Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136382e302f32342d3234203d3e203238343033.roa
File:                     3230302e39352e3136382e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          GlDCtb/Y6ZK5GqlVW+GZO+z7RnFokpuEs+Xzo8/WwYg=
Subject key identifier:   2C:9A:59:CC:B3:70:C8:11:E3:54:36:78:17:53:A8:D6:A6:E5:6E:CC
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       4925730DEEA167955C622A2071E187E0DB21D7EB
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136382e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 09 Oct 2024 18:10:00 +0000
ROA not before:           Wed 09 Oct 2024 18:05:00 +0000
ROA not after:            Wed 08 Oct 2025 18:10:00 +0000
asID:                     28403
IP address blocks:        200.95.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Oct 2024 19:15:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:25:73:0d:ee:a1:67:95:5c:62:2a:20:71:e1:87:e0:db:21:d7:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Oct  9 18:05:00 2024 GMT
            Not After : Oct  8 18:10:00 2025 GMT
        Subject: CN=2C9A59CCB370C811E35436781753A8D6A6E56ECC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:95:10:ec:2c:da:21:f3:d8:85:28:1d:7d:fc:
                    c6:f8:5a:c7:40:5b:2d:87:49:09:c3:6c:be:a0:33:
                    29:3e:da:65:6f:27:14:31:af:68:82:68:f7:93:9d:
                    ab:08:34:e6:d5:82:87:06:13:a8:83:ea:9a:61:7d:
                    d9:74:2f:b4:2d:de:c6:65:80:fb:b3:36:7c:f7:40:
                    7b:47:85:4d:fc:06:34:b8:fa:b1:d4:43:31:91:f6:
                    b6:b3:55:98:52:7a:bb:b3:78:0b:c3:6d:e2:2e:5e:
                    31:4f:0f:28:91:aa:df:d9:62:5d:0e:3e:f0:81:4b:
                    ba:b8:03:00:27:4e:58:58:7b:a7:d2:1c:7a:5d:83:
                    65:56:e9:32:24:0a:70:7c:c9:8a:76:b0:28:52:68:
                    de:74:95:d7:e4:f6:ce:bf:65:3e:51:bd:f3:45:40:
                    b8:db:06:ac:ac:95:2a:03:ec:5b:ca:84:c5:85:f0:
                    76:bf:91:d9:fb:ad:4a:51:dc:7e:2f:1b:f8:e9:7d:
                    13:d6:e7:b0:63:c5:37:5b:77:ce:8c:2c:97:1b:68:
                    de:64:8c:55:0f:e5:ba:83:46:53:4a:fa:fb:3a:25:
                    21:e8:cf:cd:63:19:3d:d5:41:ad:2d:fc:d1:56:de:
                    67:6a:09:bf:23:fd:e1:b7:7a:c0:df:a6:0f:e6:3b:
                    63:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:9A:59:CC:B3:70:C8:11:E3:54:36:78:17:53:A8:D6:A6:E5:6E:CC
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e39352e3136382e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.95.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:20:47:d5:5d:60:4a:de:aa:b7:af:38:e8:08:73:a5:41:1d:
         fa:eb:38:a2:73:03:02:55:28:1b:02:a7:83:3f:f2:f7:f0:8d:
         c3:c0:dc:e3:47:33:0d:55:03:b9:0a:51:8a:56:5f:bf:d7:45:
         17:12:5a:cb:69:a8:02:ed:eb:71:c1:e0:d4:80:f8:67:0d:2e:
         be:89:cd:0e:c6:df:ac:ea:1b:31:da:e4:8a:ac:55:7a:96:22:
         c5:bc:bf:8b:5c:88:cb:04:c5:e8:7b:7d:61:25:cf:99:45:0c:
         f8:b0:0f:7e:5c:27:2b:7c:0e:d8:91:67:2d:d4:53:81:76:4a:
         d0:a0:44:b5:4a:c6:13:ea:85:e8:b4:81:1f:5f:aa:64:71:ab:
         98:1f:80:41:d1:50:6c:fe:30:24:03:b6:40:36:89:ee:24:ac:
         1b:80:30:4a:ba:3f:dd:dc:29:e3:62:98:77:8c:9c:a6:1c:ce:
         23:cc:8a:c6:4a:80:a7:0d:81:39:1e:69:91:14:5f:4e:80:23:
         20:64:eb:94:ea:c9:cd:40:3c:a5:1f:df:2d:e4:35:84:d2:dc:
         ae:bd:59:34:b1:84:b6:31:28:54:13:32:97:c9:15:f1:bf:fb:
         43:76:ea:b8:1e:24:ad:92:0f:85:be:a6:f3:7a:2f:fb:ba:f1:
         31:65:95:3f
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUSSVzDe6hZ5VcYiogceGH4Nsh1+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDEwMDkxODA1MDBaFw0yNTEwMDgxODEwMDBaMDMxMTAvBgNV
BAMTKDJDOUE1OUNDQjM3MEM4MTFFMzU0MzY3ODE3NTNBOEQ2QTZFNTZFQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPlRDsLNoh89iFKB19/Mb4WsdA
Wy2HSQnDbL6gMyk+2mVvJxQxr2iCaPeTnasINObVgocGE6iD6pphfdl0L7Qt3sZl
gPuzNnz3QHtHhU38BjS4+rHUQzGR9razVZhSeruzeAvDbeIuXjFPDyiRqt/ZYl0O
PvCBS7q4AwAnTlhYe6fSHHpdg2VW6TIkCnB8yYp2sChSaN50ldfk9s6/ZT5RvfNF
QLjbBqyslSoD7FvKhMWF8Ha/kdn7rUpR3H4vG/jpfRPW57BjxTdbd86MLJcbaN5k
jFUP5bqDRlNK+vs6JSHoz81jGT3VQa0t/NFW3mdqCb8j/eG3esDfpg/mO2OfAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQULJpZzLNwyBHjVDZ4F1Oo1qblbswwHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzkzNTJlMzEzNjM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhfqDAN
BgkqhkiG9w0BAQsFAAOCAQEAYSBH1V1gSt6qt6846AhzpUEd+us4onMDAlUoGwKn
gz/y9/CNw8Dc40czDVUDuQpRilZfv9dFFxJay2moAu3rccHg1ID4Zw0uvonNDsbf
rOobMdrkiqxVepYixby/i1yIywTF6Ht9YSXPmUUM+LAPflwnK3wO2JFnLdRTgXZK
0KBEtUrGE+qF6LSBH1+qZHGrmB+AQdFQbP4wJAO2QDaJ7iSsG4AwSro/3dwp42KY
d4ycphzOI8yKxkqApw2BOR5pkRRfToAjIGTrlOrJzUA8pR/fLeQ1hNLcrr1ZNLGE
tjEoVBMyl8kV8b/7Q3bquB4krZIPhb6m83ov+7rxMWWVPw==
-----END CERTIFICATE-----
Generated at Thu Oct 10 21:20:30 2024 by rpki-client on console-ams.rpki-client.org