Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4FCBD94D88BF929AA50D775062E0A115AF04A18FBF4D9FF1512B9CBA509E4042/0/3139302e35322e3131382e302f32342d3234203d3e2037313535.roa
File:                     3139302e35322e3131382e302f32342d3234203d3e2037313535.roa (raw, json)
Hash identifier:          Sd08BWtCVufzQirp6nqy7cbDoK3/OWcKAdShXtM9+pk=
Subject key identifier:   B0:D5:0A:1E:45:B7:CE:82:CF:F9:37:9F:DC:B1:DF:27:9B:3C:12:FA
Certificate issuer:       /CN=3D608F1A58C367A78F93EDCEF6DA6EACD069209B
Certificate serial:       45D960843C03CD34C10E15EBBCDD3F2441A436F6
Authority key identifier: 3D:60:8F:1A:58:C3:67:A7:8F:93:ED:CE:F6:DA:6E:AC:D0:69:20:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D608F1A58C367A78F93EDCEF6DA6EACD069209B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4FCBD94D88BF929AA50D775062E0A115AF04A18FBF4D9FF1512B9CBA509E4042/0/3139302e35322e3131382e302f32342d3234203d3e2037313535.roa
Signing time:             Wed 13 Mar 2024 19:40:02 +0000
ROA not before:           Wed 13 Mar 2024 19:35:02 +0000
ROA not after:            Wed 12 Mar 2025 19:40:02 +0000
asID:                     7155
IP address blocks:        190.52.118.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Sep 2024 16:35:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:d9:60:84:3c:03:cd:34:c1:0e:15:eb:bc:dd:3f:24:41:a4:36:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D608F1A58C367A78F93EDCEF6DA6EACD069209B
        Validity
            Not Before: Mar 13 19:35:02 2024 GMT
            Not After : Mar 12 19:40:02 2025 GMT
        Subject: CN=B0D50A1E45B7CE82CFF9379FDCB1DF279B3C12FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ec:cc:62:d0:18:9a:d1:f8:af:b5:7f:4a:e8:
                    71:b7:ed:c8:e1:88:93:f0:71:71:f8:b5:86:69:ce:
                    31:c5:65:13:2b:8d:57:a0:77:d1:26:63:26:f0:92:
                    64:ae:aa:52:45:53:c0:cc:7b:93:59:3c:4e:bd:c1:
                    50:08:d3:37:63:5a:27:9d:93:40:e7:c5:ef:5d:57:
                    7f:28:2d:ae:0e:6c:ba:37:0b:dd:62:d3:63:77:45:
                    e3:98:3f:94:e5:25:ab:e0:1e:04:9d:04:17:1e:fb:
                    28:72:ee:7f:92:ad:b3:f2:9e:cd:98:f0:a5:ce:0f:
                    7e:8e:52:91:8b:26:d5:0d:da:98:d5:60:86:51:c6:
                    84:a1:3d:33:c2:2c:3b:d7:66:77:c2:22:b6:5d:41:
                    61:13:ea:19:1c:88:3b:08:cd:77:33:12:b1:61:49:
                    16:b2:db:66:ed:d9:9a:5a:32:74:5d:e3:36:0b:f0:
                    08:29:5e:3f:18:f7:9e:ae:2e:0d:15:4a:eb:1f:e4:
                    b7:6a:a5:14:67:84:e4:64:37:2c:cb:91:6d:21:b8:
                    4d:b8:d9:38:15:04:bd:9e:72:18:b7:96:90:83:ee:
                    81:f8:a5:19:94:cf:66:d3:ec:01:85:6d:d1:25:c9:
                    ce:e2:eb:e9:f5:22:8e:04:48:60:d3:32:9c:06:02:
                    fa:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:D5:0A:1E:45:B7:CE:82:CF:F9:37:9F:DC:B1:DF:27:9B:3C:12:FA
            X509v3 Authority Key Identifier:
                keyid:3D:60:8F:1A:58:C3:67:A7:8F:93:ED:CE:F6:DA:6E:AC:D0:69:20:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4FCBD94D88BF929AA50D775062E0A115AF04A18FBF4D9FF1512B9CBA509E4042/0/3D608F1A58C367A78F93EDCEF6DA6EACD069209B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D608F1A58C367A78F93EDCEF6DA6EACD069209B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4FCBD94D88BF929AA50D775062E0A115AF04A18FBF4D9FF1512B9CBA509E4042/0/3139302e35322e3131382e302f32342d3234203d3e2037313535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.52.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:19:5c:ff:26:f8:05:78:d8:c9:0c:a7:fa:ac:99:4e:50:bf:
         ea:7c:07:b6:ea:f7:db:4d:0d:62:dd:43:76:23:7d:ab:19:3b:
         4b:ed:85:99:9d:f3:88:2a:a0:03:da:25:2f:c0:93:7d:3e:59:
         fe:53:81:cc:b8:bd:1b:5c:ad:ca:7a:06:6f:2f:56:3c:cf:b2:
         08:0a:f7:e1:e4:fc:d9:96:41:a3:0a:d8:45:e8:36:b0:f8:24:
         c6:dc:aa:cd:7a:4e:bd:fd:74:94:af:da:ff:f5:3c:5e:a3:97:
         0a:2f:7c:b6:9a:17:f6:24:34:24:ee:9c:47:34:60:7c:06:c0:
         8f:08:90:6d:8e:23:af:86:b5:59:79:eb:c5:0c:eb:24:1d:6b:
         49:bd:1b:54:1f:d3:f9:f3:25:f3:b9:d0:e2:cc:c2:e0:80:fc:
         4e:dc:d1:d6:2d:8a:ea:42:c6:7b:03:0f:dd:db:2e:20:26:f1:
         cb:af:1e:5d:3a:ec:ba:cb:48:c5:03:a2:60:3f:d7:4c:62:6a:
         10:d5:01:56:8c:c1:69:70:3c:d6:78:a2:66:15:ad:07:bc:ef:
         ec:a0:8e:ed:a8:ff:5b:ec:ac:c6:05:eb:22:bb:57:c5:e6:ad:
         43:40:1c:9f:9b:03:77:68:28:61:8e:21:c2:0a:db:c9:91:50:
         7b:fb:fc:1f
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIURdlghDwDzTTBDhXrvN0/JEGkNvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Q2MDhGMUE1OEMzNjdBNzhGOTNFRENFRjZEQTZFQUNE
MDY5MjA5QjAeFw0yNDAzMTMxOTM1MDJaFw0yNTAzMTIxOTQwMDJaMDMxMTAvBgNV
BAMTKEIwRDUwQTFFNDVCN0NFODJDRkY5Mzc5RkRDQjFERjI3OUIzQzEyRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ7Mxi0Bia0fivtX9K6HG37cjh
iJPwcXH4tYZpzjHFZRMrjVegd9EmYybwkmSuqlJFU8DMe5NZPE69wVAI0zdjWied
k0Dnxe9dV38oLa4ObLo3C91i02N3ReOYP5TlJavgHgSdBBce+yhy7n+SrbPyns2Y
8KXOD36OUpGLJtUN2pjVYIZRxoShPTPCLDvXZnfCIrZdQWET6hkciDsIzXczErFh
SRay22bt2ZpaMnRd4zYL8AgpXj8Y956uLg0VSusf5LdqpRRnhORkNyzLkW0huE24
2TgVBL2echi3lpCD7oH4pRmUz2bT7AGFbdElyc7i6+n1Io4ESGDTMpwGAvrbAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUsNUKHkW3zoLP+Tef3LHfJ5s8EvowHwYDVR0j
BBgwFoAUPWCPGljDZ6ePk+3O9tpurNBpIJswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80RkNCRDk0RDg4QkY5MjlBQTUwRDc3NTA2MkUwQTExNUFG
MDRBMThGQkY0RDlGRjE1MTJCOUNCQTUwOUU0MDQyLzAvM0Q2MDhGMUE1OEMzNjdB
NzhGOTNFRENFRjZEQTZFQUNEMDY5MjA5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRDYwOEYxQTU4QzM2N0E3OEY5
M0VEQ0VGNkRBNkVBQ0QwNjkyMDlCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEZDQkQ5NEQ4OEJGOTI5QUE1MEQ3NzUwNjJFMEExMTVBRjA0QTE4RkJG
NEQ5RkYxNTEyQjlDQkE1MDlFNDA0Mi8wLzMxMzkzMDJlMzUzMjJlMzEzMTM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzczMTM1MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+NHYwDQYJ
KoZIhvcNAQELBQADggEBAI8ZXP8m+AV42MkMp/qsmU5Qv+p8B7bq99tNDWLdQ3Yj
fasZO0vthZmd84gqoAPaJS/Ak30+Wf5Tgcy4vRtcrcp6Bm8vVjzPsggK9+Hk/NmW
QaMK2EXoNrD4JMbcqs16Tr39dJSv2v/1PF6jlwovfLaaF/YkNCTunEc0YHwGwI8I
kG2OI6+GtVl568UM6yQda0m9G1Qf0/nzJfO50OLMwuCA/E7c0dYtiupCxnsDD93b
LiAm8cuvHl067LrLSMUDomA/10xiahDVAVaMwWlwPNZ4omYVrQe87+ygju2o/1vs
rMYF6yK7V8XmrUNAHJ+bA3doKGGOIcIK28mRUHv7/B8=
-----END CERTIFICATE-----