Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/3230302e3131322e3232322e302f32332d3234203d3e20323732383833.roa
File:                     3230302e3131322e3232322e302f32332d3234203d3e20323732383833.roa (raw, json)
Hash identifier:          fmXQ/S4Gt4dNe5kfQ+zF3qc2kZKwGsdligQuzYd3hV4=
Subject key identifier:   CE:B8:4C:AE:01:48:D5:FC:6D:E2:6C:FF:AE:F6:5A:C8:F8:6E:E5:66
Certificate issuer:       /CN=2BF2EA70064C593F25670D65BD2C1425EAE424A1
Certificate serial:       35D15B695637115E46DFF18CECF72BA600515364
Authority key identifier: 2B:F2:EA:70:06:4C:59:3F:25:67:0D:65:BD:2C:14:25:EA:E4:24:A1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/3230302e3131322e3232322e302f32332d3234203d3e20323732383833.roa
Signing time:             Wed 06 Aug 2025 22:34:58 +0000
ROA not before:           Wed 06 Aug 2025 22:29:58 +0000
ROA not after:            Wed 05 Aug 2026 22:34:58 +0000
asID:                     272883
IP address blocks:        200.112.222.0/23 maxlen: 24
Validation:               Failed, certificate revoked on Tue 16 Sep 2025 18:15:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:d1:5b:69:56:37:11:5e:46:df:f1:8c:ec:f7:2b:a6:00:51:53:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2BF2EA70064C593F25670D65BD2C1425EAE424A1
        Validity
            Not Before: Aug  6 22:29:58 2025 GMT
            Not After : Aug  5 22:34:58 2026 GMT
        Subject: CN=CEB84CAE0148D5FC6DE26CFFAEF65AC8F86EE566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:31:1a:5c:4d:d3:67:ce:66:a0:af:78:d5:78:
                    e4:57:4c:0a:b3:e9:5d:24:6d:11:e8:99:fa:e5:b9:
                    8d:51:bc:25:fd:b3:c4:e6:79:14:67:fc:16:b7:5e:
                    53:47:62:29:8a:05:cf:fa:6d:77:9b:b9:d3:09:3c:
                    65:8f:2e:8f:f4:82:93:72:cc:ba:18:9a:d8:fb:31:
                    21:b0:54:15:8f:47:3a:4f:6f:bb:00:1a:d5:7d:41:
                    75:f6:c0:39:f2:a6:96:77:5d:4f:23:24:26:95:a6:
                    63:42:d8:bc:5f:b7:51:cc:3f:0b:f5:09:f3:6c:18:
                    ff:27:ef:0e:c9:13:1c:dd:bb:69:13:92:38:93:eb:
                    a8:08:8c:a4:df:c6:0a:c9:c3:2e:c3:e7:e5:09:37:
                    27:24:a1:64:9c:f3:2e:85:c6:71:c4:ba:7b:cd:a9:
                    d5:2b:3e:1d:27:e8:16:d1:3a:60:0a:43:2c:7f:52:
                    f1:c8:3e:28:30:7c:1a:b6:07:b3:fa:2c:0d:61:2d:
                    44:72:16:7b:48:70:f4:d7:f6:31:c9:4a:5d:59:b2:
                    9c:f2:6b:bc:93:3c:92:09:ef:5f:5e:39:75:6d:5e:
                    8f:ae:b7:33:58:cc:b4:37:d3:2d:b8:15:cf:0b:80:
                    f7:a9:e2:58:7f:09:2c:cc:78:10:4a:36:89:f5:ea:
                    06:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:B8:4C:AE:01:48:D5:FC:6D:E2:6C:FF:AE:F6:5A:C8:F8:6E:E5:66
            X509v3 Authority Key Identifier:
