Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e3135322e302f32342d3234203d3e203138363738.roa
File:                     3139302e39302e3135322e302f32342d3234203d3e203138363738.roa (raw, json)
Hash identifier:          Sp95Q00Z+vbGSxcrOE2Ofm0errqb0fzOXvdspdMU0Tc=
Subject key identifier:   63:7E:12:2A:4D:CD:F5:A8:FD:59:D2:E0:32:B1:B5:30:0D:50:2A:95
Certificate issuer:       /CN=CBDE88C65320D3EBD8ED2F568D896F3935E87CC5
Certificate serial:       5CE9458E131B6881F1FD68A0A3D4F917C2AA09A8
Authority key identifier: CB:DE:88:C6:53:20:D3:EB:D8:ED:2F:56:8D:89:6F:39:35:E8:7C:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e3135322e302f32342d3234203d3e203138363738.roa
Signing time:             Tue 04 Feb 2025 18:17:23 +0000
ROA not before:           Tue 04 Feb 2025 18:12:23 +0000
ROA not after:            Tue 03 Feb 2026 18:17:23 +0000
asID:                     18678
IP address blocks:        190.90.152.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 03 Mar 2025 22:10:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:e9:45:8e:13:1b:68:81:f1:fd:68:a0:a3:d4:f9:17:c2:aa:09:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CBDE88C65320D3EBD8ED2F568D896F3935E87CC5
        Validity
            Not Before: Feb  4 18:12:23 2025 GMT
            Not After : Feb  3 18:17:23 2026 GMT
        Subject: CN=637E122A4DCDF5A8FD59D2E032B1B5300D502A95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d7:10:a2:3b:83:c3:3c:62:ec:83:ff:4c:e6:
                    6d:ae:24:32:a6:52:c6:e6:45:8d:c7:0f:8d:b8:4b:
                    30:db:56:03:61:e6:3d:10:a8:d5:fa:84:f7:56:26:
                    6c:80:dc:5e:ce:34:3f:a4:e7:b8:b3:a9:ce:30:d7:
                    fc:f3:76:59:6f:f9:9b:3c:10:0c:51:86:22:4c:38:
                    6f:04:f5:f1:14:6c:62:80:80:bc:ee:c7:9b:40:e8:
                    41:22:33:6e:50:aa:a8:7d:49:1c:71:28:d9:d8:55:
                    1e:7c:e1:63:5a:2f:04:f7:37:09:d5:0d:a5:3f:35:
                    75:bb:b9:3d:99:32:bf:68:73:74:8e:9d:d7:cb:71:
                    6b:74:b4:ec:01:8e:4a:c1:1a:19:cf:e1:6d:99:4c:
                    01:66:1a:0f:84:f7:60:0a:cd:14:b0:33:2c:94:55:
                    c8:f3:54:b9:0b:e3:ab:36:d7:43:e0:6f:d5:0f:c6:
                    ff:1f:34:09:07:db:5e:49:8e:9d:a6:06:75:60:12:
                    bc:cb:db:f9:5c:b1:86:c1:1f:cc:49:7a:a2:85:6d:
                    61:92:37:3e:cf:8d:cb:22:7c:28:d5:76:96:b4:24:
                    f9:51:ea:5e:11:86:73:5b:35:97:f0:51:0d:34:8f:
                    59:a7:3a:55:d1:d4:8f:5b:05:57:ab:0a:80:f3:48:
                    8f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:7E:12:2A:4D:CD:F5:A8:FD:59:D2:E0:32:B1:B5:30:0D:50:2A:95
            X509v3 Authority Key Identifier:
                keyid:CB:DE:88:C6:53:20:D3:EB:D8:ED:2F:56:8D:89:6F:39:35:E8:7C:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e3135322e302f32342d3234203d3e203138363738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:a0:76:c2:7b:e9:86:91:99:04:09:8f:d2:15:ee:fd:36:36:
         20:aa:16:63:be:1e:3b:eb:9e:ae:08:ea:28:0a:13:c9:dd:a5:
         1c:16:9e:ad:b0:a3:f0:8c:38:6b:c2:e2:97:1f:d3:fe:dd:b9:
         ef:90:af:21:b8:da:03:a6:95:7c:b6:bf:68:e3:2f:74:b0:aa:
         a0:c7:51:a1:dd:58:2f:47:25:ec:29:12:7e:30:eb:73:40:0d:
         ee:78:3c:1f:be:14:ab:11:27:d3:d5:27:70:fc:a3:11:28:77:
         fb:ec:d0:64:b2:0e:14:51:41:c2:3a:b9:a7:ff:3a:13:d0:38:
         7b:d3:2d:05:4f:74:a0:74:b7:d2:4c:ec:95:dc:97:ff:4d:99:
         8c:24:b6:ef:fd:ca:69:b2:f6:af:3e:92:eb:4e:d6:5a:7e:86:
         ae:68:9c:b7:b7:bc:c5:6d:3e:93:8f:fd:6e:40:d4:b8:4e:a6:
         2e:10:cb:f8:ea:db:b6:a6:eb:3b:1d:83:09:40:5c:98:7c:59:
         4d:ce:e2:ec:1a:c6:29:78:a4:db:67:ca:7b:55:cb:2a:f3:bb:
         1a:e9:35:d9:5c:41:be:20:06:d8:af:de:37:7b:84:2e:f4:1e:
         18:82:4d:d5:d6:af:7c:47:a1:b1:a3:a6:f4:ba:24:ee:aa:ee:
         b1:c8:82:2f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUXOlFjhMbaIHx/Wigo9T5F8KqCagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0JERTg4QzY1MzIwRDNFQkQ4RUQyRjU2OEQ4OTZGMzkz
NUU4N0NDNTAeFw0yNTAyMDQxODEyMjNaFw0yNjAyMDMxODE3MjNaMDMxMTAvBgNV
BAMTKDYzN0UxMjJBNERDREY1QThGRDU5RDJFMDMyQjFCNTMwMEQ1MDJBOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb1xCiO4PDPGLsg/9M5m2uJDKm
UsbmRY3HD424SzDbVgNh5j0QqNX6hPdWJmyA3F7OND+k57izqc4w1/zzdllv+Zs8
EAxRhiJMOG8E9fEUbGKAgLzux5tA6EEiM25Qqqh9SRxxKNnYVR584WNaLwT3NwnV
DaU/NXW7uT2ZMr9oc3SOndfLcWt0tOwBjkrBGhnP4W2ZTAFmGg+E92AKzRSwMyyU
VcjzVLkL46s210Pgb9UPxv8fNAkH215Jjp2mBnVgErzL2/lcsYbBH8xJeqKFbWGS
Nz7PjcsifCjVdpa0JPlR6l4RhnNbNZfwUQ00j1mnOlXR1I9bBVerCoDzSI9VAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUY34SKk3N9aj9WdLgMrG1MA1QKpUwHwYDVR0j
BBgwFoAUy96IxlMg0+vY7S9WjYlvOTXofMUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRkFFODRDOUQyRUE1QjlFNjgyNjM1NDNCQkQ0OThDM0Yx
Q0VGMUY4N0YzODM0MzQ2N0Y1NTE1RDYwMkI3NTI5LzAvQ0JERTg4QzY1MzIwRDNF
QkQ4RUQyRjU2OEQ4OTZGMzkzNUU4N0NDNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQkRFODhDNjUzMjBEM0VCRDhF
RDJGNTY4RDg5NkYzOTM1RTg3Q0M1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUZBRTg0QzlEMkVBNUI5RTY4MjYzNTQzQkJENDk4QzNGMUNFRjFGODdG
MzgzNDM0NjdGNTUxNUQ2MDJCNzUyOS8wLzMxMzkzMDJlMzkzMDJlMzEzNTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzODM2MzczOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL5amDAN
BgkqhkiG9w0BAQsFAAOCAQEAbqB2wnvphpGZBAmP0hXu/TY2IKoWY74eO+uergjq
KAoTyd2lHBaerbCj8Iw4a8Lilx/T/t2575CvIbjaA6aVfLa/aOMvdLCqoMdRod1Y
L0cl7CkSfjDrc0AN7ng8H74UqxEn09UncPyjESh3++zQZLIOFFFBwjq5p/86E9A4
e9MtBU90oHS30kzsldyX/02ZjCS27/3KabL2rz6S607WWn6Grmict7e8xW0+k4/9
bkDUuE6mLhDL+OrbtqbrOx2DCUBcmHxZTc7i7BrGKXik22fKe1XLKvO7Guk12VxB
viAG2K/eN3uELvQeGIJN1davfEehsaOm9Lok7qrusciCLw==
-----END CERTIFICATE-----