Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3934303a3a2f34382d3438203d3e203134303830.roa
File:                     323830303a3830303a3934303a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          d7iOEmnG3rEIoKMSvXWPMoTT6tifb+e9wjnHgS74OdA=
Subject key identifier:   3B:C2:F1:BA:36:3C:68:C7:DB:27:DF:1C:22:AC:CE:36:EA:79:86:FA
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       4310AAF261D3CCC7334782BDB3F5BC708FFA39EE
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3934303a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 04 Feb 2025 18:05:19 +0000
ROA not before:           Tue 04 Feb 2025 18:00:19 +0000
ROA not after:            Tue 03 Feb 2026 18:05:19 +0000
asID:                     14080
IP address blocks:        2800:800:940::/48 maxlen: 48
Validation:               Failed, certificate revoked on Thu 06 Feb 2025 19:25:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:10:aa:f2:61:d3:cc:c7:33:47:82:bd:b3:f5:bc:70:8f:fa:39:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Feb  4 18:00:19 2025 GMT
            Not After : Feb  3 18:05:19 2026 GMT
        Subject: CN=3BC2F1BA363C68C7DB27DF1C22ACCE36EA7986FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:97:fe:e3:d1:0e:b5:27:07:69:55:9e:1d:a3:
                    92:64:ce:ad:a5:dc:26:19:dc:e5:8c:e2:52:89:f4:
                    51:bc:31:1d:92:62:05:75:b9:3b:98:0a:3b:a2:5e:
                    46:5d:79:3f:ce:78:03:64:1e:ff:8c:9f:a9:1f:1b:
                    5d:5e:d7:a7:49:92:0e:03:e5:97:ca:aa:b8:35:eb:
                    3f:44:5b:e1:e8:ca:aa:be:73:72:9b:5f:83:7c:f3:
                    b4:7b:26:4a:2a:d8:d2:09:84:3c:7a:84:60:fa:df:
                    f4:01:0f:b3:3d:45:14:85:b9:ff:65:87:0d:5a:1c:
                    d4:27:29:5d:76:8d:66:3c:b0:fd:05:df:e2:9e:65:
                    07:8a:5b:22:86:29:c7:2d:01:7e:fc:f1:9d:78:09:
                    4b:3b:8f:d1:94:5f:40:ba:48:48:d6:c2:e3:5d:e6:
                    9f:de:d5:5a:e2:66:72:ae:c6:cb:ad:f2:68:72:f9:
                    56:9d:81:07:7a:cc:d4:9a:b5:fa:f9:a6:da:6c:6f:
                    61:2f:b3:bf:97:84:c5:61:37:df:25:5c:cf:a7:c8:
                    33:cb:7f:cf:29:39:71:7c:6e:76:8e:20:aa:5f:70:
                    9c:29:74:f0:78:d8:76:63:70:c1:6f:36:6c:56:e1:
                    9e:1b:7d:41:2d:17:54:c1:34:a8:49:8d:47:55:55:
                    e9:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:C2:F1:BA:36:3C:68:C7:DB:27:DF:1C:22:AC:CE:36:EA:79:86:FA
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3934303a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:800:940::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:12:90:31:cc:77:6f:a2:5c:4d:a7:af:a8:31:97:94:3a:91:
         55:b9:f9:dd:ea:7f:5a:35:74:1c:38:14:24:83:da:1a:a9:f9:
         1d:75:41:dc:07:1e:9b:52:1d:87:bf:6d:41:b3:c2:5d:8a:13:
         e8:b0:48:46:fd:7b:5f:05:6d:2f:ad:81:1d:77:ba:02:d0:b3:
         08:bf:13:e6:ea:4a:68:4d:29:ab:42:89:a9:32:82:09:0d:11:
         05:31:e1:f7:94:b7:02:80:70:04:d3:fe:2f:c3:d0:d0:b8:d1:
         fd:ee:2b:ce:9f:46:06:5f:11:2d:5d:f2:c1:24:61:23:c8:04:
         fe:c5:cf:21:c8:2b:a1:d4:06:d3:71:dd:4a:81:63:7e:1a:22:
         69:db:36:eb:64:b3:f2:c1:ae:36:87:38:ea:19:c3:fc:b2:60:
         02:99:20:fa:b7:e0:47:46:df:e4:9b:91:bc:8e:ea:c8:69:ae:
         af:d6:bd:02:1f:47:b4:47:22:37:b5:56:83:6b:46:ff:1c:d2:
         65:1f:6a:36:f1:70:a9:e4:ef:40:3b:6e:47:e6:61:b6:81:3b:
         d5:be:ab:e8:0d:9f:de:d8:53:ee:74:66:96:01:46:cd:49:d5:
         a6:32:d8:73:9d:cc:d0:80:fc:57:cc:0d:ab:39:17:f2:b3:46:
         91:49:0d:f8
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUQxCq8mHTzMczR4K9s/W8cI/6Oe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNTAyMDQxODAwMTlaFw0yNjAyMDMxODA1MTlaMDMxMTAvBgNV
BAMTKDNCQzJGMUJBMzYzQzY4QzdEQjI3REYxQzIyQUNDRTM2RUE3OTg2RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCl/7j0Q61JwdpVZ4do5Jkzq2l
3CYZ3OWM4lKJ9FG8MR2SYgV1uTuYCjuiXkZdeT/OeANkHv+Mn6kfG11e16dJkg4D
5ZfKqrg16z9EW+Hoyqq+c3KbX4N887R7Jkoq2NIJhDx6hGD63/QBD7M9RRSFuf9l
hw1aHNQnKV12jWY8sP0F3+KeZQeKWyKGKcctAX788Z14CUs7j9GUX0C6SEjWwuNd
5p/e1VriZnKuxsut8mhy+VadgQd6zNSatfr5ptpsb2Evs7+XhMVhN98lXM+nyDPL
f88pOXF8bnaOIKpfcJwpdPB42HZjcMFvNmxW4Z4bfUEtF1TBNKhJjUdVVelhAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUO8LxujY8aMfbJ98cIqzONup5hvowHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMyMzgzMDMwM2EzODMwMzAzYTM5MzQz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAgACUAwDQYJKoZIhvcNAQELBQADggEBAFISkDHMd2+iXE2nr6gxl5Q6kVW5+d3q
f1o1dBw4FCSD2hqp+R11QdwHHptSHYe/bUGzwl2KE+iwSEb9e18FbS+tgR13ugLQ
swi/E+bqSmhNKatCiakyggkNEQUx4feUtwKAcATT/i/D0NC40f3uK86fRgZfES1d
8sEkYSPIBP7FzyHIK6HUBtNx3UqBY34aImnbNutks/LBrjaHOOoZw/yyYAKZIPq3
4EdG3+SbkbyO6shprq/WvQIfR7RHIje1VoNrRv8c0mUfajbxcKnk70A7bkfmYbaB
O9W+q+gNn97YU+50ZpYBRs1J1aYy2HOdzNCA/FfMDas5F/KzRpFJDfg=
-----END CERTIFICATE-----