Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137342e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3137342e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          wP6e/2iQXjbrY2fwYmki1K7aMQkeODmMrH/+ccBt2yA=
Subject key identifier:   38:72:CD:6E:D6:DB:07:FD:2F:EC:90:7B:93:2B:3F:58:B5:D6:BA:F2
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       2141165EBBEE402062695175B0AA762105E8A8FB
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137342e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 09 Oct 2024 18:05:00 +0000
ROA not before:           Wed 09 Oct 2024 18:00:00 +0000
ROA not after:            Wed 08 Oct 2025 18:05:00 +0000
asID:                     28403
IP address blocks:        200.68.174.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Oct 2024 20:40:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:41:16:5e:bb:ee:40:20:62:69:51:75:b0:aa:76:21:05:e8:a8:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Oct  9 18:00:00 2024 GMT
            Not After : Oct  8 18:05:00 2025 GMT
        Subject: CN=3872CD6ED6DB07FD2FEC907B932B3F58B5D6BAF2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:97:03:43:4a:d1:8c:69:82:3b:4c:b9:43:23:
                    a6:d6:1b:24:62:ad:a6:8b:1e:88:dc:02:d5:b9:19:
                    38:8b:fc:a0:c7:be:1a:f4:cf:91:52:05:1e:39:63:
                    4f:f3:b7:8c:b9:cc:16:18:fa:9e:e9:eb:0a:c5:ba:
                    72:4a:2c:ba:85:ea:01:9a:bd:1f:c7:35:59:d6:cb:
                    04:5e:9a:b4:f9:fb:a3:a5:19:02:59:5a:3a:8a:95:
                    36:4b:dc:11:30:1a:26:17:ad:26:94:6a:d0:1c:e4:
                    3a:f1:b1:3a:14:be:f1:a9:57:82:15:be:f5:89:07:
                    88:26:e4:7c:21:e5:79:e2:88:47:25:cc:fa:ff:98:
                    47:d7:31:2b:52:6c:d7:b6:f2:bc:b2:4b:65:91:b3:
                    ad:69:2d:ac:ce:4e:bf:80:33:8c:5e:bb:1e:5d:b1:
                    72:a2:fa:a0:d7:98:6a:d1:c2:48:05:19:9c:7d:e7:
                    eb:6b:4d:a7:a3:4f:cc:c7:a9:2f:11:51:12:72:f2:
                    a6:34:cb:24:9a:84:86:29:51:eb:24:c6:4c:27:c5:
                    5f:85:d0:5f:52:41:ab:57:6a:9f:38:90:cb:1f:2b:
                    0e:75:fd:6e:1d:d1:1b:41:65:c5:24:61:d6:53:23:
                    46:a0:74:03:69:36:e3:73:a5:85:39:af:74:b6:a6:
                    13:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:72:CD:6E:D6:DB:07:FD:2F:EC:90:7B:93:2B:3F:58:B5:D6:BA:F2
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137342e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:9d:46:97:6d:23:cd:28:18:28:c0:0e:9e:31:1c:0a:d4:b0:
         7f:d5:8c:ad:06:bc:f8:05:8e:fe:36:b6:f4:aa:ce:7a:fb:13:
         e3:be:d6:9a:95:6d:92:af:fa:94:40:aa:57:87:4c:72:83:77:
         63:a1:86:4c:cc:a5:25:10:1a:0d:08:7e:18:0d:e2:5e:a7:c8:
         b6:a4:50:80:94:a6:72:a5:af:e1:b5:bf:95:c3:06:35:4b:1c:
         8d:0f:b2:31:c9:40:3a:80:90:57:23:59:e2:a8:42:94:ef:2f:
         7c:5b:7f:ba:01:58:38:18:a0:1f:3b:6a:bd:19:58:73:4a:76:
         be:cb:de:43:2d:38:e6:34:df:fd:31:72:c5:aa:11:52:89:46:
         70:01:60:37:b3:bf:83:e7:f8:c2:74:7f:fa:a8:51:44:ca:21:
         8f:e2:ae:0e:eb:5b:fb:7b:eb:16:6c:6e:27:3b:11:7d:5d:01:
         9f:11:f8:08:82:6f:f1:90:c2:c5:b9:da:bd:9e:74:12:71:31:
         4f:0b:b1:10:0b:bf:6f:41:cb:92:a2:8c:a3:5e:25:8c:a0:43:
         6a:ad:7c:02:ea:80:f8:4c:9f:4a:d5:71:9e:cd:51:3d:56:4b:
         fb:83:6b:02:94:0e:16:99:55:e9:83:e1:49:45:aa:8d:ba:21:
         fa:a2:7b:6d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUIUEWXrvuQCBiaVF1sKp2IQXoqPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDEwMDkxODAwMDBaFw0yNTEwMDgxODA1MDBaMDMxMTAvBgNV
BAMTKDM4NzJDRDZFRDZEQjA3RkQyRkVDOTA3QjkzMkIzRjU4QjVENkJBRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjlwNDStGMaYI7TLlDI6bWGyRi
raaLHojcAtW5GTiL/KDHvhr0z5FSBR45Y0/zt4y5zBYY+p7p6wrFunJKLLqF6gGa
vR/HNVnWywRemrT5+6OlGQJZWjqKlTZL3BEwGiYXrSaUatAc5DrxsToUvvGpV4IV
vvWJB4gm5Hwh5XniiEclzPr/mEfXMStSbNe28ryyS2WRs61pLazOTr+AM4xeux5d
sXKi+qDXmGrRwkgFGZx95+trTaejT8zHqS8RURJy8qY0yySahIYpUeskxkwnxV+F
0F9SQatXap84kMsfKw51/W4d0RtBZcUkYdZTI0agdANpNuNzpYU5r3S2phOxAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUOHLNbtbbB/0v7JB7kys/WLXWuvIwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNzM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhErjAN
BgkqhkiG9w0BAQsFAAOCAQEAjZ1Gl20jzSgYKMAOnjEcCtSwf9WMrQa8+AWO/ja2
9KrOevsT477WmpVtkq/6lECqV4dMcoN3Y6GGTMylJRAaDQh+GA3iXqfItqRQgJSm
cqWv4bW/lcMGNUscjQ+yMclAOoCQVyNZ4qhClO8vfFt/ugFYOBigHztqvRlYc0p2
vsveQy045jTf/TFyxaoRUolGcAFgN7O/g+f4wnR/+qhRRMohj+KuDutb+3vrFmxu
JzsRfV0BnxH4CIJv8ZDCxbnavZ50EnExTwuxEAu/b0HLkqKMo14ljKBDaq18AuqA
+EyfStVxns1RPVZL+4NrApQOFplV6YPhSUWqjboh+qJ7bQ==
-----END CERTIFICATE-----
Generated at Thu Oct 10 22:45:49 2024 by rpki-client on console-ams.rpki-client.org