Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/376F6627568BCBB4E21C3E5832A3FA2E8C58C9A0E6E4F3FB10EC5AAEC404592E/0/34352e372e3233362e302f32322d3234203d3e203237383834.roa
File:                     34352e372e3233362e302f32322d3234203d3e203237383834.roa (raw, json)
Hash identifier:          6yA7rLEsDRb4EN+EI6LOh8QI7NV9d0alOewOH7aUdIs=
Subject key identifier:   61:3E:3B:C6:5C:62:FD:15:C6:58:83:C4:33:40:42:58:01:6E:C9:9A
Certificate issuer:       /CN=FEF6C9FB84C09AE8D6288A94909900981E3BB95B
Certificate serial:       0229C6037BB999187BB80155C37F6BED323D1FED
Authority key identifier: FE:F6:C9:FB:84:C0:9A:E8:D6:28:8A:94:90:99:00:98:1E:3B:B9:5B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FEF6C9FB84C09AE8D6288A94909900981E3BB95B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/376F6627568BCBB4E21C3E5832A3FA2E8C58C9A0E6E4F3FB10EC5AAEC404592E/0/34352e372e3233362e302f32322d3234203d3e203237383834.roa
Signing time:             Tue 05 Mar 2024 17:50:14 +0000
ROA not before:           Tue 05 Mar 2024 17:45:14 +0000
ROA not after:            Tue 04 Mar 2025 17:50:14 +0000
asID:                     27884
IP address blocks:        45.7.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 14 Aug 2024 01:25:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:29:c6:03:7b:b9:99:18:7b:b8:01:55:c3:7f:6b:ed:32:3d:1f:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FEF6C9FB84C09AE8D6288A94909900981E3BB95B
        Validity
            Not Before: Mar  5 17:45:14 2024 GMT
            Not After : Mar  4 17:50:14 2025 GMT
        Subject: CN=613E3BC65C62FD15C65883C433404258016EC99A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0f:3a:d5:6a:dc:01:fe:f1:d8:c8:78:67:b8:
                    58:4b:82:32:46:e5:3d:65:b8:04:87:c5:fe:0d:7e:
                    a4:08:3c:a3:85:96:22:bf:d7:98:a2:d2:74:e6:dc:
                    96:96:39:06:f1:5c:1c:df:7b:41:9e:51:8d:08:72:
                    9d:f8:5e:e8:65:33:33:30:55:0b:ff:5b:ac:69:70:
                    39:0c:26:d9:d3:51:df:40:b5:81:e4:10:0a:1c:f0:
                    84:be:47:cd:f6:bc:e8:e8:67:34:db:40:79:e4:b6:
                    de:dd:cf:16:97:27:47:30:e6:72:2c:da:8b:62:82:
                    a4:55:c8:73:a0:e9:5c:db:2f:28:93:e8:43:d4:9b:
                    58:4c:47:80:2c:22:a1:39:c7:e4:96:b4:66:31:47:
                    d1:b2:e3:f9:ee:51:e5:90:37:f0:62:d2:24:b3:a1:
                    8d:a7:70:ab:51:fe:95:14:13:35:0b:8a:21:c3:6a:
                    29:e4:b5:8a:e8:8e:73:97:32:60:6c:d0:4b:ac:99:
                    b8:6f:0f:4a:19:6a:47:6a:03:da:3c:e9:6b:27:21:
                    19:37:60:9c:f9:cc:0a:89:f3:12:ed:49:b0:6e:fb:
                    09:8a:ff:9a:c5:16:3e:82:40:ad:8a:33:24:00:64:
                    dd:f7:d0:fc:6f:51:94:53:2e:bd:38:f5:fd:f6:f2:
                    31:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:3E:3B:C6:5C:62:FD:15:C6:58:83:C4:33:40:42:58:01:6E:C9:9A
            X509v3 Authority Key Identifier:
                keyid:FE:F6:C9:FB:84:C0:9A:E8:D6:28:8A:94:90:99:00:98:1E:3B:B9:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/376F6627568BCBB4E21C3E5832A3FA2E8C58C9A0E6E4F3FB10EC5AAEC404592E/0/FEF6C9FB84C09AE8D6288A94909900981E3BB95B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FEF6C9FB84C09AE8D6288A94909900981E3BB95B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/376F6627568BCBB4E21C3E5832A3FA2E8C58C9A0E6E4F3FB10EC5AAEC404592E/0/34352e372e3233362e302f32322d3234203d3e203237383834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.7.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         40:10:b1:d9:3e:d5:91:2e:78:a6:7a:34:20:ac:41:4a:2a:4c:
         3e:e0:ed:c3:21:2a:9d:24:c1:d8:ca:2d:b0:60:b5:16:f0:2b:
         31:6b:c3:bc:5f:94:08:d7:47:30:fd:bb:0a:03:f5:f0:ab:de:
         57:63:01:80:5c:bb:8d:2f:ce:4b:5e:7f:5a:04:35:eb:ba:f9:
         e2:5f:4e:05:95:0e:b9:20:19:fa:44:f6:12:7d:0b:d7:bf:96:
         8d:8a:93:ee:e6:98:7d:bb:de:f5:0f:7f:2e:d8:24:25:1e:d9:
         64:ba:08:5e:ae:61:f7:28:de:bc:ae:5e:e0:0e:e9:59:87:1c:
         d5:34:fb:af:19:a0:b1:b7:88:49:99:32:2f:71:55:bf:c6:88:
         04:f1:4c:f1:3c:2a:ba:c4:90:6c:25:d4:93:d5:5d:5b:79:b0:
         73:9b:36:29:4e:61:fc:37:69:9e:f5:da:b3:c1:ec:65:d2:56:
         5f:07:55:22:9b:4a:ab:7d:c7:d1:ca:49:f4:9b:74:f2:b2:a1:
         30:d5:c7:8b:ca:a7:4c:05:12:aa:7a:d7:31:35:98:7b:2e:50:
         20:13:75:d3:d9:7b:34:34:47:7e:86:e0:27:78:7b:b8:64:0b:
         0d:79:b1:14:ee:05:5a:92:86:71:a3:13:ff:98:43:3f:e2:07:
         de:1f:95:28
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUAinGA3u5mRh7uAFVw39r7TI9H+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkVGNkM5RkI4NEMwOUFFOEQ2Mjg4QTk0OTA5OTAwOTgx
RTNCQjk1QjAeFw0yNDAzMDUxNzQ1MTRaFw0yNTAzMDQxNzUwMTRaMDMxMTAvBgNV
BAMTKDYxM0UzQkM2NUM2MkZEMTVDNjU4ODNDNDMzNDA0MjU4MDE2RUM5OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbDzrVatwB/vHYyHhnuFhLgjJG
5T1luASHxf4NfqQIPKOFliK/15ii0nTm3JaWOQbxXBzfe0GeUY0Icp34XuhlMzMw
VQv/W6xpcDkMJtnTUd9AtYHkEAoc8IS+R832vOjoZzTbQHnktt7dzxaXJ0cw5nIs
2otigqRVyHOg6VzbLyiT6EPUm1hMR4AsIqE5x+SWtGYxR9Gy4/nuUeWQN/Bi0iSz
oY2ncKtR/pUUEzULiiHDainktYrojnOXMmBs0EusmbhvD0oZakdqA9o86WsnIRk3
YJz5zAqJ8xLtSbBu+wmK/5rFFj6CQK2KMyQAZN330PxvUZRTLr049f328jEDAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUYT47xlxi/RXGWIPEM0BCWAFuyZowHwYDVR0j
BBgwFoAU/vbJ+4TAmujWKIqUkJkAmB47uVswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNzZGNjYyNzU2OEJDQkI0RTIxQzNFNTgzMkEzRkEyRThD
NThDOUEwRTZFNEYzRkIxMEVDNUFBRUM0MDQ1OTJFLzAvRkVGNkM5RkI4NEMwOUFF
OEQ2Mjg4QTk0OTA5OTAwOTgxRTNCQjk1Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GRUY2QzlGQjg0QzA5QUU4RDYy
ODhBOTQ5MDk5MDA5ODFFM0JCOTVCLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzc2RjY2Mjc1NjhCQ0JCNEUyMUMzRTU4MzJBM0ZBMkU4QzU4QzlBMEU2
RTRGM0ZCMTBFQzVBQUVDNDA0NTkyRS8wLzM0MzUyZTM3MmUzMjMzMzYyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMjM3MzgzODM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQfsMA0GCSqG
SIb3DQEBCwUAA4IBAQBAELHZPtWRLnimejQgrEFKKkw+4O3DISqdJMHYyi2wYLUW
8Csxa8O8X5QI10cw/bsKA/Xwq95XYwGAXLuNL85LXn9aBDXruvniX04FlQ65IBn6
RPYSfQvXv5aNipPu5ph9u971D38u2CQlHtlkughermH3KN68rl7gDulZhxzVNPuv
GaCxt4hJmTIvcVW/xogE8UzxPCq6xJBsJdST1V1bebBzmzYpTmH8N2me9dqzwexl
0lZfB1Uim0qrfcfRykn0m3TysqEw1ceLyqdMBRKqetcxNZh7LlAgE3XT2Xs0NEd+
huAneHu4ZAsNebEU7gVakoZxoxP/mEM/4gfeH5Uo
-----END CERTIFICATE-----