Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51E523A47843A96CCBD949FDF72C80642205A6F5B61CB329F665368A48B2A5A1/0/323830303a65303a3a2f32382d3438203d3e203133343839.roa
File:                     323830303a65303a3a2f32382d3438203d3e203133343839.roa (raw, json)
Hash identifier:          f6w4+Hl2WooSpWgIyP/COkRAdoLm4aU9SVQ0zWFsLKo=
Subject key identifier:   52:9B:05:F8:DF:63:2A:3D:F9:7B:D9:76:1D:13:95:CC:92:A3:10:8F
Certificate issuer:       /CN=34039F5BADECD4DFB42E3F4E0C5ECE97A30180A7
Certificate serial:       14C6410618578E0030CB15410474EB177F25D600
Authority key identifier: 34:03:9F:5B:AD:EC:D4:DF:B4:2E:3F:4E:0C:5E:CE:97:A3:01:80:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/34039F5BADECD4DFB42E3F4E0C5ECE97A30180A7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51E523A47843A96CCBD949FDF72C80642205A6F5B61CB329F665368A48B2A5A1/0/323830303a65303a3a2f32382d3438203d3e203133343839.roa
Signing time:             Tue 05 Mar 2024 18:07:01 +0000
ROA not before:           Tue 05 Mar 2024 18:02:01 +0000
ROA not after:            Tue 04 Mar 2025 18:07:01 +0000
asID:                     13489
IP address blocks:        2800:e0::/28 maxlen: 48

Validation:               Failed, certificate revoked on Mon 30 Sep 2024 22:20:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:c6:41:06:18:57:8e:00:30:cb:15:41:04:74:eb:17:7f:25:d6:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34039F5BADECD4DFB42E3F4E0C5ECE97A30180A7
        Validity
            Not Before: Mar  5 18:02:01 2024 GMT
            Not After : Mar  4 18:07:01 2025 GMT
        Subject: CN=529B05F8DF632A3DF97BD9761D1395CC92A3108F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ab:6d:0f:30:4f:c5:de:51:21:5b:4e:a7:f1:
                    0d:3d:50:c4:1a:9f:30:c1:8b:8a:bf:4e:1c:9e:91:
                    b6:29:dc:2b:69:0f:fe:4e:cd:10:bc:17:b9:2c:4e:
                    59:e5:5c:04:bd:68:7e:b7:b7:73:5a:7e:e1:43:bd:
                    eb:09:17:53:7c:a9:7f:19:da:f6:2b:e7:4c:3f:35:
                    a4:9d:bf:17:8f:18:2b:39:89:ff:8f:1f:97:1a:78:
                    ce:dd:87:09:ce:0b:2e:12:d1:51:ab:cf:1a:a7:a0:
                    a8:ea:2d:27:f7:15:3f:c0:8c:5d:fe:f5:cf:14:67:
                    f2:23:1f:7d:e2:56:16:3d:3b:72:01:85:19:fb:46:
                    20:99:e1:b8:1b:d8:f9:d5:cd:89:be:cb:a5:8b:b3:
                    f2:6f:6a:b2:d8:b3:50:ac:63:49:92:a7:7a:ff:37:
                    d1:27:3b:97:a7:30:0f:74:b4:26:d7:39:e4:e5:70:
                    15:96:bf:25:e8:f1:ac:34:a5:53:05:4f:d4:26:55:
                    b1:f6:e8:c2:02:c1:68:3d:a0:cf:f5:5e:a9:d9:25:
                    57:c5:c2:ba:b0:92:17:37:b7:48:15:c0:72:22:7f:
                    38:81:63:7a:0b:62:f0:77:60:0c:53:bf:0a:8a:ab:
                    3a:95:31:e9:fc:51:e1:dc:96:e0:25:51:4a:0a:9d:
                    f1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:9B:05:F8:DF:63:2A:3D:F9:7B:D9:76:1D:13:95:CC:92:A3:10:8F
            X509v3 Authority Key Identifier:
