Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2A367470AFE6734E69072CE2E020B414FEE3FA1F7887B4509B81173481F55E9B/0/3137302e3233332e3132352e302f32342d3234203d3e20323634373337.roa
File:                     3137302e3233332e3132352e302f32342d3234203d3e20323634373337.roa (raw, json)
Hash identifier:          EHQkdeXsw90h0Ftdq2d83J65G6SNhssxEbgrCm18LKo=
Subject key identifier:   E1:9D:99:28:A0:8C:35:35:18:C7:CF:31:B3:17:83:1A:4C:A6:4A:2D
Certificate issuer:       /CN=0F959E8E8990C6B4684A74ECF5D6A8A2BE22B2DF
Certificate serial:       56F681336D6354126E448B11C28BB070438959A4
Authority key identifier: 0F:95:9E:8E:89:90:C6:B4:68:4A:74:EC:F5:D6:A8:A2:BE:22:B2:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0F959E8E8990C6B4684A74ECF5D6A8A2BE22B2DF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2A367470AFE6734E69072CE2E020B414FEE3FA1F7887B4509B81173481F55E9B/0/3137302e3233332e3132352e302f32342d3234203d3e20323634373337.roa
Signing time:             Tue 05 Mar 2024 17:46:32 +0000
ROA not before:           Tue 05 Mar 2024 17:41:32 +0000
ROA not after:            Tue 04 Mar 2025 17:46:32 +0000
asID:                     264737
IP address blocks:        170.233.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 May 2024 15:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:f6:81:33:6d:63:54:12:6e:44:8b:11:c2:8b:b0:70:43:89:59:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0F959E8E8990C6B4684A74ECF5D6A8A2BE22B2DF
        Validity
            Not Before: Mar  5 17:41:32 2024 GMT
            Not After : Mar  4 17:46:32 2025 GMT
        Subject: CN=E19D9928A08C353518C7CF31B317831A4CA64A2D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:01:a1:16:ea:17:9a:05:49:25:45:3e:83:38:
                    4c:fe:58:f7:b8:a9:5b:06:e3:bc:4e:e4:4f:c0:3f:
                    a0:06:11:0e:ec:1e:6f:ce:61:26:5b:f6:7e:78:68:
                    a1:cf:59:7f:5b:36:10:35:f9:ed:2f:b8:e1:8b:ae:
                    a1:40:9f:c6:a8:6d:2e:47:63:dd:78:35:9c:6a:e9:
                    42:0c:68:88:77:04:95:b6:d4:07:14:c3:41:e2:fd:
                    e7:2b:bc:d0:49:63:de:10:76:45:a4:18:f8:ea:2b:
                    c2:00:a0:2b:c8:61:af:46:a8:f5:c3:0e:b9:48:bc:
                    ee:5c:c1:09:65:88:c8:6c:19:55:56:ed:f3:2c:ad:
                    19:f9:73:48:19:c0:12:68:b6:e3:13:32:aa:73:9c:
                    86:6e:f9:1b:92:41:e1:c4:04:a7:b0:7c:0a:89:a5:
                    dc:6b:27:30:c3:ab:64:77:7c:0d:d8:02:8d:79:4a:
                    37:e6:ab:d1:d6:be:ab:19:11:a0:85:6c:b8:94:ac:
                    c2:24:c5:0e:58:55:34:30:bb:02:66:cd:4a:1c:23:
                    43:f2:e2:1f:18:ac:69:ff:97:fe:24:d7:26:f4:94:
                    b3:3d:ea:26:b2:29:17:e9:59:25:26:8c:5c:e7:c3:
                    b4:61:41:c7:d4:9f:de:e0:dd:48:91:5a:bc:c0:77:
                    0f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:9D:99:28:A0:8C:35:35:18:C7:CF:31:B3:17:83:1A:4C:A6:4A:2D
            X509v3 Authority Key Identifier:
