Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3937303a3a2f34382d3438203d3e203134303830.roa
File:                     323830303a3830303a3937303a3a2f34382d3438203d3e203134303830.roa (raw, json)
Hash identifier:          iyPnh2C9p8UHeRYbQA6fNDZor7y6JsDuPzsHZypWSIs=
Subject key identifier:   BB:F2:16:D0:7B:3C:E0:DF:E3:7D:11:11:5A:C0:A1:B4:90:EC:4B:A5
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       4D991433152E96940310BE305FB4A56F0AEE4886
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3937303a3a2f34382d3438203d3e203134303830.roa
Signing time:             Tue 04 Feb 2025 18:05:19 +0000
ROA not before:           Tue 04 Feb 2025 18:00:19 +0000
ROA not after:            Tue 03 Feb 2026 18:05:19 +0000
asID:                     14080
IP address blocks:        2800:800:970::/48 maxlen: 48
Validation:               Failed, certificate revoked on Thu 06 Feb 2025 19:25:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:99:14:33:15:2e:96:94:03:10:be:30:5f:b4:a5:6f:0a:ee:48:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Feb  4 18:00:19 2025 GMT
            Not After : Feb  3 18:05:19 2026 GMT
        Subject: CN=BBF216D07B3CE0DFE37D11115AC0A1B490EC4BA5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:a6:ed:a9:2f:4b:77:7f:33:79:d0:3b:b5:79:
                    8e:f2:68:26:20:ee:f1:db:58:96:80:41:eb:53:91:
                    6c:80:78:13:5a:9c:a2:ca:84:12:39:ad:88:17:95:
                    16:2e:21:67:d6:25:e0:60:1f:f9:3e:9b:08:b4:0c:
                    7e:2e:b0:51:4f:c4:3d:76:a8:9d:2e:f4:1d:c7:4f:
                    9d:28:ee:82:96:85:93:8c:5b:38:5d:3e:72:95:ee:
                    58:21:77:aa:ec:45:f4:b2:17:ff:1c:15:d0:fb:c2:
                    64:c8:9b:9c:60:be:87:b0:05:83:42:c6:04:65:94:
                    85:99:8d:3f:33:98:79:ff:c3:25:78:41:d9:32:1b:
                    d2:5c:6a:d6:54:cb:c6:e7:c6:74:77:5c:4a:64:e4:
                    27:10:53:92:45:10:35:38:5b:c9:d5:c5:79:e3:d3:
                    2b:49:04:58:10:4e:c8:bb:89:5f:68:8d:f0:90:99:
                    32:e1:ee:95:96:a0:01:ef:1f:0f:de:59:15:92:a5:
                    c4:57:65:83:11:af:a1:e7:cf:26:40:ee:7b:20:e8:
                    ba:a6:27:16:b2:e0:a9:ac:52:a1:25:14:70:01:37:
                    3e:de:2d:12:2c:e3:f2:15:f3:73:2d:d1:3e:53:7e:
                    61:7e:31:67:9a:fd:f7:7c:19:1e:f2:92:f9:a3:32:
                    4c:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:F2:16:D0:7B:3C:E0:DF:E3:7D:11:11:5A:C0:A1:B4:90:EC:4B:A5
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/323830303a3830303a3937303a3a2f34382d3438203d3e203134303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:800:970::/48

    Signature Algorithm: sha256WithRSAEncryption
         b5:de:5f:5a:b5:0b:08:12:7e:05:92:ce:d7:14:89:fe:dc:48:
         f7:7b:ff:90:43:4a:0b:31:cc:23:1a:7d:1e:4a:fc:9f:af:a3:
         f1:85:61:d0:26:b3:58:d5:d4:23:38:d5:79:98:3b:bd:30:88:
         c5:0c:7f:d7:0d:77:b0:34:66:5f:59:ff:77:28:ab:d1:de:f2:
         3e:53:c0:cc:0a:2b:44:a3:84:4b:10:f1:53:43:10:34:a5:88:
         85:92:9e:de:7b:96:74:df:d1:65:22:c0:b0:48:4c:f7:1b:98:
         ff:c1:cf:ae:13:0e:c0:5b:fe:87:f4:23:c4:7e:0d:f0:03:d2:
         d8:a0:af:c0:cf:74:04:68:fc:52:67:4b:62:87:39:b2:b9:75:
         4a:50:8e:c6:5b:40:70:90:ec:81:ac:e3:34:8d:1a:4f:3a:66:
         93:7c:43:37:e6:63:af:de:ae:75:dc:5c:bb:6d:61:37:59:f8:
         12:11:23:2f:01:44:0d:ba:44:cb:d1:3e:b6:6c:8e:4c:34:9a:
         96:f8:bc:66:30:6c:31:58:97:d4:73:a2:c9:a8:2f:3e:00:92:
         ba:6f:31:df:3a:95:a2:ff:f0:41:66:ae:58:37:53:67:71:d1:
         c5:1f:02:45:94:c3:f7:64:65:f2:14:73:5a:d9:2f:b9:51:19:
         8a:d6:08:ca
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUTZkUMxUulpQDEL4wX7SlbwruSIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNTAyMDQxODAwMTlaFw0yNjAyMDMxODA1MTlaMDMxMTAvBgNV
BAMTKEJCRjIxNkQwN0IzQ0UwREZFMzdEMTExMTVBQzBBMUI0OTBFQzRCQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbpu2pL0t3fzN50Du1eY7yaCYg
7vHbWJaAQetTkWyAeBNanKLKhBI5rYgXlRYuIWfWJeBgH/k+mwi0DH4usFFPxD12
qJ0u9B3HT50o7oKWhZOMWzhdPnKV7lghd6rsRfSyF/8cFdD7wmTIm5xgvoewBYNC
xgRllIWZjT8zmHn/wyV4QdkyG9JcatZUy8bnxnR3XEpk5CcQU5JFEDU4W8nVxXnj
0ytJBFgQTsi7iV9ojfCQmTLh7pWWoAHvHw/eWRWSpcRXZYMRr6HnzyZA7nsg6Lqm
Jxay4KmsUqElFHABNz7eLRIs4/IV83Mt0T5TfmF+MWea/fd8GR7ykvmjMkxXAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUu/IW0Hs84N/jfRERWsChtJDsS6UwHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMyMzgzMDMwM2EzODMwMzAzYTM5Mzcz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM4MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAgACXAwDQYJKoZIhvcNAQELBQADggEBALXeX1q1CwgSfgWSztcUif7cSPd7/5BD
SgsxzCMafR5K/J+vo/GFYdAms1jV1CM41XmYO70wiMUMf9cNd7A0Zl9Z/3coq9He
8j5TwMwKK0SjhEsQ8VNDEDSliIWSnt57lnTf0WUiwLBITPcbmP/Bz64TDsBb/of0
I8R+DfAD0tigr8DPdARo/FJnS2KHObK5dUpQjsZbQHCQ7IGs4zSNGk86ZpN8Qzfm
Y6/ernXcXLttYTdZ+BIRIy8BRA26RMvRPrZsjkw0mpb4vGYwbDFYl9RzosmoLz4A
krpvMd86laL/8EFmrlg3U2dx0cUfAkWUw/dkZfIUc1rZL7lRGYrWCMo=
-----END CERTIFICATE-----