Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3139322e302f32312d3231203d3e20323635353534.roa
File:                     3230302e3131322e3139322e302f32312d3231203d3e20323635353534.roa (raw, json)
Hash identifier:          j/od7g8bVmdfn93TfM9sHEV+5bAykMPQMVxhGlkWKzE=
Subject key identifier:   43:CB:7E:7B:B5:4F:E3:84:35:8D:99:8F:C8:B7:8D:B8:70:A1:55:2A
Certificate issuer:       /CN=85B7D9685BA8DA2D6F481C323611ED64944F6273
Certificate serial:       680281B48ABC7DCAE57E9CB163BB22A2DC10B0F1
Authority key identifier: 85:B7:D9:68:5B:A8:DA:2D:6F:48:1C:32:36:11:ED:64:94:4F:62:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3139322e302f32312d3231203d3e20323635353534.roa
Signing time:             Tue 05 Mar 2024 17:54:08 +0000
ROA not before:           Tue 05 Mar 2024 17:49:08 +0000
ROA not after:            Tue 04 Mar 2025 17:54:08 +0000
asID:                     265554
IP address blocks:        200.112.192.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 23 Jul 2024 21:50:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:02:81:b4:8a:bc:7d:ca:e5:7e:9c:b1:63:bb:22:a2:dc:10:b0:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85B7D9685BA8DA2D6F481C323611ED64944F6273
        Validity
            Not Before: Mar  5 17:49:08 2024 GMT
            Not After : Mar  4 17:54:08 2025 GMT
        Subject: CN=43CB7E7BB54FE384358D998FC8B78DB870A1552A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:5f:47:81:96:ff:06:2f:d0:d5:34:5c:4e:34:
                    5b:48:3f:3f:06:48:f0:e1:f7:aa:de:53:d3:ba:3b:
                    64:98:39:d5:82:fb:27:42:29:16:8c:df:65:39:05:
                    f4:01:c0:0b:68:4f:6d:34:e2:15:d4:b4:1f:6f:f7:
                    66:06:52:96:1b:d5:27:1d:68:b1:e9:da:46:78:98:
                    11:94:27:5d:15:6a:90:0b:52:ad:51:d6:df:6f:a6:
                    d5:3c:74:0d:70:73:3c:02:8e:ef:12:5a:b6:27:bb:
                    83:b9:b5:4d:7d:96:a1:00:30:a2:72:d5:20:0f:5e:
                    ae:8c:f0:ee:e0:27:91:0b:9d:2a:ec:c2:bb:aa:0d:
                    57:68:53:9c:61:0f:93:f2:4e:8a:cb:e9:20:66:b7:
                    d0:f0:c9:c0:23:4d:0f:d9:7c:44:64:85:71:63:a9:
                    42:dc:16:83:f4:e5:50:60:98:96:c7:b4:7c:1d:da:
                    6a:2d:11:31:16:1d:1b:a3:40:9b:ae:70:6b:db:63:
                    1a:18:f2:b5:9e:fd:97:dd:43:ce:1f:5c:ba:ec:c4:
                    6e:7f:80:dd:e2:32:9c:f3:12:e0:f9:b1:51:89:9e:
                    7a:32:d8:55:f3:50:80:79:5e:36:7b:24:2c:c8:00:
                    6a:52:38:b3:66:fe:2b:93:36:b9:41:27:14:05:84:
                    14:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:CB:7E:7B:B5:4F:E3:84:35:8D:99:8F:C8:B7:8D:B8:70:A1:55:2A
            X509v3 Authority Key Identifier:
                keyid:85:B7:D9:68:5B:A8:DA:2D:6F:48:1C:32:36:11:ED:64:94:4F:62:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85B7D9685BA8DA2D6F481C323611ED64944F6273.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/317E94E3ECFEA74BED41FBB306A71B3CA8E717FF7BAB86F4CB4B3A5CF709964C/0/3230302e3131322e3139322e302f32312d3231203d3e20323635353534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.112.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         00:dc:b9:7b:a6:a3:2d:a8:9f:e7:62:11:e9:a9:25:3f:68:d4:
         e6:7d:ab:9f:f2:18:36:32:04:4d:5c:fd:9f:49:ee:6c:8c:92:
         4b:ac:2f:2e:be:d8:30:b1:81:54:22:69:56:4d:89:32:f9:55:
         9c:e0:ad:0f:cc:0c:20:36:69:ff:cc:44:4a:24:f6:db:a4:93:
         41:e9:59:e2:52:bf:8e:48:31:ab:67:e7:e8:3f:7a:d7:c3:78:
         34:96:e3:fe:fb:aa:05:08:05:1a:55:37:f0:bb:61:4d:0c:25:
         de:5b:43:e5:79:fe:a6:68:89:5d:36:9a:a7:aa:54:65:d5:9b:
         df:ee:fe:ca:97:e6:1c:7a:fc:38:56:c8:26:21:de:6d:58:9f:
         db:e1:68:06:be:4c:76:fd:8b:f8:f5:02:81:62:fb:51:37:c6:
         1c:da:7e:6a:87:df:7b:a3:75:42:c8:15:f9:a1:d4:38:d2:fa:
         71:c5:88:9e:f0:53:d0:10:43:b7:4d:df:c3:79:0c:e4:94:6c:
         e1:43:04:d6:e0:9b:73:e5:d5:39:7e:c9:87:3c:6c:d0:30:ac:
         61:4a:d9:11:10:f1:bc:8c:93:38:0a:94:57:89:c6:77:b7:0d:
         3e:7f:04:7d:68:e8:0a:87:94:8c:4c:36:4d:b5:92:c2:93:b0:
         1f:18:1d:b3
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUaAKBtIq8fcrlfpyxY7siotwQsPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVCN0Q5Njg1QkE4REEyRDZGNDgxQzMyMzYxMUVENjQ5
NDRGNjI3MzAeFw0yNDAzMDUxNzQ5MDhaFw0yNTAzMDQxNzU0MDhaMDMxMTAvBgNV
BAMTKDQzQ0I3RTdCQjU0RkUzODQzNThEOTk4RkM4Qjc4REI4NzBBMTU1MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoX0eBlv8GL9DVNFxONFtIPz8G
SPDh96reU9O6O2SYOdWC+ydCKRaM32U5BfQBwAtoT2004hXUtB9v92YGUpYb1Scd
aLHp2kZ4mBGUJ10VapALUq1R1t9vptU8dA1wczwCju8SWrYnu4O5tU19lqEAMKJy
1SAPXq6M8O7gJ5ELnSrswruqDVdoU5xhD5PyTorL6SBmt9DwycAjTQ/ZfERkhXFj
qULcFoP05VBgmJbHtHwd2motETEWHRujQJuucGvbYxoY8rWe/ZfdQ84fXLrsxG5/
gN3iMpzzEuD5sVGJnnoy2FXzUIB5XjZ7JCzIAGpSOLNm/iuTNrlBJxQFhBSlAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUQ8t+e7VP44Q1jZmPyLeNuHChVSowHwYDVR0j
BBgwFoAUhbfZaFuo2i1vSBwyNhHtZJRPYnMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zMTdFOTRFM0VDRkVBNzRCRUQ0MUZCQjMwNkE3MUIzQ0E4
RTcxN0ZGN0JBQjg2RjRDQjRCM0E1Q0Y3MDk5NjRDLzAvODVCN0Q5Njg1QkE4REEy
RDZGNDgxQzMyMzYxMUVENjQ5NDRGNjI3My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUI3RDk2ODVCQThEQTJENkY0
ODFDMzIzNjExRUQ2NDk0NEY2MjczLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzE3RTk0RTNFQ0ZFQTc0QkVENDFGQkIzMDZBNzFCM0NBOEU3MTdGRjdC
QUI4NkY0Q0I0QjNBNUNGNzA5OTY0Qy8wLzMyMzAzMDJlMzEzMTMyMmUzMTM5MzIy
ZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzMjM2MzUzNTM1MzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPI
cMAwDQYJKoZIhvcNAQELBQADggEBAADcuXumoy2on+diEempJT9o1OZ9q5/yGDYy
BE1c/Z9J7myMkkusLy6+2DCxgVQiaVZNiTL5VZzgrQ/MDCA2af/MREok9tukk0Hp
WeJSv45IMatn5+g/etfDeDSW4/77qgUIBRpVN/C7YU0MJd5bQ+V5/qZoiV02mqeq
VGXVm9/u/sqX5hx6/DhWyCYh3m1Yn9vhaAa+THb9i/j1AoFi+1E3xhzafmqH33uj
dULIFfmh1DjS+nHFiJ7wU9AQQ7dN38N5DOSUbOFDBNbgm3Pl1Tl+yYc8bNAwrGFK
2REQ8byMkzgKlFeJxne3DT5/BH1o6AqHlIxMNk21ksKTsB8YHbM=
-----END CERTIFICATE-----
Generated at Wed Jul 24 01:25:07 2024 by rpki-client on console-ams.rpki-client.org