                keyid:0F:95:9E:8E:89:90:C6:B4:68:4A:74:EC:F5:D6:A8:A2:BE:22:B2:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2A367470AFE6734E69072CE2E020B414FEE3FA1F7887B4509B81173481F55E9B/0/0F959E8E8990C6B4684A74ECF5D6A8A2BE22B2DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0F959E8E8990C6B4684A74ECF5D6A8A2BE22B2DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2A367470AFE6734E69072CE2E020B414FEE3FA1F7887B4509B81173481F55E9B/0/3137302e3233332e3132352e302f32342d3234203d3e20323634373337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:ee:dc:af:5d:28:41:4d:a3:05:63:48:e7:88:2d:bb:32:62:
         b2:cc:49:04:71:9a:ee:da:22:e3:cb:1e:94:60:a1:83:fe:bf:
         4f:99:9c:26:0c:51:49:8e:3f:25:09:b6:79:dd:22:a3:3a:aa:
         bd:4f:e2:dd:3c:86:a0:16:1e:7f:f0:83:18:9a:8b:b2:0b:89:
         72:65:80:33:8f:b2:49:f3:9b:99:99:a8:a6:a8:41:bc:c0:97:
         a7:59:ca:66:00:fe:7e:fc:8b:2f:1f:1d:b0:6e:16:c7:77:8e:
         5d:71:92:13:49:74:55:e6:f7:7a:f8:ac:39:f7:86:78:aa:77:
         d5:53:bc:53:d1:81:d4:9d:32:3b:cf:cf:24:c7:bb:ac:e1:d2:
         3d:58:9f:8d:c4:1e:26:b0:e4:7d:35:a8:b7:84:95:77:30:0b:
         36:51:46:6d:2e:78:ee:49:c2:04:22:9a:24:cc:c8:4a:c2:ca:
         b6:9f:ff:8e:08:55:81:d2:04:97:ed:15:32:43:33:0e:35:d1:
         d6:9a:5f:2d:13:81:7a:63:c5:38:b8:f3:d9:a5:92:9e:41:ac:
         1c:2a:8f:d5:dd:46:e3:87:6a:8e:53:9b:c3:a9:3b:11:b7:32:
         0d:b4:29:94:4d:71:6c:62:a5:ef:8f:f4:8e:e8:83:15:8c:ae:
         c3:f9:ec:6b
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUVvaBM21jVBJuRIsRwouwcEOJWaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEY5NTlFOEU4OTkwQzZCNDY4NEE3NEVDRjVENkE4QTJC
RTIyQjJERjAeFw0yNDAzMDUxNzQxMzJaFw0yNTAzMDQxNzQ2MzJaMDMxMTAvBgNV
BAMTKEUxOUQ5OTI4QTA4QzM1MzUxOEM3Q0YzMUIzMTc4MzFBNENBNjRBMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtAaEW6heaBUklRT6DOEz+WPe4
qVsG47xO5E/AP6AGEQ7sHm/OYSZb9n54aKHPWX9bNhA1+e0vuOGLrqFAn8aobS5H
Y914NZxq6UIMaIh3BJW21AcUw0Hi/ecrvNBJY94QdkWkGPjqK8IAoCvIYa9GqPXD
DrlIvO5cwQlliMhsGVVW7fMsrRn5c0gZwBJotuMTMqpznIZu+RuSQeHEBKewfAqJ
pdxrJzDDq2R3fA3YAo15Sjfmq9HWvqsZEaCFbLiUrMIkxQ5YVTQwuwJmzUocI0Py
4h8YrGn/l/4k1yb0lLM96iayKRfpWSUmjFznw7RhQcfUn97g3UiRWrzAdw/dAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU4Z2ZKKCMNTUYx88xsxeDGkymSi0wHwYDVR0j
BBgwFoAUD5WejomQxrRoSnTs9daoor4ist8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yQTM2NzQ3MEFGRTY3MzRFNjkwNzJDRTJFMDIwQjQxNEZF
RTNGQTFGNzg4N0I0NTA5QjgxMTczNDgxRjU1RTlCLzAvMEY5NTlFOEU4OTkwQzZC
NDY4NEE3NEVDRjVENkE4QTJCRTIyQjJERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRjk1OUU4RTg5OTBDNkI0Njg0
QTc0RUNGNUQ2QThBMkJFMjJCMkRGLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkEzNjc0NzBBRkU2NzM0RTY5MDcyQ0UyRTAyMEI0MTRGRUUzRkExRjc4
ODdCNDUwOUI4MTE3MzQ4MUY1NUU5Qi8wLzMxMzczMDJlMzIzMzMzMmUzMTMyMzUy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzQzNzMzMzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACq
6X0wDQYJKoZIhvcNAQELBQADggEBAEzu3K9dKEFNowVjSOeILbsyYrLMSQRxmu7a
IuPLHpRgoYP+v0+ZnCYMUUmOPyUJtnndIqM6qr1P4t08hqAWHn/wgxiai7ILiXJl
gDOPsknzm5mZqKaoQbzAl6dZymYA/n78iy8fHbBuFsd3jl1xkhNJdFXm93r4rDn3
hniqd9VTvFPRgdSdMjvPzyTHu6zh0j1Yn43EHiaw5H01qLeElXcwCzZRRm0ueO5J
wgQimiTMyErCyraf/44IVYHSBJftFTJDMw410daaXy0TgXpjxTi489mlkp5BrBwq
j9XdRuOHao5Tm8OpOxG3Mg20KZRNcWxipe+P9I7ogxWMrsP57Gs=
-----END CERTIFICATE-----