Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2B6B23E958EA87B8EC36E5ED1B86D10E0113F67B0F375C95CCC5470EE3D12022/0/3230302e362e39362e302f31392d3233203d3e203237363539.roa
File:                     3230302e362e39362e302f31392d3233203d3e203237363539.roa (raw, json)
Hash identifier:          0NptFtw7UrZIlsgwK5ihLAvRh60ODKbgYjI9MWroeW0=
Subject key identifier:   D1:16:75:9B:7E:82:58:13:9A:34:E0:9F:B4:20:54:D7:AE:AC:81:97
Certificate issuer:       /CN=8D2583CCB91894057397D5D0034AC586BBE52555
Certificate serial:       23A6B02D1C5916FA3A838594EA8F92E24B15CB20
Authority key identifier: 8D:25:83:CC:B9:18:94:05:73:97:D5:D0:03:4A:C5:86:BB:E5:25:55
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D2583CCB91894057397D5D0034AC586BBE52555.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2B6B23E958EA87B8EC36E5ED1B86D10E0113F67B0F375C95CCC5470EE3D12022/0/3230302e362e39362e302f31392d3233203d3e203237363539.roa
Signing time:             Tue 05 Mar 2024 18:19:44 +0000
ROA not before:           Tue 05 Mar 2024 18:14:44 +0000
ROA not after:            Tue 04 Mar 2025 18:19:44 +0000
asID:                     27659
IP address blocks:        200.6.96.0/19 maxlen: 23
Validation:               Failed, certificate revoked on Tue 04 Feb 2025 14:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:a6:b0:2d:1c:59:16:fa:3a:83:85:94:ea:8f:92:e2:4b:15:cb:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D2583CCB91894057397D5D0034AC586BBE52555
        Validity
            Not Before: Mar  5 18:14:44 2024 GMT
            Not After : Mar  4 18:19:44 2025 GMT
        Subject: CN=D116759B7E8258139A34E09FB42054D7AEAC8197
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:27:6b:98:f7:2d:53:17:d7:94:95:cd:fc:66:
                    f5:54:bf:8e:3d:7d:27:61:0c:b3:2b:93:22:ae:dc:
                    59:89:2f:8c:6b:46:c2:6e:0b:2e:b2:26:2e:d1:b6:
                    b1:1d:9a:b9:07:b9:59:84:32:1a:c4:b9:7b:ec:20:
                    c1:e2:8d:80:19:e7:27:f4:4a:6a:5f:5e:18:70:40:
                    41:e9:7f:ec:14:27:c6:ba:ec:62:ef:22:ca:b7:24:
                    af:9f:ec:60:2a:8e:25:b8:27:69:8d:c6:ba:c6:7c:
                    a7:c7:cb:f4:fe:95:da:fd:fc:55:76:b1:c2:eb:77:
                    40:c8:c1:e6:0e:0b:12:f2:89:26:b3:54:4f:cb:37:
                    16:95:8d:4e:b9:77:dd:5f:69:fc:92:93:02:c1:04:
                    f7:fe:ab:59:10:91:87:07:eb:f8:14:57:bf:6b:de:
                    9f:f0:76:8f:66:ac:65:77:38:74:41:f1:77:62:5c:
                    99:cf:91:ea:a9:9f:18:f8:ce:07:af:28:58:74:fb:
                    8b:d5:e7:d1:ef:83:0b:47:4d:f2:73:32:ac:5c:41:
                    b8:d5:a3:fb:f0:03:96:8d:9c:c3:67:c1:38:fb:62:
                    02:b2:81:6e:4c:cc:cb:af:94:0a:1d:dc:8d:2d:a9:
                    f9:52:a0:e6:f2:fa:d9:f4:46:b4:a8:35:29:9b:8d:
                    d8:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:16:75:9B:7E:82:58:13:9A:34:E0:9F:B4:20:54:D7:AE:AC:81:97
            X509v3 Authority Key Identifier:
                keyid:8D:25:83:CC:B9:18:94:05:73:97:D5:D0:03:4A:C5:86:BB:E5:25:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2B6B23E958EA87B8EC36E5ED1B86D10E0113F67B0F375C95CCC5470EE3D12022/0/8D2583CCB91894057397D5D0034AC586BBE52555.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D2583CCB91894057397D5D0034AC586BBE52555.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2B6B23E958EA87B8EC36E5ED1B86D10E0113F67B0F375C95CCC5470EE3D12022/0/3230302e362e39362e302f31392d3233203d3e203237363539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.6.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         90:7a:c5:27:a9:cc:28:43:09:04:fd:b7:27:9b:de:9c:ee:43:
         8c:35:1d:7c:dc:c3:e3:88:c5:3b:20:96:74:7f:9a:fb:d3:b6:
         95:de:86:d2:31:d9:3c:97:fc:47:1e:c8:94:ef:05:56:27:a3:
         27:8c:6d:6d:97:b6:9c:5b:af:97:b4:2d:2e:27:c1:64:3d:dc:
         9d:4e:da:3c:ba:df:e0:7d:6d:c1:30:8c:fd:f2:10:8e:41:86:
         42:dd:fc:3c:4f:ff:59:72:e2:05:42:17:f6:df:8c:9e:37:10:
         eb:2f:93:1d:b3:5d:03:48:5b:ee:1b:bc:f9:5a:b3:89:c5:2e:
         1f:b7:06:58:99:e3:d7:01:4d:b4:79:5f:8a:b7:a8:98:8d:19:
         75:7c:52:cf:50:b3:04:e6:29:8d:69:03:09:09:a8:6e:29:dd:
         fe:18:fb:bc:98:0f:c2:72:b4:f9:b5:f1:a1:b0:93:da:4f:96:
         3b:9f:7d:b3:66:e9:d3:70:b1:3d:c8:b7:71:09:28:74:42:b9:
         9d:6c:8a:91:d7:19:95:9d:6e:ad:88:88:60:3c:ab:89:73:19:
         ec:d3:c5:48:79:b0:68:c7:06:49:78:43:95:50:18:01:23:fd:
         e2:f3:ee:51:70:1d:5a:eb:9a:50:63:13:3d:2d:90:09:0d:97:
         d7:09:24:b8
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUI6awLRxZFvo6g4WU6o+S4ksVyyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQyNTgzQ0NCOTE4OTQwNTczOTdENUQwMDM0QUM1ODZC
QkU1MjU1NTAeFw0yNDAzMDUxODE0NDRaFw0yNTAzMDQxODE5NDRaMDMxMTAvBgNV
BAMTKEQxMTY3NTlCN0U4MjU4MTM5QTM0RTA5RkI0MjA1NEQ3QUVBQzgxOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTJ2uY9y1TF9eUlc38ZvVUv449
fSdhDLMrkyKu3FmJL4xrRsJuCy6yJi7RtrEdmrkHuVmEMhrEuXvsIMHijYAZ5yf0
SmpfXhhwQEHpf+wUJ8a67GLvIsq3JK+f7GAqjiW4J2mNxrrGfKfHy/T+ldr9/FV2
scLrd0DIweYOCxLyiSazVE/LNxaVjU65d91fafySkwLBBPf+q1kQkYcH6/gUV79r
3p/wdo9mrGV3OHRB8XdiXJnPkeqpnxj4zgevKFh0+4vV59HvgwtHTfJzMqxcQbjV
o/vwA5aNnMNnwTj7YgKygW5MzMuvlAod3I0tqflSoOby+tn0RrSoNSmbjdhDAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQU0RZ1m36CWBOaNOCftCBU166sgZcwHwYDVR0j
BBgwFoAUjSWDzLkYlAVzl9XQA0rFhrvlJVUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yQjZCMjNFOTU4RUE4N0I4RUMzNkU1RUQxQjg2RDEwRTAx
MTNGNjdCMEYzNzVDOTVDQ0M1NDcwRUUzRDEyMDIyLzAvOEQyNTgzQ0NCOTE4OTQw
NTczOTdENUQwMDM0QUM1ODZCQkU1MjU1NS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDI1ODNDQ0I5MTg5NDA1NzM5
N0Q1RDAwMzRBQzU4NkJCRTUyNTU1LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkI2QjIzRTk1OEVBODdCOEVDMzZFNUVEMUI4NkQxMEUwMTEzRjY3QjBG
Mzc1Qzk1Q0NDNTQ3MEVFM0QxMjAyMi8wLzMyMzAzMDJlMzYyZTM5MzYyZTMwMmYz
MTM5MmQzMjMzMjAzZDNlMjAzMjM3MzYzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFyAZgMA0GCSqG
SIb3DQEBCwUAA4IBAQCQesUnqcwoQwkE/bcnm96c7kOMNR183MPjiMU7IJZ0f5r7
07aV3obSMdk8l/xHHsiU7wVWJ6MnjG1tl7acW6+XtC0uJ8FkPdydTto8ut/gfW3B
MIz98hCOQYZC3fw8T/9ZcuIFQhf234yeNxDrL5Mds10DSFvuG7z5WrOJxS4ftwZY
mePXAU20eV+Kt6iYjRl1fFLPULME5imNaQMJCahuKd3+GPu8mA/CcrT5tfGhsJPa
T5Y7n32zZunTcLE9yLdxCSh0QrmdbIqR1xmVnW6tiIhgPKuJcxns08VIebBoxwZJ
eEOVUBgBI/3i8+5RcB1a65pQYxM9LZAJDZfXCSS4
-----END CERTIFICATE-----