Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4FCBD94D88BF929AA50D775062E0A115AF04A18FBF4D9FF1512B9CBA509E4042/0/3139302e35322e3132342e302f32342d3234203d3e2037313535.roa
File:                     3139302e35322e3132342e302f32342d3234203d3e2037313535.roa (raw, json)
Hash identifier:          0mFWVZy3k1hFaXmv8YVkfRETxfT5Z+zofgxjCXRat0A=
Subject key identifier:   A7:4A:60:7D:FE:49:F6:EF:5A:CD:23:B5:49:31:23:CD:8A:3C:80:AF
Certificate issuer:       /CN=3D608F1A58C367A78F93EDCEF6DA6EACD069209B
Certificate serial:       20767C2E850A37BD0C451D750BCBFE76D979BEB3
Authority key identifier: 3D:60:8F:1A:58:C3:67:A7:8F:93:ED:CE:F6:DA:6E:AC:D0:69:20:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D608F1A58C367A78F93EDCEF6DA6EACD069209B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4FCBD94D88BF929AA50D775062E0A115AF04A18FBF4D9FF1512B9CBA509E4042/0/3139302e35322e3132342e302f32342d3234203d3e2037313535.roa
Signing time:             Wed 13 Mar 2024 19:40:00 +0000
ROA not before:           Wed 13 Mar 2024 19:35:00 +0000
ROA not after:            Wed 12 Mar 2025 19:40:00 +0000
asID:                     7155
IP address blocks:        190.52.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 18:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:76:7c:2e:85:0a:37:bd:0c:45:1d:75:0b:cb:fe:76:d9:79:be:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D608F1A58C367A78F93EDCEF6DA6EACD069209B
        Validity
            Not Before: Mar 13 19:35:00 2024 GMT
            Not After : Mar 12 19:40:00 2025 GMT
        Subject: CN=A74A607DFE49F6EF5ACD23B5493123CD8A3C80AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:96:7b:18:ac:2c:2e:0c:d3:2b:69:cc:62:8f:
                    f7:16:38:8d:3e:16:53:fe:2f:45:5c:8a:00:20:68:
                    53:0f:2a:53:00:0f:2d:d5:50:a7:3c:a8:60:0e:b0:
                    db:b7:59:fb:93:54:e1:e1:e5:02:b7:39:11:a4:39:
                    35:23:c6:e3:09:90:16:8b:76:d9:57:9a:e4:44:75:
                    4b:33:25:15:0c:9b:c3:7c:b7:f8:24:ad:7a:a4:17:
                    01:d2:8b:81:60:23:a5:b8:27:e0:d2:1f:ab:97:23:
                    96:9a:72:da:4f:80:9d:ba:f9:6e:ec:82:6f:2c:be:
                    bc:38:0e:99:88:68:d9:89:8f:49:8a:c8:f2:cc:61:
                    80:f5:e7:66:ff:46:2d:39:49:87:24:9f:0f:8f:24:
                    16:70:67:75:87:4c:6a:77:cd:23:df:7d:56:1d:cc:
                    75:2c:b4:cb:00:b3:d0:2e:51:66:e0:93:83:e5:fd:
                    5f:02:51:80:d4:a2:68:27:7e:0d:ff:fb:1e:f2:e3:
                    dd:20:c4:98:9b:dc:b4:51:a1:1e:17:0d:75:d6:94:
                    1f:7d:2d:8c:fe:92:a2:6e:53:94:79:33:9e:6b:6e:
                    95:d3:f6:a0:13:ee:52:b9:d1:60:0d:15:94:06:37:
                    4b:08:e0:79:8f:0b:24:18:f9:0c:4f:10:5a:cc:1e:
                    c0:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:4A:60:7D:FE:49:F6:EF:5A:CD:23:B5:49:31:23:CD:8A:3C:80:AF
            X509v3 Authority Key Identifier:
                keyid:3D:60:8F:1A:58:C3:67:A7:8F:93:ED:CE:F6:DA:6E:AC:D0:69:20:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4FCBD94D88BF929AA50D775062E0A115AF04A18FBF4D9FF1512B9CBA509E4042/0/3D608F1A58C367A78F93EDCEF6DA6EACD069209B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3D608F1A58C367A78F93EDCEF6DA6EACD069209B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4FCBD94D88BF929AA50D775062E0A115AF04A18FBF4D9FF1512B9CBA509E4042/0/3139302e35322e3132342e302f32342d3234203d3e2037313535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.52.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d4:2d:00:d4:34:7d:aa:ad:ea:6a:e9:9b:d5:63:62:61:10:68:
         1e:1f:2f:34:cf:a5:2d:e3:b5:b1:6a:70:f1:17:2c:64:f4:81:
         dc:c7:b8:e2:5a:d5:51:fe:10:c7:cf:7d:9d:fa:1a:f9:01:48:
         67:62:92:34:9b:cc:c6:e2:3b:e6:d5:2c:f1:9c:fc:49:5d:27:
         ef:6f:bf:56:ee:11:b8:ef:95:fd:a4:66:bc:9f:5a:d2:c7:87:
         21:d5:a9:1f:58:d5:30:08:7b:e3:a6:20:ce:75:c2:1f:dc:1e:
         7c:7b:94:2b:a1:ab:b3:c6:ea:a9:54:44:2e:ff:5c:5d:4e:13:
         53:d9:fe:9c:9e:96:cb:88:0e:61:c9:64:1d:69:a1:70:fe:c9:
         17:99:c0:b3:9e:8e:a2:0b:54:66:0c:4f:ed:bb:c7:26:74:94:
         4a:cc:d5:12:6d:f5:f6:be:b8:27:76:63:cb:e2:a0:2d:13:ff:
         1c:f1:68:b6:f5:57:c7:2d:d5:c5:b9:a8:49:6b:59:f4:84:a7:
         83:d1:ff:09:c5:51:ee:7a:d3:51:be:28:2f:80:3a:aa:b8:6f:
         a8:59:6f:95:c0:4d:0a:e4:69:a5:2b:5d:9b:72:45:50:4e:0b:
         f2:87:ef:ec:7c:0b:98:b9:e2:45:0f:bf:a1:61:c0:6d:d3:de:
         18:16:df:6b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUIHZ8LoUKN70MRR11C8v+dtl5vrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Q2MDhGMUE1OEMzNjdBNzhGOTNFRENFRjZEQTZFQUNE
MDY5MjA5QjAeFw0yNDAzMTMxOTM1MDBaFw0yNTAzMTIxOTQwMDBaMDMxMTAvBgNV
BAMTKEE3NEE2MDdERkU0OUY2RUY1QUNEMjNCNTQ5MzEyM0NEOEEzQzgwQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCulnsYrCwuDNMracxij/cWOI0+
FlP+L0VcigAgaFMPKlMADy3VUKc8qGAOsNu3WfuTVOHh5QK3ORGkOTUjxuMJkBaL
dtlXmuREdUszJRUMm8N8t/gkrXqkFwHSi4FgI6W4J+DSH6uXI5aactpPgJ26+W7s
gm8svrw4DpmIaNmJj0mKyPLMYYD152b/Ri05SYcknw+PJBZwZ3WHTGp3zSPffVYd
zHUstMsAs9AuUWbgk4Pl/V8CUYDUomgnfg3/+x7y490gxJib3LRRoR4XDXXWlB99
LYz+kqJuU5R5M55rbpXT9qAT7lK50WANFZQGN0sI4HmPCyQY+QxPEFrMHsA3AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUp0pgff5J9u9azSO1STEjzYo8gK8wHwYDVR0j
BBgwFoAUPWCPGljDZ6ePk+3O9tpurNBpIJswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80RkNCRDk0RDg4QkY5MjlBQTUwRDc3NTA2MkUwQTExNUFG
MDRBMThGQkY0RDlGRjE1MTJCOUNCQTUwOUU0MDQyLzAvM0Q2MDhGMUE1OEMzNjdB
NzhGOTNFRENFRjZEQTZFQUNEMDY5MjA5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRDYwOEYxQTU4QzM2N0E3OEY5
M0VEQ0VGNkRBNkVBQ0QwNjkyMDlCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEZDQkQ5NEQ4OEJGOTI5QUE1MEQ3NzUwNjJFMEExMTVBRjA0QTE4RkJG
NEQ5RkYxNTEyQjlDQkE1MDlFNDA0Mi8wLzMxMzkzMDJlMzUzMjJlMzEzMjM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzczMTM1MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+NHwwDQYJ
KoZIhvcNAQELBQADggEBANQtANQ0faqt6mrpm9VjYmEQaB4fLzTPpS3jtbFqcPEX
LGT0gdzHuOJa1VH+EMfPfZ36GvkBSGdikjSbzMbiO+bVLPGc/EldJ+9vv1buEbjv
lf2kZryfWtLHhyHVqR9Y1TAIe+OmIM51wh/cHnx7lCuhq7PG6qlURC7/XF1OE1PZ
/pyelsuIDmHJZB1poXD+yReZwLOejqILVGYMT+27xyZ0lErM1RJt9fa+uCd2Y8vi
oC0T/xzxaLb1V8ct1cW5qElrWfSEp4PR/wnFUe5601G+KC+AOqq4b6hZb5XATQrk
aaUrXZtyRVBOC/KH7+x8C5i54kUPv6FhwG3T3hgW32s=
-----END CERTIFICATE-----