8a:88:15:40:
                    04:1f:84:14:1f:1d:65:57:fa:dc:8a:72:51:d7:ca:
                    9c:41:3b:16:e8:d3:e4:81:5c:21:ae:21:c8:8f:e3:
                    d6:10:25:b0:86:5f:59:ee:7e:ba:77:dc:f4:10:f5:
                    66:82:8a:54:3d:b4:d5:84:54:2a:40:b8:1b:6e:2d:
                    db:c6:6d:2a:49:fc:32:c4:c6:4d:3f:04:33:52:e6:
                    d9:b6:e8:a3:fa:7d:4d:dc:e0:71:02:b7:ee:28:6d:
                    1e:cc:0e:4c:e2:12:67:e6:6a:ba:f1:41:35:90:a7:
                    73:ec:6b:23:4f:80:c9:dc:ca:6d:9d:e6:89:7b:b2:
                    72:18:c4:55:d6:06:40:7d:26:7b:81:f2:4a:bb:8f:
                    56:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:A6:34:42:E0:30:86:A7:56:4B:4F:1C:D2:29:7C:89:B5:23:17:8C
            X509v3 Authority Key Identifier:
                keyid:CB:DE:88:C6:53:20:D3:EB:D8:ED:2F:56:8D:89:6F:39:35:E8:7C:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e302e302f31382d3234203d3e203138363738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         21:c7:3b:45:f2:b7:18:07:37:b5:c4:58:5a:b2:bb:95:2e:69:
         54:05:f9:b0:8a:e4:a1:31:8f:61:ca:5a:81:75:a3:c6:28:9c:
         c6:14:c1:1f:4a:d9:56:25:d7:ad:1c:5d:60:25:9c:96:c3:38:
         10:c7:12:27:97:a1:36:68:35:a8:93:3b:45:bf:b6:7f:2f:59:
         4d:28:29:47:2e:a3:47:eb:5a:8d:c1:5a:57:dc:8b:10:ad:e0:
         df:05:60:a8:58:8f:8e:2d:5f:39:1d:48:1d:c4:3d:3b:88:b3:
         11:be:8c:fd:18:54:3a:55:af:27:00:01:1e:48:7c:c0:a7:1f:
         f5:52:8f:27:ac:e1:f2:86:49:d4:f8:f2:3e:bd:7b:c6:33:a3:
         77:d2:90:ad:45:ae:f3:e5:1e:bf:2b:b7:00:8e:f4:3d:38:9b:
         5c:96:a3:a3:a2:e4:21:09:3d:b6:86:af:a0:b3:22:61:79:36:
         bd:cc:66:2e:e0:8b:35:c5:cb:ab:b0:67:49:3a:d9:7c:4d:da:
         7a:f2:0b:68:6c:1b:66:64:c2:aa:eb:4e:1d:36:b7:71:9c:2d:
         d4:c5:a3:21:cb:03:76:07:b3:da:19:4c:2f:01:c3:89:a3:7f:
         28:2c:2a:aa:1d:e9:02:f1:28:5e:6b:0b:9e:e8:93:9c:a7:f8:
         29:b7:cf:58
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUMdxnIzR0d0rdYKQV82P0kP5uFn8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0JERTg4QzY1MzIwRDNFQkQ4RUQyRjU2OEQ4OTZGMzkz
NUU4N0NDNTAeFw0yNTAyMTQyMTU1MDFaFw0yNjAyMTMyMjAwMDFaMDMxMTAvBgNV
BAMTKDk1QTYzNDQyRTAzMDg2QTc1NjRCNEYxQ0QyMjk3Qzg5QjUyMzE3OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzydRb8RzlnMp9ZKNMYUpYvtNe
TFp+fssOXl4YLUxxlNGSBrIf5wBvNkuHTFFN8SUH0y/mMSQBYtp83T0a1Yv9hY3e
g3hJ79M16wAgmZ0/cWjex5xCAR1FyDayZqVmXoInQMOxNZEMe0Me4JZJ9riEfHkO
iogVQAQfhBQfHWVX+tyKclHXypxBOxbo0+SBXCGuIciP49YQJbCGX1nufrp33PQQ
9WaCilQ9tNWEVCpAuBtuLdvGbSpJ/DLExk0/BDNS5tm26KP6fU3c4HECt+4obR7M
DkziEmfmarrxQTWQp3PsayNPgMncym2d5ol7snIYxFXWBkB9JnuB8kq7j1bXAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUlaY0QuAwhqdWS08c0il8ibUjF4wwHwYDVR0j
BBgwFoAUy96IxlMg0+vY7S9WjYlvOTXofMUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRkFFODRDOUQyRUE1QjlFNjgyNjM1NDNCQkQ0OThDM0Yx
Q0VGMUY4N0YzODM0MzQ2N0Y1NTE1RDYwMkI3NTI5LzAvQ0JERTg4QzY1MzIwRDNF
QkQ4RUQyRjU2OEQ4OTZGMzkzNUU4N0NDNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQkRFODhDNjUzMjBEM0VCRDhF
RDJGNTY4RDg5NkYzOTM1RTg3Q0M1LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUZBRTg0QzlEMkVBNUI5RTY4MjYzNTQzQkJENDk4QzNGMUNFRjFGODdG
MzgzNDM0NjdGNTUxNUQ2MDJCNzUyOS8wLzMxMzkzMDJlMzkzMDJlMzAyZTMwMmYz
MTM4MmQzMjM0MjAzZDNlMjAzMTM4MzYzNzM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGvloAMA0GCSqG
SIb3DQEBCwUAA4IBAQAhxztF8rcYBze1xFhasruVLmlUBfmwiuShMY9hylqBdaPG
KJzGFMEfStlWJdetHF1gJZyWwzgQxxInl6E2aDWokztFv7Z/L1lNKClHLqNH61qN
wVpX3IsQreDfBWCoWI+OLV85HUgdxD07iLMRvoz9GFQ6Va8nAAEeSHzApx/1Uo8n
rOHyhknU+PI+vXvGM6N30pCtRa7z5R6/K7cAjvQ9OJtclqOjouQhCT22hq+gsyJh
eTa9zGYu4Is1xcursGdJOtl8Tdp68gtobBtmZMKq604dNrdxnC3UxaMhywN2B7Pa
GUwvAcOJo38oLCqqHekC8Sheawue6JOcp/gpt89Y
-----END CERTIFICATE-----