Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/3139302e38332e37382e302f32332d3234203d3e203134303830.roa
File:                     3139302e38332e37382e302f32332d3234203d3e203134303830.roa (raw, json)
Hash identifier:          ov4iZFm66MPKx+rVr8MbSPwpoo5NM8dimix99R4eDlY=
Subject key identifier:   31:7E:34:D0:13:8B:0F:C5:60:E3:6D:68:11:92:05:F0:54:AD:A6:F3
Certificate issuer:       /CN=A597442BE252949C19F9D69F7BF6A9CDDB54134B
Certificate serial:       3085AF978E9A09FB72B979451E7B7B36600A9FA2
Authority key identifier: A5:97:44:2B:E2:52:94:9C:19:F9:D6:9F:7B:F6:A9:CD:DB:54:13:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/3139302e38332e37382e302f32332d3234203d3e203134303830.roa
Signing time:             Tue 04 Feb 2025 20:01:50 +0000
ROA not before:           Tue 04 Feb 2025 19:56:50 +0000
ROA not after:            Tue 03 Feb 2026 20:01:50 +0000
asID:                     14080
IP address blocks:        190.83.78.0/23 maxlen: 24
Validation:               Failed, certificate revoked on Sun 09 Mar 2025 02:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:85:af:97:8e:9a:09:fb:72:b9:79:45:1e:7b:7b:36:60:0a:9f:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A597442BE252949C19F9D69F7BF6A9CDDB54134B
        Validity
            Not Before: Feb  4 19:56:50 2025 GMT
            Not After : Feb  3 20:01:50 2026 GMT
        Subject: CN=317E34D0138B0FC560E36D68119205F054ADA6F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:40:53:13:14:41:3b:8b:50:4a:55:8c:c3:b4:
                    81:be:5a:7d:23:2c:09:92:f3:15:f3:f2:30:85:c0:
                    1f:3c:3f:7e:7f:fa:f8:f1:95:22:80:f9:2f:10:ad:
                    72:1c:a4:3d:ff:ad:38:7b:a4:4b:dd:09:6d:61:93:
                    98:16:37:bb:c5:85:bb:ac:78:7e:c1:5f:4b:e5:03:
                    7f:f9:5a:ce:a0:b0:4e:a1:4c:b7:b9:0c:0b:58:80:
                    b9:cd:91:1f:cb:b8:84:d7:6d:f0:df:4e:98:fa:61:
                    d9:0e:47:dc:b1:bd:a5:6e:a5:e6:85:c3:4a:cc:49:
                    4c:7a:b8:e0:21:3b:6f:64:eb:c6:bd:28:52:a4:ef:
                    10:65:95:c4:e1:98:0f:6c:2e:41:b3:cc:ac:59:44:
                    25:42:94:89:e2:1b:3e:2d:14:56:e1:f9:e9:98:8a:
                    96:7b:ee:57:c7:2b:38:9c:7f:20:55:ab:bd:3c:2f:
                    ae:c5:a6:9c:37:66:91:4e:73:f6:ad:89:02:ff:87:
                    25:34:1d:cd:a2:4e:ff:03:f5:e0:f8:ba:45:74:20:
                    eb:36:33:46:17:df:f4:55:37:1f:f3:bd:c2:13:b2:
                    fc:fd:63:32:d4:53:c9:03:80:29:c6:97:f5:8b:10:
                    47:de:36:46:d1:5f:5a:dc:94:1c:f0:d2:c3:0e:1a:
                    b0:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:7E:34:D0:13:8B:0F:C5:60:E3:6D:68:11:92:05:F0:54:AD:A6:F3
            X509v3 Authority Key Identifier:
                keyid:A5:97:44:2B:E2:52:94:9C:19:F9:D6:9F:7B:F6:A9:CD:DB:54:13:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A597442BE252949C19F9D69F7BF6A9CDDB54134B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/220391039701C79346B76FB10EAB6F4717EA71ED125CCFE9B95744CF0340C919/0/3139302e38332e37382e302f32332d3234203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.83.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:68:53:13:31:d0:c2:36:61:b0:b7:d0:65:3a:c6:c5:1e:03:
         08:5d:0f:12:dd:d1:9d:8e:47:18:ca:cd:88:43:85:30:a3:b0:
         df:35:4a:e8:bf:22:d2:f0:94:d0:2f:49:0c:3b:31:66:60:92:
         5c:b9:20:9b:d6:8b:24:20:a5:10:f9:7d:f4:68:b4:38:1b:89:
         91:e0:b5:9f:3b:dc:5f:ce:eb:32:c1:e3:fb:22:76:ac:2c:a7:
         50:54:19:ca:44:03:ba:db:07:01:74:80:43:52:0b:9b:c2:f8:
         71:64:7e:d1:56:37:41:e3:12:83:a2:2e:4e:75:6c:5d:9c:f0:
         b9:48:47:40:ae:b0:47:b9:8b:eb:ee:62:e8:ef:85:c8:f7:21:
         fa:4a:00:5b:28:06:a6:1a:e0:01:a9:6c:ca:da:ed:1d:ec:4f:
         c5:f4:05:9b:b1:9e:25:a6:be:d9:2b:34:c0:6d:9a:ed:3d:67:
         dc:a0:ee:7b:57:ff:ab:b9:cc:bd:33:4f:54:c9:fb:42:23:f1:
         f8:68:b2:a7:e7:ce:e7:3c:41:11:24:e9:8c:c7:4e:39:4a:37:
         b1:e5:2d:7f:da:9d:3f:2f:20:c4:48:c1:8f:d4:62:93:8b:20:
         03:76:43:fc:b5:3c:92:e5:2a:50:aa:00:b3:25:d4:3b:11:b2:
         5b:36:74:1e
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMIWvl46aCftyuXlFHnt7NmAKn6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTU5NzQ0MkJFMjUyOTQ5QzE5RjlENjlGN0JGNkE5Q0RE
QjU0MTM0QjAeFw0yNTAyMDQxOTU2NTBaFw0yNjAyMDMyMDAxNTBaMDMxMTAvBgNV
BAMTKDMxN0UzNEQwMTM4QjBGQzU2MEUzNkQ2ODExOTIwNUYwNTRBREE2RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBQFMTFEE7i1BKVYzDtIG+Wn0j
LAmS8xXz8jCFwB88P35/+vjxlSKA+S8QrXIcpD3/rTh7pEvdCW1hk5gWN7vFhbus
eH7BX0vlA3/5Ws6gsE6hTLe5DAtYgLnNkR/LuITXbfDfTpj6YdkOR9yxvaVupeaF
w0rMSUx6uOAhO29k68a9KFKk7xBllcThmA9sLkGzzKxZRCVClIniGz4tFFbh+emY
ipZ77lfHKzicfyBVq708L67Fppw3ZpFOc/atiQL/hyU0Hc2iTv8D9eD4ukV0IOs2
M0YX3/RVNx/zvcITsvz9YzLUU8kDgCnGl/WLEEfeNkbRX1rclBzw0sMOGrDzAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUMX400BOLD8Vg421oEZIF8FStpvMwHwYDVR0j
BBgwFoAUpZdEK+JSlJwZ+dafe/apzdtUE0swDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMjAzOTEwMzk3MDFDNzkzNDZCNzZGQjEwRUFCNkY0NzE3
RUE3MUVEMTI1Q0NGRTlCOTU3NDRDRjAzNDBDOTE5LzAvQTU5NzQ0MkJFMjUyOTQ5
QzE5RjlENjlGN0JGNkE5Q0REQjU0MTM0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNTk3NDQyQkUyNTI5NDlDMTlG
OUQ2OUY3QkY2QTlDRERCNTQxMzRCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjIwMzkxMDM5NzAxQzc5MzQ2Qjc2RkIxMEVBQjZGNDcxN0VBNzFFRDEy
NUNDRkU5Qjk1NzQ0Q0YwMzQwQzkxOS8wLzMxMzkzMDJlMzgzMzJlMzczODJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG+U04wDQYJ
KoZIhvcNAQELBQADggEBAHloUxMx0MI2YbC30GU6xsUeAwhdDxLd0Z2ORxjKzYhD
hTCjsN81Sui/ItLwlNAvSQw7MWZgkly5IJvWiyQgpRD5ffRotDgbiZHgtZ873F/O
6zLB4/sidqwsp1BUGcpEA7rbBwF0gENSC5vC+HFkftFWN0HjEoOiLk51bF2c8LlI
R0CusEe5i+vuYujvhcj3IfpKAFsoBqYa4AGpbMra7R3sT8X0BZuxniWmvtkrNMBt
mu09Z9yg7ntX/6u5zL0zT1TJ+0Ij8fhosqfnzuc8QREk6YzHTjlKN7HlLX/anT8v
IMRIwY/UYpOLIAN2Q/y1PJLlKlCqALMl1DsRsls2dB4=
-----END CERTIFICATE-----