                keyid:2B:F2:EA:70:06:4C:59:3F:25:67:0D:65:BD:2C:14:25:EA:E4:24:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2BF2EA70064C593F25670D65BD2C1425EAE424A1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/417BEAF2DA1622668D73BDC590D6641D842D85D7AB797E655342936D8C9C2512/0/3230302e3131322e3232322e302f32332d3234203d3e20323732383833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.112.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:7e:ce:52:c2:50:62:ee:ba:83:4d:58:dc:38:25:73:ad:72:
         35:09:ff:7d:f8:76:08:a1:27:38:10:63:4c:52:21:f4:7b:d6:
         bc:f3:73:0e:3f:90:5f:67:ab:ef:11:03:05:f1:0a:d9:a0:5d:
         75:ba:f0:b5:05:fb:20:79:bc:9d:ae:2c:e0:5e:4a:ed:30:1e:
         ba:6a:a8:2f:bf:03:13:7e:d0:ba:ff:8c:01:07:78:6f:d5:40:
         d5:0d:f0:0a:86:c7:a4:af:90:80:5b:24:ae:d4:cb:e4:c9:31:
         40:7c:97:6f:87:1a:3f:ac:96:0a:02:10:f0:f8:a4:50:80:f4:
         47:08:d6:a0:af:43:3c:1e:8d:51:32:c1:27:d3:2e:02:f4:09:
         59:b0:5c:5c:20:d4:9b:2d:8b:8b:57:5c:72:16:a6:7c:b9:d1:
         a8:d6:49:df:18:2b:55:1a:04:e8:a3:01:cb:60:72:e2:40:54:
         e5:e3:8a:8b:f1:7d:25:6d:14:a9:ae:a3:fd:9d:a6:47:09:f0:
         6c:5d:6c:c6:02:cb:c8:55:31:9a:f8:c3:0a:e0:8d:ea:bf:74:
         ee:81:32:ad:b9:c7:b0:da:33:6e:ce:ef:cd:19:c5:b1:b0:ae:
         dc:27:ac:0a:e1:fd:46:ec:a0:2d:f4:ee:77:ad:c8:e6:5e:37:
         e7:ad:74:e5
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUNdFbaVY3EV5G3/GM7PcrpgBRU2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkJGMkVBNzAwNjRDNTkzRjI1NjcwRDY1QkQyQzE0MjVF
QUU0MjRBMTAeFw0yNTA4MDYyMjI5NThaFw0yNjA4MDUyMjM0NThaMDMxMTAvBgNV
BAMTKENFQjg0Q0FFMDE0OEQ1RkM2REUyNkNGRkFFRjY1QUM4Rjg2RUU1NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzMRpcTdNnzmagr3jVeORXTAqz
6V0kbRHomfrluY1RvCX9s8TmeRRn/Ba3XlNHYimKBc/6bXebudMJPGWPLo/0gpNy
zLoYmtj7MSGwVBWPRzpPb7sAGtV9QXX2wDnyppZ3XU8jJCaVpmNC2Lxft1HMPwv1
CfNsGP8n7w7JExzdu2kTkjiT66gIjKTfxgrJwy7D5+UJNyckoWSc8y6FxnHEunvN
qdUrPh0n6BbROmAKQyx/UvHIPigwfBq2B7P6LA1hLURyFntIcPTX9jHJSl1Zspzy
a7yTPJIJ719eOXVtXo+utzNYzLQ30y24Fc8LgPep4lh/CSzMeBBKNon16gY/AgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUzrhMrgFI1fxt4mz/rvZayPhu5WYwHwYDVR0j
BBgwFoAUK/LqcAZMWT8lZw1lvSwUJerkJKEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80MTdCRUFGMkRBMTYyMjY2OEQ3M0JEQzU5MEQ2NjQxRDg0
MkQ4NUQ3QUI3OTdFNjU1MzQyOTM2RDhDOUMyNTEyLzAvMkJGMkVBNzAwNjRDNTkz
RjI1NjcwRDY1QkQyQzE0MjVFQUU0MjRBMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQkYyRUE3MDA2NEM1OTNGMjU2
NzBENjVCRDJDMTQyNUVBRTQyNEExLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDE3QkVBRjJEQTE2MjI2NjhENzNCREM1OTBENjY0MUQ4NDJEODVEN0FC
Nzk3RTY1NTM0MjkzNkQ4QzlDMjUxMi8wLzMyMzAzMDJlMzEzMTMyMmUzMjMyMzIy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjM3MzIzODM4MzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHI
cN4wDQYJKoZIhvcNAQELBQADggEBADp+zlLCUGLuuoNNWNw4JXOtcjUJ/334dgih
JzgQY0xSIfR71rzzcw4/kF9nq+8RAwXxCtmgXXW68LUF+yB5vJ2uLOBeSu0wHrpq
qC+/AxN+0Lr/jAEHeG/VQNUN8AqGx6SvkIBbJK7Uy+TJMUB8l2+HGj+slgoCEPD4
pFCA9EcI1qCvQzwejVEywSfTLgL0CVmwXFwg1Jsti4tXXHIWpny50ajWSd8YK1Ua
BOijActgcuJAVOXjiovxfSVtFKmuo/2dpkcJ8GxdbMYCy8hVMZr4wwrgjeq/dO6B
Mq25x7DaM27O780ZxbGwrtwnrArh/UbsoC307netyOZeN+etdOU=
-----END CERTIFICATE-----