Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/3230302e35392e3232342e302f32302d3234203d3e203237373531.roa
File:                     3230302e35392e3232342e302f32302d3234203d3e203237373531.roa (raw, json)
Hash identifier:          FyibyFod44n9eP7BjeNb86QQAz1qsPsCcdoVgTI3nPE=
Subject key identifier:   15:75:49:B9:05:6D:AE:22:72:73:78:CF:11:6E:EB:77:8F:A8:78:AC
Certificate issuer:       /CN=49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E
Certificate serial:       63244AEB7F9499CE422DA7373B6EB81774F001F6
Authority key identifier: 49:98:6A:F9:BE:70:C9:F7:A7:BB:DE:B5:E3:E8:72:03:8F:59:7D:4E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/3230302e35392e3232342e302f32302d3234203d3e203237373531.roa
Signing time:             Tue 05 Mar 2024 18:02:54 +0000
ROA not before:           Tue 05 Mar 2024 17:57:54 +0000
ROA not after:            Tue 04 Mar 2025 18:02:54 +0000
asID:                     27751
IP address blocks:        200.59.224.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Mon 28 Oct 2024 15:35:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:24:4a:eb:7f:94:99:ce:42:2d:a7:37:3b:6e:b8:17:74:f0:01:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E
        Validity
            Not Before: Mar  5 17:57:54 2024 GMT
            Not After : Mar  4 18:02:54 2025 GMT
        Subject: CN=157549B9056DAE22727378CF116EEB778FA878AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:8d:98:68:31:9a:36:89:44:47:60:05:d8:fb:
                    18:3d:f6:60:3b:e4:de:f5:e3:4c:6d:2d:79:a8:7b:
                    48:9a:df:32:06:16:3f:d5:d2:51:63:a5:cb:64:2b:
                    21:3c:4f:10:e1:33:0a:9b:9e:81:f3:c9:9f:db:d6:
                    2c:3c:ea:4f:ef:48:a2:63:8a:ac:92:fd:8f:57:68:
                    9c:18:74:05:df:8e:85:39:ae:e9:c4:20:17:5d:28:
                    e0:aa:15:43:bd:8d:83:b6:b9:b1:15:d3:7e:6e:93:
                    8b:08:7c:df:a3:b5:b4:dd:81:7e:14:f7:51:c1:40:
                    59:c4:76:0b:8f:83:ed:45:41:60:5a:9d:70:ca:aa:
                    69:10:81:19:47:93:8e:16:36:2e:89:1d:79:e0:7f:
                    ff:5b:8f:99:68:a9:68:d1:72:81:44:8b:48:2e:49:
                    3d:6e:0d:67:24:99:60:15:f3:4c:0b:0f:b0:f0:76:
                    67:b7:33:0e:d5:9f:e6:70:a3:70:8a:d5:92:18:04:
                    f1:4a:ec:a8:55:e0:89:2b:c8:78:87:77:ae:e9:54:
                    28:2e:1b:48:e1:37:0f:48:47:36:b3:b2:a3:89:b9:
                    8d:e8:92:20:85:69:c6:25:bb:70:10:b5:0e:03:21:
                    2c:5e:d6:af:5f:91:6d:58:27:3b:b6:60:68:18:b6:
                    88:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:75:49:B9:05:6D:AE:22:72:73:78:CF:11:6E:EB:77:8F:A8:78:AC
            X509v3 Authority Key Identifier:
                keyid:49:98:6A:F9:BE:70:C9:F7:A7:BB:DE:B5:E3:E8:72:03:8F:59:7D:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49986AF9BE70C9F7A7BBDEB5E3E872038F597D4E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/278B39519F38D9CF4B886A90BEA8C666D8C3215F50353FC7D2121D5E936EAF17/0/3230302e35392e3232342e302f32302d3234203d3e203237373531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         29:82:5e:9a:c2:b7:0c:2d:a4:ae:f1:51:61:62:45:76:89:ac:
