Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4959E52195AB77942D3818718838B5682BF0C3A84185DEA593C25CB2EB5723CE/0/3136342e3136332e3132312e302f32342d3234203d3e20323635383334.roa
File:                     3136342e3136332e3132312e302f32342d3234203d3e20323635383334.roa (raw, json)
Hash identifier:          U5/zf1Ipl3LMQ3gxjPrhy0DZ6dBCjY+lfM/T8bcO0yA=
Subject key identifier:   E4:17:88:9A:FD:DB:F0:C0:1E:F4:8B:9A:F4:CA:B6:4D:DB:52:F6:66
Certificate issuer:       /CN=CDC0198CD4C656C4ADCEC7370D69F61C4ABEDB1C
Certificate serial:       0607A1C2D8359B47B6B6652628B34CE8BEE244CB
Authority key identifier: CD:C0:19:8C:D4:C6:56:C4:AD:CE:C7:37:0D:69:F6:1C:4A:BE:DB:1C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CDC0198CD4C656C4ADCEC7370D69F61C4ABEDB1C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4959E52195AB77942D3818718838B5682BF0C3A84185DEA593C25CB2EB5723CE/0/3136342e3136332e3132312e302f32342d3234203d3e20323635383334.roa
Signing time:             Tue 05 Mar 2024 18:10:08 +0000
ROA not before:           Tue 05 Mar 2024 18:05:08 +0000
ROA not after:            Tue 04 Mar 2025 18:10:08 +0000
asID:                     265834
IP address blocks:        164.163.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jul 2024 17:40:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:07:a1:c2:d8:35:9b:47:b6:b6:65:26:28:b3:4c:e8:be:e2:44:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CDC0198CD4C656C4ADCEC7370D69F61C4ABEDB1C
        Validity
            Not Before: Mar  5 18:05:08 2024 GMT
            Not After : Mar  4 18:10:08 2025 GMT
        Subject: CN=E417889AFDDBF0C01EF48B9AF4CAB64DDB52F666
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:17:b9:87:a0:be:a4:b4:4b:90:3b:17:43:60:
                    04:d5:af:c6:36:63:8e:60:b3:af:93:be:7f:d5:7e:
                    da:a2:b7:0b:91:43:dc:3c:6c:9b:20:a3:ab:68:25:
                    6e:24:ce:30:c3:f8:24:ef:8f:05:e6:28:18:96:f3:
                    81:81:e1:90:75:6a:1d:3e:6c:25:5e:1f:c0:e3:b2:
                    c3:45:2e:7c:8c:f2:f2:d2:a2:01:71:96:93:03:51:
                    63:56:f1:b1:05:10:63:d3:fc:46:f6:29:e8:2b:d7:
                    29:a3:84:16:cc:77:2b:68:be:b0:00:8c:84:15:21:
                    3c:50:3d:17:51:d6:18:b1:96:2b:0f:a0:9a:11:be:
                    bc:42:c5:db:19:20:4e:72:5f:00:b9:cd:19:bc:32:
                    70:81:c3:c2:0a:10:6f:a0:a5:52:62:62:e3:36:c4:
                    d9:d7:45:dd:0d:57:d3:bd:b3:93:66:d7:8a:db:2c:
                    b0:69:ac:cf:16:8d:ea:af:69:54:c9:e9:d1:a5:50:
                    5e:2d:aa:dd:bd:f8:63:b2:d1:fa:4d:ae:92:d2:79:
                    3c:f5:96:86:f2:e7:47:b3:99:bd:39:59:5b:ef:18:
                    e3:e2:3b:4a:0f:97:9b:dc:fa:2e:50:ec:a3:1c:67:
                    cf:81:e6:89:26:c2:77:23:38:d9:a0:8a:24:49:d3:
                    13:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:17:88:9A:FD:DB:F0:C0:1E:F4:8B:9A:F4:CA:B6:4D:DB:52:F6:66
            X509v3 Authority Key Identifier:
                keyid:CD:C0:19:8C:D4:C6:56:C4:AD:CE:C7:37:0D:69:F6:1C:4A:BE:DB:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4959E52195AB77942D3818718838B5682BF0C3A84185DEA593C25CB2EB5723CE/0/CDC0198CD4C656C4ADCEC7370D69F61C4ABEDB1C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CDC0198CD4C656C4ADCEC7370D69F61C4ABEDB1C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4959E52195AB77942D3818718838B5682BF0C3A84185DEA593C25CB2EB5723CE/0/3136342e3136332e3132312e302f32342d3234203d3e20323635383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.163.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:36:1f:fb:02:2c:5c:b4:f9:c8:73:4a:94:25:6a:c8:e7:a1:
         e3:fb:10:e8:b7:d7:b1:92:e9:75:c3:94:27:5a:35:b3:d7:c7:
         9a:e2:f7:14:3a:ee:e1:7d:43:ab:d2:37:4d:32:eb:86:d0:86:
         bc:03:64:13:4f:cc:a4:32:01:0e:9a:27:ca:43:b7:fc:a5:19:
         39:9b:e0:dd:46:63:f0:3d:f2:06:bb:aa:9b:0a:13:aa:8a:d7:
         6a:0c:5f:96:0d:d6:78:2e:a3:f5:b5:a3:38:da:32:75:1d:23:
         6a:eb:9f:4e:35:69:d9:c4:20:96:3e:0a:4c:6a:e2:a5:cf:ca:
         c3:7a:86:0b:44:85:82:57:cc:84:f4:56:b6:0b:71:15:0e:16:
         af:bd:60:2c:0b:d8:44:8c:f4:14:6d:77:e3:cd:ea:90:46:cf:
         96:0e:21:ca:f1:6a:c4:05:81:10:c9:3f:e2:12:e2:61:dc:eb:
         fb:e1:a6:bf:9b:23:63:5d:36:c2:d3:40:ae:24:97:e5:12:6d:
         39:64:a6:7a:af:52:0f:ce:94:fb:6d:b3:3b:74:01:3c:13:cf:
         6e:1e:a9:08:18:81:97:b8:a2:f5:c8:2b:a4:04:dc:3f:62:3e:
         62:60:f2:5e:19:ff:9f:74:b4:81:34:41:4e:43:8f:50:e0:54:
         ce:00:35:7e
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUBgehwtg1m0e2tmUmKLNM6L7iRMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0RDMDE5OENENEM2NTZDNEFEQ0VDNzM3MEQ2OUY2MUM0
QUJFREIxQzAeFw0yNDAzMDUxODA1MDhaFw0yNTAzMDQxODEwMDhaMDMxMTAvBgNV
BAMTKEU0MTc4ODlBRkREQkYwQzAxRUY0OEI5QUY0Q0FCNjREREI1MkY2NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrF7mHoL6ktEuQOxdDYATVr8Y2
Y45gs6+Tvn/VftqitwuRQ9w8bJsgo6toJW4kzjDD+CTvjwXmKBiW84GB4ZB1ah0+
bCVeH8DjssNFLnyM8vLSogFxlpMDUWNW8bEFEGPT/Eb2Kegr1ymjhBbMdytovrAA
jIQVITxQPRdR1hixlisPoJoRvrxCxdsZIE5yXwC5zRm8MnCBw8IKEG+gpVJiYuM2
xNnXRd0NV9O9s5Nm14rbLLBprM8WjeqvaVTJ6dGlUF4tqt29+GOy0fpNrpLSeTz1
loby50ezmb05WVvvGOPiO0oPl5vc+i5Q7KMcZ8+B5okmwncjONmgiiRJ0xMbAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU5BeImv3b8MAe9Iua9Mq2TdtS9mYwHwYDVR0j
BBgwFoAUzcAZjNTGVsStzsc3DWn2HEq+2xwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80OTU5RTUyMTk1QUI3Nzk0MkQzODE4NzE4ODM4QjU2ODJC
RjBDM0E4NDE4NURFQTU5M0MyNUNCMkVCNTcyM0NFLzAvQ0RDMDE5OENENEM2NTZD
NEFEQ0VDNzM3MEQ2OUY2MUM0QUJFREIxQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DREMwMTk4Q0Q0QzY1NkM0QURD
RUM3MzcwRDY5RjYxQzRBQkVEQjFDLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDk1OUU1MjE5NUFCNzc5NDJEMzgxODcxODgzOEI1NjgyQkYwQzNBODQx
ODVERUE1OTNDMjVDQjJFQjU3MjNDRS8wLzMxMzYzNDJlMzEzNjMzMmUzMTMyMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzUzODMzMzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACk
o3kwDQYJKoZIhvcNAQELBQADggEBAL82H/sCLFy0+chzSpQlasjnoeP7EOi317GS
6XXDlCdaNbPXx5ri9xQ67uF9Q6vSN00y64bQhrwDZBNPzKQyAQ6aJ8pDt/ylGTmb
4N1GY/A98ga7qpsKE6qK12oMX5YN1nguo/W1ozjaMnUdI2rrn041adnEIJY+Ckxq
4qXPysN6hgtEhYJXzIT0VrYLcRUOFq+9YCwL2ESM9BRtd+PN6pBGz5YOIcrxasQF
gRDJP+IS4mHc6/vhpr+bI2NdNsLTQK4kl+USbTlkpnqvUg/OlPttszt0ATwTz24e
qQgYgZe4ovXIK6QE3D9iPmJg8l4Z/590tIE0QU5Dj1DgVM4ANX4=
-----END CERTIFICATE-----