Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3234203d3e20323633373530.roa
File:                     34352e3137302e3130342e302f32322d3234203d3e20323633373530.roa (raw, json)
Hash identifier:          H/3SJdGGTZUqXeJbypYVtCAvEhpf7bSAJ2tLOTgEvDM=
Subject key identifier:   AD:82:9D:EA:82:1D:AE:10:0C:7A:15:EA:BD:D9:7C:02:AB:E5:FE:ED
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       076FE7F5FF7875373D0CFD0BB68CC026B7D9245B
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3234203d3e20323633373530.roa
Signing time:             Tue 05 Mar 2024 18:15:49 +0000
ROA not before:           Tue 05 Mar 2024 18:10:49 +0000
ROA not after:            Tue 04 Mar 2025 18:15:49 +0000
asID:                     263750
IP address blocks:        45.170.104.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 28 Jun 2024 19:50:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:6f:e7:f5:ff:78:75:37:3d:0c:fd:0b:b6:8c:c0:26:b7:d9:24:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Mar  5 18:10:49 2024 GMT
            Not After : Mar  4 18:15:49 2025 GMT
        Subject: CN=AD829DEA821DAE100C7A15EABDD97C02ABE5FEED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:0f:1a:23:e7:0d:13:7a:e2:af:06:01:a9:3a:
                    50:ef:a6:1a:d1:2b:d0:d1:dd:6d:f6:7d:c6:7c:9e:
                    e4:fc:b1:06:60:30:c7:29:0c:7f:84:52:db:2d:84:
                    b2:6b:13:1b:3f:a9:ff:c1:c9:5d:b9:2d:9a:42:b0:
                    80:89:91:e0:e2:4d:41:7a:8d:4e:32:be:50:3b:27:
                    28:a8:31:e2:aa:6d:6b:90:97:60:89:84:9e:33:24:
                    3d:24:d4:b6:d4:e9:cc:c3:11:78:6c:d7:86:5a:2b:
                    5a:68:61:e2:35:67:33:3a:34:58:6f:b7:75:44:74:
                    8e:8e:ae:94:8f:fc:d8:ed:50:b3:6e:b2:f2:be:30:
                    e7:f3:58:86:d7:d4:7e:ae:83:46:59:ea:3b:78:34:
                    56:79:57:93:1b:6b:65:7e:7e:91:76:a3:65:75:de:
                    f1:c6:a2:dd:5c:a1:14:ec:9f:0d:e7:cc:1b:45:e6:
                    a4:0e:6b:38:ef:88:17:46:d1:16:32:42:d7:0c:6f:
                    ed:d3:90:ff:69:e2:86:45:6d:c7:02:24:e6:89:63:
                    78:1c:9c:32:f1:c3:3a:c0:90:0c:05:0c:5a:fd:57:
                    e7:70:4a:ee:2a:53:86:c7:91:a8:eb:0b:a3:43:56:
                    d9:7d:ea:82:2d:9e:0c:9f:18:f6:9d:2b:dc:88:cc:
                    92:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:82:9D:EA:82:1D:AE:10:0C:7A:15:EA:BD:D9:7C:02:AB:E5:FE:ED
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3234203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:92:31:07:10:0b:e7:28:bc:cb:9f:e0:10:7b:79:ea:d4:d7:
         64:5e:96:02:c7:f5:92:1e:23:ad:df:97:bd:77:47:98:20:15:
         1f:45:07:48:79:37:49:e8:b6:ad:38:45:d1:65:c9:ef:8e:73:
         81:f5:67:f0:50:99:48:db:43:83:c3:b6:f6:b1:f2:f0:26:2e:
         0f:52:43:69:6a:c8:9e:68:76:9a:c8:95:31:99:c3:b3:d0:34:
         09:12:06:b1:67:a7:e6:08:46:46:80:21:be:80:44:b3:29:4c:
         f7:38:ee:98:eb:1a:1c:2f:b5:e8:a6:17:20:67:17:17:b6:4e:
         e2:84:8d:7a:4d:8d:19:b2:a4:ab:ef:a6:36:2a:49:de:74:cd:
         6d:f1:30:56:1c:0f:9f:12:cd:19:c7:fd:3a:94:63:d9:22:09:
         52:36:f1:97:7d:ee:d8:e1:3e:62:d2:40:71:82:8b:11:8e:58:
         91:ab:f6:90:ff:18:f5:21:30:f5:84:cc:06:0a:41:52:34:5c:
         b2:25:72:dd:d8:ed:f1:91:a1:41:50:4d:9c:e8:0a:cc:20:04:
         eb:f9:ef:50:48:7e:4b:d4:a1:42:4a:5f:82:0c:25:7b:04:de:
         6d:36:80:ab:9d:c9:1d:d4:fe:d2:1d:4b:91:6f:47:96:44:a1:
         d0:16:76:11
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUB2/n9f94dTc9DP0LtozAJrfZJFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDAzMDUxODEwNDlaFw0yNTAzMDQxODE1NDlaMDMxMTAvBgNV
BAMTKEFEODI5REVBODIxREFFMTAwQzdBMTVFQUJERDk3QzAyQUJFNUZFRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChDxoj5w0TeuKvBgGpOlDvphrR
K9DR3W32fcZ8nuT8sQZgMMcpDH+EUtsthLJrExs/qf/ByV25LZpCsICJkeDiTUF6
jU4yvlA7JyioMeKqbWuQl2CJhJ4zJD0k1LbU6czDEXhs14ZaK1poYeI1ZzM6NFhv
t3VEdI6OrpSP/NjtULNusvK+MOfzWIbX1H6ug0ZZ6jt4NFZ5V5Mba2V+fpF2o2V1
3vHGot1coRTsnw3nzBtF5qQOazjviBdG0RYyQtcMb+3TkP9p4oZFbccCJOaJY3gc
nDLxwzrAkAwFDFr9V+dwSu4qU4bHkajrC6NDVtl96oItngyfGPadK9yIzJJrAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUrYKd6oIdrhAMehXqvdl8Aqvl/u0wHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLapo
MA0GCSqGSIb3DQEBCwUAA4IBAQCckjEHEAvnKLzLn+AQe3nq1NdkXpYCx/WSHiOt
35e9d0eYIBUfRQdIeTdJ6LatOEXRZcnvjnOB9WfwUJlI20ODw7b2sfLwJi4PUkNp
asieaHaayJUxmcOz0DQJEgaxZ6fmCEZGgCG+gESzKUz3OO6Y6xocL7XophcgZxcX
tk7ihI16TY0ZsqSr76Y2KknedM1t8TBWHA+fEs0Zx/06lGPZIglSNvGXfe7Y4T5i
0kBxgosRjliRq/aQ/xj1ITD1hMwGCkFSNFyyJXLd2O3xkaFBUE2c6ArMIATr+e9Q
SH5L1KFCSl+CDCV7BN5tNoCrnckd1P7SHUuRb0eWRKHQFnYR
-----END CERTIFICATE-----
Generated at Fri Jun 28 23:10:45 2024 by rpki-client on console-ams.rpki-client.org