Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/233AD49F73560C2B37D27E413F61E80F38E6EC17B906D03C20F0DFB891EE99BC/0/34352e3233382e3139372e302f32342d3234203d3e20323636383438.roa
File:                     34352e3233382e3139372e302f32342d3234203d3e20323636383438.roa (raw, json)
Hash identifier:          Q2RA7TEHnwa4HeEl4/Prb2qreekLPfAy/Ubl6aC1o1w=
Subject key identifier:   55:FB:EF:2A:84:24:66:68:BF:93:92:11:FD:AD:B4:E6:A0:52:DE:28
Certificate issuer:       /CN=CDE536D5F0A919DDF1AD2A0D6DF37608F789A4E8
Certificate serial:       544E796495A88988BD599E16DBA3F66C6573E8B0
Authority key identifier: CD:E5:36:D5:F0:A9:19:DD:F1:AD:2A:0D:6D:F3:76:08:F7:89:A4:E8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CDE536D5F0A919DDF1AD2A0D6DF37608F789A4E8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/233AD49F73560C2B37D27E413F61E80F38E6EC17B906D03C20F0DFB891EE99BC/0/34352e3233382e3139372e302f32342d3234203d3e20323636383438.roa
Signing time:             Tue 04 Feb 2025 18:52:53 +0000
ROA not before:           Tue 04 Feb 2025 18:47:53 +0000
ROA not after:            Tue 03 Feb 2026 18:52:53 +0000
asID:                     266848
IP address blocks:        45.238.197.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 23 Feb 2025 01:05:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:4e:79:64:95:a8:89:88:bd:59:9e:16:db:a3:f6:6c:65:73:e8:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CDE536D5F0A919DDF1AD2A0D6DF37608F789A4E8
        Validity
            Not Before: Feb  4 18:47:53 2025 GMT
            Not After : Feb  3 18:52:53 2026 GMT
        Subject: CN=55FBEF2A84246668BF939211FDADB4E6A052DE28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e2:04:63:f7:a3:8d:91:5e:0a:29:84:99:6f:
                    a7:20:98:34:e9:08:cf:e1:3a:79:56:b5:73:2d:9b:
                    d5:84:d6:e8:69:0a:80:16:25:fa:4d:7a:52:54:ac:
                    4b:9f:2f:55:b5:c8:47:e8:2f:21:ea:a1:73:33:28:
                    49:83:05:33:ec:e0:58:f0:d5:c8:35:5c:37:66:54:
                    44:ab:bd:82:7d:46:60:28:8c:73:d8:1e:60:74:e1:
                    87:3d:5d:78:70:cd:5c:ff:1c:68:81:c3:ed:ec:4e:
                    50:9b:d4:db:ab:b5:86:d0:17:57:7d:c9:b4:5c:26:
                    c7:e1:1c:78:5c:a5:ec:ee:e1:3c:00:5a:d6:6d:9d:
                    94:92:69:d6:4f:16:7b:28:80:ff:e1:ca:74:c0:da:
                    63:c3:91:99:f6:ad:50:bc:4a:d2:6b:ce:a4:f8:94:
                    d7:6f:fd:92:aa:a3:cb:35:aa:29:54:f5:ce:6f:c6:
                    6c:7f:72:34:e3:10:02:ea:58:a0:70:e5:88:49:ab:
                    c8:6b:97:8e:09:13:6e:70:3d:2b:69:4d:f1:47:8e:
                    1e:22:fb:6a:88:6e:87:64:95:f3:d8:c5:05:e5:e4:
                    e1:ff:06:02:6c:05:af:bf:a3:c9:b5:48:13:3b:6b:
                    2c:38:30:d8:c0:9a:58:5a:c5:3d:56:41:33:0b:c5:
                    03:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:FB:EF:2A:84:24:66:68:BF:93:92:11:FD:AD:B4:E6:A0:52:DE:28
            X509v3 Authority Key Identifier:
                keyid:CD:E5:36:D5:F0:A9:19:DD:F1:AD:2A:0D:6D:F3:76:08:F7:89:A4:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/233AD49F73560C2B37D27E413F61E80F38E6EC17B906D03C20F0DFB891EE99BC/0/CDE536D5F0A919DDF1AD2A0D6DF37608F789A4E8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CDE536D5F0A919DDF1AD2A0D6DF37608F789A4E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/233AD49F73560C2B37D27E413F61E80F38E6EC17B906D03C20F0DFB891EE99BC/0/34352e3233382e3139372e302f32342d3234203d3e20323636383438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:9b:32:a2:af:40:13:46:14:98:df:13:01:81:79:5b:77:22:
         04:6b:dc:fb:a7:8c:01:97:c5:f0:ab:dd:56:25:40:1a:ad:1f:
         5a:19:45:68:f6:8f:ba:5f:27:10:d1:b6:e7:85:f1:98:90:29:
         1f:d9:99:09:e3:95:59:02:92:b6:e7:a5:94:82:c8:ab:3f:04:
         57:52:1f:1f:75:b1:9b:f9:65:2f:af:80:1d:d5:65:45:64:76:
         30:70:d0:24:8b:f3:80:74:20:18:6a:77:53:60:6b:e8:df:43:
         5b:f1:2a:db:13:f4:4a:12:e5:eb:6f:55:e1:04:58:8c:c5:db:
         b0:4c:2b:53:6a:fb:16:2f:9d:e5:a5:f1:67:f6:23:1b:80:2d:
         3e:4f:38:2d:d9:92:95:5d:49:88:e1:f8:2a:6d:4a:a1:cd:5e:
         d1:bf:fa:8b:a2:bf:fa:e4:1e:d8:63:1d:0a:26:5d:3a:6a:2d:
         fe:72:9f:6a:78:56:37:80:d9:a3:61:a5:b0:28:b3:98:7c:ac:
         50:00:c4:37:4e:23:41:08:63:8b:7c:39:93:66:06:70:1f:28:
         10:79:6e:1e:7a:88:58:53:48:74:46:de:24:e9:a8:5a:6b:9d:
         6b:99:57:d8:5f:b2:2b:ab:f9:1a:65:0a:a8:fc:fa:fc:2e:ef:
         0f:88:69:04
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUVE55ZJWoiYi9WZ4W26P2bGVz6LAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0RFNTM2RDVGMEE5MTlEREYxQUQyQTBENkRGMzc2MDhG
Nzg5QTRFODAeFw0yNTAyMDQxODQ3NTNaFw0yNjAyMDMxODUyNTNaMDMxMTAvBgNV
BAMTKDU1RkJFRjJBODQyNDY2NjhCRjkzOTIxMUZEQURCNEU2QTA1MkRFMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx4gRj96ONkV4KKYSZb6cgmDTp
CM/hOnlWtXMtm9WE1uhpCoAWJfpNelJUrEufL1W1yEfoLyHqoXMzKEmDBTPs4Fjw
1cg1XDdmVESrvYJ9RmAojHPYHmB04Yc9XXhwzVz/HGiBw+3sTlCb1NurtYbQF1d9
ybRcJsfhHHhcpezu4TwAWtZtnZSSadZPFnsogP/hynTA2mPDkZn2rVC8StJrzqT4
lNdv/ZKqo8s1qilU9c5vxmx/cjTjEALqWKBw5YhJq8hrl44JE25wPStpTfFHjh4i
+2qIbodklfPYxQXl5OH/BgJsBa+/o8m1SBM7ayw4MNjAmlhaxT1WQTMLxQMtAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUVfvvKoQkZmi/k5IR/a205qBS3igwHwYDVR0j
BBgwFoAUzeU21fCpGd3xrSoNbfN2CPeJpOgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzNBRDQ5RjczNTYwQzJCMzdEMjdFNDEzRjYxRTgwRjM4
RTZFQzE3QjkwNkQwM0MyMEYwREZCODkxRUU5OUJDLzAvQ0RFNTM2RDVGMEE5MTlE
REYxQUQyQTBENkRGMzc2MDhGNzg5QTRFOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DREU1MzZENUYwQTkxOURERjFB
RDJBMEQ2REYzNzYwOEY3ODlBNEU4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjMzQUQ0OUY3MzU2MEMyQjM3RDI3RTQxM0Y2MUU4MEYzOEU2RUMxN0I5
MDZEMDNDMjBGMERGQjg5MUVFOTlCQy8wLzM0MzUyZTMyMzMzODJlMzEzOTM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM2MzgzNDM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALe7F
MA0GCSqGSIb3DQEBCwUAA4IBAQCMmzKir0ATRhSY3xMBgXlbdyIEa9z7p4wBl8Xw
q91WJUAarR9aGUVo9o+6XycQ0bbnhfGYkCkf2ZkJ45VZApK256WUgsirPwRXUh8f
dbGb+WUvr4Ad1WVFZHYwcNAki/OAdCAYandTYGvo30Nb8SrbE/RKEuXrb1XhBFiM
xduwTCtTavsWL53lpfFn9iMbgC0+Tzgt2ZKVXUmI4fgqbUqhzV7Rv/qLor/65B7Y
Yx0KJl06ai3+cp9qeFY3gNmjYaWwKLOYfKxQAMQ3TiNBCGOLfDmTZgZwHygQeW4e
eohYU0h0Rt4k6ahaa51rmVfYX7Irq/kaZQqo/Pr8Lu8PiGkE
-----END CERTIFICATE-----