                keyid:34:03:9F:5B:AD:EC:D4:DF:B4:2E:3F:4E:0C:5E:CE:97:A3:01:80:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51E523A47843A96CCBD949FDF72C80642205A6F5B61CB329F665368A48B2A5A1/0/34039F5BADECD4DFB42E3F4E0C5ECE97A30180A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/34039F5BADECD4DFB42E3F4E0C5ECE97A30180A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51E523A47843A96CCBD949FDF72C80642205A6F5B61CB329F665368A48B2A5A1/0/323830303a65303a3a2f32382d3438203d3e203133343839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:e0::/28

    Signature Algorithm: sha256WithRSAEncryption
         9a:8a:59:7a:f3:7a:57:5f:eb:e0:04:f3:5a:80:cb:9c:e5:44:
         99:c5:68:6e:ab:f1:2f:b5:61:95:3f:02:b4:c3:33:0c:f5:ba:
         8c:02:c3:79:6b:11:4b:11:e1:c6:f4:7f:3c:67:0a:c1:0c:24:
         a6:1f:a7:1e:62:ce:01:20:64:a8:21:08:fc:e6:9c:79:e9:dc:
         3a:88:32:58:0d:36:1c:95:67:5b:4b:13:ee:f6:2c:76:b6:08:
         ea:6a:23:28:83:80:93:b3:9d:7f:72:06:17:aa:5d:c7:b9:88:
         50:0d:ab:0a:ca:71:cd:a9:00:ff:ef:cd:ec:cb:1c:c4:c4:a1:
         8f:34:51:74:31:62:2d:de:f5:5f:6c:1a:eb:bb:8e:b0:63:fb:
         7c:49:ea:70:5a:75:7b:e5:74:c8:13:c2:2d:15:45:03:61:38:
         df:76:30:19:43:18:13:5d:7b:04:40:67:4f:e8:75:5c:6f:fd:
         70:ab:1a:45:74:53:70:ab:ee:f6:f9:84:62:03:16:ee:a2:3a:
         4b:db:be:01:c1:26:25:a9:53:fa:60:c5:bc:fc:90:12:73:52:
         a7:27:51:ef:3c:3d:87:a5:04:4f:ca:51:ae:21:64:22:44:0d:
         ce:8f:04:ed:e4:d5:88:80:9b:4f:bd:ef:bf:79:f1:5f:55:a9:
         35:c0:a4:f7
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIUFMZBBhhXjgAwyxVBBHTrF38l1gAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzQwMzlGNUJBREVDRDRERkI0MkUzRjRFMEM1RUNFOTdB
MzAxODBBNzAeFw0yNDAzMDUxODAyMDFaFw0yNTAzMDQxODA3MDFaMDMxMTAvBgNV
BAMTKDUyOUIwNUY4REY2MzJBM0RGOTdCRDk3NjFEMTM5NUNDOTJBMzEwOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2q20PME/F3lEhW06n8Q09UMQa
nzDBi4q/ThyekbYp3CtpD/5OzRC8F7ksTlnlXAS9aH63t3NafuFDvesJF1N8qX8Z
2vYr50w/NaSdvxePGCs5if+PH5caeM7dhwnOCy4S0VGrzxqnoKjqLSf3FT/AjF3+
9c8UZ/IjH33iVhY9O3IBhRn7RiCZ4bgb2PnVzYm+y6WLs/JvarLYs1CsY0mSp3r/
N9EnO5enMA90tCbXOeTlcBWWvyXo8aw0pVMFT9QmVbH26MICwWg9oM/1XqnZJVfF
wrqwkhc3t0gVwHIifziBY3oLYvB3YAxTvwqKqzqVMen8UeHcluAlUUoKnfHHAgMB
AAGjggLDMIICvzAdBgNVHQ4EFgQUUpsF+N9jKj35e9l2HROVzJKjEI8wHwYDVR0j
BBgwFoAUNAOfW63s1N+0Lj9ODF7Ol6MBgKcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MUU1MjNBNDc4NDNBOTZDQ0JEOTQ5RkRGNzJDODA2NDIy
MDVBNkY1QjYxQ0IzMjlGNjY1MzY4QTQ4QjJBNUExLzAvMzQwMzlGNUJBREVDRDRE
RkI0MkUzRjRFMEM1RUNFOTdBMzAxODBBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNDAzOUY1QkFERUNENERGQjQy
RTNGNEUwQzVFQ0U5N0EzMDE4MEE3LmNlcjCBwQYIKwYBBQUHAQsEgbQwgbEwga4G
CCsGAQUFBzALhoGhcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTFFNTIzQTQ3ODQzQTk2Q0NCRDk0OUZERjcyQzgwNjQyMjA1QTZGNUI2
MUNCMzI5RjY2NTM2OEE0OEIyQTVBMS8wLzMyMzgzMDMwM2E2NTMwM2EzYTJmMzIz
ODJkMzQzODIwM2QzZTIwMzEzMzM0MzgzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCgAAOAwDQYJKoZI
hvcNAQELBQADggEBAJqKWXrzeldf6+AE81qAy5zlRJnFaG6r8S+1YZU/ArTDMwz1
uowCw3lrEUsR4cb0fzxnCsEMJKYfpx5izgEgZKghCPzmnHnp3DqIMlgNNhyVZ1tL
E+72LHa2COpqIyiDgJOznX9yBheqXce5iFANqwrKcc2pAP/vzezLHMTEoY80UXQx
Yi3e9V9sGuu7jrBj+3xJ6nBadXvldMgTwi0VRQNhON92MBlDGBNdewRAZ0/odVxv
/XCrGkV0U3Cr7vb5hGIDFu6iOkvbvgHBJiWpU/pgxbz8kBJzUqcnUe88PYelBE/K
Ua4hZCJEDc6PBO3k1YiAm0+977958V9VqTXApPc=
-----END CERTIFICATE-----
Generated at Mon Sep 30 23:14:55 2024 by rpki-client on console-fra.rpki-client.org