Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135362e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3135362e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          g7l7vv1nmPIbvQHGEdEFTm+DX5wwlQfDCt349xXkhWw=
Subject key identifier:   BB:B3:6F:15:7D:45:D9:D7:2D:7E:04:07:04:FE:C4:6B:34:F8:54:BD
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       20E863DE29F0EDADA228EA07050781D705D08BD1
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135362e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 09 Oct 2024 17:55:00 +0000
ROA not before:           Wed 09 Oct 2024 17:50:00 +0000
ROA not after:            Wed 08 Oct 2025 17:55:00 +0000
asID:                     28403
IP address blocks:        200.68.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Oct 2024 20:40:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:e8:63:de:29:f0:ed:ad:a2:28:ea:07:05:07:81:d7:05:d0:8b:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Oct  9 17:50:00 2024 GMT
            Not After : Oct  8 17:55:00 2025 GMT
        Subject: CN=BBB36F157D45D9D72D7E040704FEC46B34F854BD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f7:57:c5:70:1b:2a:3e:05:f0:33:64:c0:8f:
                    aa:27:90:f3:3e:d4:49:ae:89:6a:d7:b7:a3:94:4b:
                    7c:31:d8:d6:39:f8:76:f5:8d:6f:9b:47:47:b9:e9:
                    8f:90:bd:49:ea:d0:c6:ca:1d:1e:38:e7:47:ae:24:
                    98:7e:08:f4:5b:22:6c:e4:23:10:78:75:b7:94:fc:
                    65:59:2f:b7:db:4e:24:9b:b0:46:14:eb:1b:7c:60:
                    d5:71:fd:0b:c6:de:74:57:a9:57:02:57:9d:ee:74:
                    b6:be:39:ed:24:53:67:bc:92:c6:d5:45:3f:c7:0c:
                    0c:3a:90:3b:59:48:45:c9:60:f7:57:6b:b2:9d:06:
                    63:67:30:bb:67:09:c1:3b:fe:d5:7e:b1:e4:25:d7:
                    21:fa:83:f4:a9:c7:0d:78:94:1e:60:fb:59:1c:c9:
                    bd:7e:a8:5a:0f:10:a2:f8:e5:2a:a3:3b:26:00:9a:
                    e8:51:86:7c:23:32:45:ea:0f:c7:88:40:bd:55:c5:
                    42:8c:f5:f3:a4:ea:33:9f:a9:57:8a:50:ce:ee:2a:
                    b7:87:c6:50:8b:1b:b4:7a:64:2f:dd:c2:e4:e0:76:
                    6e:f2:4c:13:47:64:ab:34:3f:0a:3a:64:d4:93:c2:
                    4e:51:12:f8:2d:3a:28:f0:ab:41:f8:ba:35:3b:7e:
                    49:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:B3:6F:15:7D:45:D9:D7:2D:7E:04:07:04:FE:C4:6B:34:F8:54:BD
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3135362e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:8d:37:0c:ac:f9:5c:b7:36:77:3c:25:c0:b4:ff:68:4c:f7:
         42:e7:30:19:1d:ff:4d:4f:40:1f:11:5b:6b:70:83:cc:54:39:
         59:76:f5:54:2c:fe:f6:8a:7f:ba:26:36:2a:83:10:1a:bf:d3:
         69:c4:2b:74:29:fd:82:94:91:64:c7:8c:fb:e8:da:78:a1:41:
         07:8e:35:ab:ee:4e:05:93:06:90:b7:fd:54:b7:a4:31:5f:ee:
         cb:10:53:79:19:76:d0:a3:d3:88:1e:00:9c:cc:6b:e0:3d:9d:
         24:48:76:28:86:74:29:d0:ae:75:36:ea:38:33:61:8c:cf:76:
         68:aa:b4:7c:c2:14:66:2c:b3:fd:25:32:fa:9f:b5:66:e6:a1:
         95:19:6c:bf:f6:f5:f2:70:78:05:ae:a1:92:97:20:31:2d:04:
         2b:59:96:63:dc:1e:84:09:7f:76:51:58:e0:6a:0d:fb:39:a6:
         3f:24:50:c7:07:55:d2:58:af:06:42:ca:ac:45:ce:fc:ea:05:
         07:a2:6f:30:1c:d1:49:ca:f5:fb:5b:b9:f6:92:49:44:9d:1d:
         a4:a3:eb:13:02:8c:07:84:db:1d:c8:8f:20:e7:7f:bd:ce:f8:
         19:cc:0c:5f:a8:b9:b4:07:dd:67:aa:d5:1e:e3:fa:57:e6:53:
         7e:71:ca:51
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUIOhj3inw7a2iKOoHBQeB1wXQi9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDEwMDkxNzUwMDBaFw0yNTEwMDgxNzU1MDBaMDMxMTAvBgNV
BAMTKEJCQjM2RjE1N0Q0NUQ5RDcyRDdFMDQwNzA0RkVDNDZCMzRGODU0QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC491fFcBsqPgXwM2TAj6onkPM+
1EmuiWrXt6OUS3wx2NY5+Hb1jW+bR0e56Y+QvUnq0MbKHR4450euJJh+CPRbImzk
IxB4dbeU/GVZL7fbTiSbsEYU6xt8YNVx/QvG3nRXqVcCV53udLa+Oe0kU2e8ksbV
RT/HDAw6kDtZSEXJYPdXa7KdBmNnMLtnCcE7/tV+seQl1yH6g/Spxw14lB5g+1kc
yb1+qFoPEKL45SqjOyYAmuhRhnwjMkXqD8eIQL1VxUKM9fOk6jOfqVeKUM7uKreH
xlCLG7R6ZC/dwuTgdm7yTBNHZKs0Pwo6ZNSTwk5REvgtOijwq0H4ujU7fkkRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUu7NvFX1F2dctfgQHBP7EazT4VL0wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNTM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEnDAN
BgkqhkiG9w0BAQsFAAOCAQEAVI03DKz5XLc2dzwlwLT/aEz3QucwGR3/TU9AHxFb
a3CDzFQ5WXb1VCz+9op/uiY2KoMQGr/TacQrdCn9gpSRZMeM++jaeKFBB441q+5O
BZMGkLf9VLekMV/uyxBTeRl20KPTiB4AnMxr4D2dJEh2KIZ0KdCudTbqODNhjM92
aKq0fMIUZiyz/SUy+p+1ZuahlRlsv/b18nB4Ba6hkpcgMS0EK1mWY9wehAl/dlFY
4GoN+zmmPyRQxwdV0livBkLKrEXO/OoFB6JvMBzRScr1+1u59pJJRJ0dpKPrEwKM
B4TbHciPIOd/vc74GcwMX6i5tAfdZ6rVHuP6V+ZTfnHKUQ==
-----END CERTIFICATE-----
Generated at Thu Oct 10 22:40:02 2024 by rpki-client on console-fra.rpki-client.org