Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/323830333a3363303a3a2f33322d3438203d3e20323635373238.roa
File:                     323830333a3363303a3a2f33322d3438203d3e20323635373238.roa (raw, json)
Hash identifier:          bD+kyA0VdbhGra4RPDDHaxiXybU7kqywUGCutY0UZxs=
Subject key identifier:   48:32:1C:D6:0E:FA:70:E1:9B:D0:5E:8E:35:62:8F:43:D2:ED:04:2F
Certificate issuer:       /CN=B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444
Certificate serial:       56AF68413032B9B8F8019DEFF801B9BBFEB4895D
Authority key identifier: B7:E1:AB:EC:01:0A:BB:9A:F4:63:BF:22:B1:6C:56:1B:5C:2C:44:44
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/323830333a3363303a3a2f33322d3438203d3e20323635373238.roa
Signing time:             Tue 05 Mar 2024 17:42:23 +0000
ROA not before:           Tue 05 Mar 2024 17:37:23 +0000
ROA not after:            Tue 04 Mar 2025 17:42:23 +0000
asID:                     265728
IP address blocks:        2803:3c0::/32 maxlen: 48

Validation:               Failed, certificate revoked on Fri 31 May 2024 20:45:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:af:68:41:30:32:b9:b8:f8:01:9d:ef:f8:01:b9:bb:fe:b4:89:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444
        Validity
            Not Before: Mar  5 17:37:23 2024 GMT
            Not After : Mar  4 17:42:23 2025 GMT
        Subject: CN=48321CD60EFA70E19BD05E8E35628F43D2ED042F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:25:67:4a:17:dc:73:a3:dd:c3:49:92:34:b6:
                    53:36:4a:70:11:6f:57:75:a2:00:64:84:ed:41:09:
                    32:7d:e6:d5:21:0f:ab:21:74:26:2f:72:99:26:89:
                    17:e8:61:a9:fa:dc:a2:bf:e2:a8:45:8c:84:1f:0a:
                    1c:68:7a:39:c8:6f:c0:02:46:f2:c8:bb:a2:98:d1:
                    34:67:91:b4:07:fb:a6:38:b3:d2:45:47:c1:a4:05:
                    8c:a1:e1:8f:c3:b8:19:8f:1e:a8:3a:98:df:96:c9:
                    a8:44:07:53:30:72:a9:ab:d2:31:da:06:8b:7c:f6:
                    dd:27:1e:b3:c9:9e:4b:9b:d6:fe:ab:9f:b5:8e:25:
                    25:c4:fa:9d:a2:77:2a:a2:2c:9f:bc:dc:20:7f:5f:
                    3a:3e:64:57:e2:4f:78:7b:94:81:a4:3c:ca:9a:41:
                    80:a9:b9:19:35:bb:30:28:f5:18:74:15:30:c3:09:
                    ba:38:2c:e5:cf:c1:d0:27:97:5d:3c:79:ee:bc:54:
                    ad:75:79:c4:9e:3d:97:c2:49:59:df:2e:6e:41:f1:
                    c1:2b:1c:0b:a2:a8:1b:7e:ca:ae:15:8c:f2:8c:87:
                    df:e7:7f:af:95:3d:ed:e2:cf:f5:81:67:ee:95:39:
                    6e:ec:20:a6:5f:2d:eb:71:02:29:ed:30:b7:c8:c2:
                    7f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:32:1C:D6:0E:FA:70:E1:9B:D0:5E:8E:35:62:8F:43:D2:ED:04:2F
            X509v3 Authority Key Identifier:
                keyid:B7:E1:AB:EC:01:0A:BB:9A:F4:63:BF:22:B1:6C:56:1B:5C:2C:44:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B7E1ABEC010ABB9AF463BF22B16C561B5C2C4444.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A511D681E72F9D814F7BD8FC39D1FED7EA3F94AB704F688C8C38F1A51732BDC/0/323830333a3363303a3a2f33322d3438203d3e20323635373238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:3c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:e6:a8:30:dc:69:1c:df:82:83:9f:5a:38:10:97:85:84:f4:
         4c:7f:70:af:27:9e:25:72:59:d5:70:1b:26:fd:ff:97:c9:e3:
         93:ba:b4:54:a2:91:4c:bb:86:7b:f6:28:2e:05:83:ac:4d:9d:
         c0:57:88:cd:5d:d4:b6:16:82:b0:84:9f:db:6a:32:89:17:2d:
         e9:62:db:2a:9d:47:28:ef:9e:80:1b:8b:85:a0:b5:d6:d5:a0:
         6d:60:4a:b1:79:82:1e:c5:de:eb:91:15:54:4b:36:59:6a:72:
         cb:b3:04:85:ac:83:c4:bf:e6:97:6a:6a:27:4e:6b:aa:71:44:
         13:81:98:56:13:3f:0f:2c:71:64:9f:ae:d6:c5:e5:1e:82:83:
         b5:4e:b7:b7:60:0c:da:9c:37:c3:e4:bb:08:d3:18:b7:27:b6:
         e5:f8:3b:e3:e6:f0:34:93:db:9d:4b:5d:ad:0a:fd:35:f1:c1:
         ca:c7:1d:53:10:40:34:14:57:0f:6c:15:bb:91:28:6a:29:69:
         c6:62:02:e6:d1:ec:04:ad:9d:26:e6:16:fb:3a:8d:86:4b:ea:
         da:77:ba:42:6f:90:ee:d1:e0:c3:9d:88:3c:0b:2b:13:c1:25:
         06:20:07:8e:dc:06:5a:9a:80:eb:f3:cf:87:43:de:7b:e1:7f:
         04:f2:67:1e
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUVq9oQTAyubj4AZ3v+AG5u/60iV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjdFMUFCRUMwMTBBQkI5QUY0NjNCRjIyQjE2QzU2MUI1
QzJDNDQ0NDAeFw0yNDAzMDUxNzM3MjNaFw0yNTAzMDQxNzQyMjNaMDMxMTAvBgNV
BAMTKDQ4MzIxQ0Q2MEVGQTcwRTE5QkQwNUU4RTM1NjI4RjQzRDJFRDA0MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsJWdKF9xzo93DSZI0tlM2SnAR
b1d1ogBkhO1BCTJ95tUhD6shdCYvcpkmiRfoYan63KK/4qhFjIQfChxoejnIb8AC
RvLIu6KY0TRnkbQH+6Y4s9JFR8GkBYyh4Y/DuBmPHqg6mN+WyahEB1Mwcqmr0jHa
Bot89t0nHrPJnkub1v6rn7WOJSXE+p2idyqiLJ+83CB/Xzo+ZFfiT3h7lIGkPMqa
QYCpuRk1uzAo9Rh0FTDDCbo4LOXPwdAnl108ee68VK11ecSePZfCSVnfLm5B8cEr
HAuiqBt+yq4VjPKMh9/nf6+VPe3iz/WBZ+6VOW7sIKZfLetxAintMLfIwn9hAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUSDIc1g76cOGb0F6ONWKPQ9LtBC8wHwYDVR0j
BBgwFoAUt+Gr7AEKu5r0Y78isWxWG1wsREQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTUxMUQ2ODFFNzJGOUQ4MTRGN0JEOEZDMzlEMUZFRDdF
QTNGOTRBQjcwNEY2ODhDOEMzOEYxQTUxNzMyQkRDLzAvQjdFMUFCRUMwMTBBQkI5
QUY0NjNCRjIyQjE2QzU2MUI1QzJDNDQ0NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CN0UxQUJFQzAxMEFCQjlBRjQ2
M0JGMjJCMTZDNTYxQjVDMkM0NDQ0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E1MTFENjgxRTcyRjlEODE0RjdCRDhGQzM5RDFGRUQ3RUEzRjk0QUI3
MDRGNjg4QzhDMzhGMUE1MTczMkJEQy8wLzMyMzgzMDMzM2EzMzYzMzAzYTNhMmYz
MzMyMmQzNDM4MjAzZDNlMjAzMjM2MzUzNzMyMzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAwPAMA0G
CSqGSIb3DQEBCwUAA4IBAQCu5qgw3Gkc34KDn1o4EJeFhPRMf3CvJ54lclnVcBsm
/f+XyeOTurRUopFMu4Z79iguBYOsTZ3AV4jNXdS2FoKwhJ/bajKJFy3pYtsqnUco
756AG4uFoLXW1aBtYEqxeYIexd7rkRVUSzZZanLLswSFrIPEv+aXamonTmuqcUQT
gZhWEz8PLHFkn67WxeUegoO1Tre3YAzanDfD5LsI0xi3J7bl+Dvj5vA0k9udS12t
Cv018cHKxx1TEEA0FFcPbBW7kShqKWnGYgLm0ewErZ0m5hb7Oo2GS+rad7pCb5Du
0eDDnYg8CysTwSUGIAeO3AZamoDr88+HQ9574X8E8mce
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:11 2024 by rpki-client on console-ams.rpki-client.org