         b8:17:50:6c:d5:a9:7e:50:91:a6:57:60:cb:62:f5:74:90:ad:
         b4:fe:91:ae:31:23:39:00:28:80:41:68:3b:7a:fa:fc:be:d0:
         d0:bd:fe:35:c9:2c:25:23:d7:d2:f9:75:10:10:b6:69:5b:ad:
         60:54:84:b9:ab:72:3b:7a:0e:f9:dc:e9:33:59:a9:71:73:6e:
         70:f8:8a:74:bd:c1:ee:15:98:75:90:8a:d3:02:41:a4:6e:9e:
         75:f6:c8:39:4b:42:8d:aa:cd:8c:29:ae:5a:ef:dd:d2:13:6e:
         9f:ba:28:a2:1f:da:1d:04:47:30:ed:15:f0:bc:0c:94:32:85:
         1a:31:3f:df:5d:05:07:5d:d4:d9:a0:00:71:29:6e:62:91:b7:
         21:33:1b:ca:5e:d4:5e:c4:54:de:23:e7:fb:50:a7:b0:68:8f:
         17:c6:45:6b:4b:a2:13:6e:cb:a3:60:42:84:88:21:b9:d0:6b:
         8c:75:db:9e:b5:e3:ad:66:c2:37:08:22:e4:68:72:cc:0f:5b:
         e2:ed:d1:e0:6e:37:e7:7d:a0:a6:b2:98:db:74:90:84:ee:d0:
         5a:b1:2a:3a:b7:5f:85:9f:c2:69:e8:c4:c8:d6:41:b2:50:c5:
         f2:32:a7:a0
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUYyRK63+Umc5CLac3O264F3TwAfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDk5ODZBRjlCRTcwQzlGN0E3QkJERUI1RTNFODcyMDM4
RjU5N0Q0RTAeFw0yNDAzMDUxNzU3NTRaFw0yNTAzMDQxODAyNTRaMDMxMTAvBgNV
BAMTKDE1NzU0OUI5MDU2REFFMjI3MjczNzhDRjExNkVFQjc3OEZBODc4QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqjZhoMZo2iURHYAXY+xg99mA7
5N7140xtLXmoe0ia3zIGFj/V0lFjpctkKyE8TxDhMwqbnoHzyZ/b1iw86k/vSKJj
iqyS/Y9XaJwYdAXfjoU5runEIBddKOCqFUO9jYO2ubEV035uk4sIfN+jtbTdgX4U
91HBQFnEdguPg+1FQWBanXDKqmkQgRlHk44WNi6JHXngf/9bj5loqWjRcoFEi0gu
ST1uDWckmWAV80wLD7Dwdme3Mw7Vn+Zwo3CK1ZIYBPFK7KhV4IkryHiHd67pVCgu
G0jhNw9IRzazsqOJuY3okiCFacYlu3AQtQ4DISxe1q9fkW1YJzu2YGgYtogxAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUFXVJuQVtriJyc3jPEW7rd4+oeKwwHwYDVR0j
BBgwFoAUSZhq+b5wyfenu9614+hyA49ZfU4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNzhCMzk1MTlGMzhEOUNGNEI4ODZBOTBCRUE4QzY2NkQ4
QzMyMTVGNTAzNTNGQzdEMjEyMUQ1RTkzNkVBRjE3LzAvNDk5ODZBRjlCRTcwQzlG
N0E3QkJERUI1RTNFODcyMDM4RjU5N0Q0RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80OTk4NkFGOUJFNzBDOUY3QTdC
QkRFQjVFM0U4NzIwMzhGNTk3RDRFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjc4QjM5NTE5RjM4RDlDRjRCODg2QTkwQkVBOEM2NjZEOEMzMjE1RjUw
MzUzRkM3RDIxMjFENUU5MzZFQUYxNy8wLzMyMzAzMDJlMzUzOTJlMzIzMjM0MmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzIzNzM3MzUzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMg74DAN
BgkqhkiG9w0BAQsFAAOCAQEAKYJemsK3DC2krvFRYWJFdomsuBdQbNWpflCRpldg
y2L1dJCttP6RrjEjOQAogEFoO3r6/L7Q0L3+NcksJSPX0vl1EBC2aVutYFSEuaty
O3oO+dzpM1mpcXNucPiKdL3B7hWYdZCK0wJBpG6edfbIOUtCjarNjCmuWu/d0hNu
n7oooh/aHQRHMO0V8LwMlDKFGjE/310FB13U2aAAcSluYpG3ITMbyl7UXsRU3iPn
+1CnsGiPF8ZFa0uiE27Lo2BChIghudBrjHXbnrXjrWbCNwgi5GhyzA9b4u3R4G43
532gprKY23SQhO7QWrEqOrdfhZ/CaejEyNZBslDF8jKnoA==
-----END CERTIFICATE-----
Generated at Mon Oct 28 20:14:20 2024 by rpki-client on console-ams.rpki-client.org