Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/53436176F4917FAF54ECEB37027784BC7A58A4029F883D048E84F416CAC7BB91/0/3133312e3130382e34312e302f32342d3234203d3e203532343338.roa
File:                     3133312e3130382e34312e302f32342d3234203d3e203532343338.roa (raw, json)
Hash identifier:          SH/VBH3IVKHo1Uvk9R/w+uxAegPMe0U/T+IJ3VF7Y8U=
Subject key identifier:   88:7D:4C:10:F1:E0:DF:FA:28:E8:C4:74:61:91:1D:CD:1F:C4:87:03
Certificate issuer:       /CN=A537F8449EAA5150B4958CB0F49E0C2358347988
Certificate serial:       2B30F33A9845A904743AC091347CC08699D77972
Authority key identifier: A5:37:F8:44:9E:AA:51:50:B4:95:8C:B0:F4:9E:0C:23:58:34:79:88
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A537F8449EAA5150B4958CB0F49E0C2358347988.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/53436176F4917FAF54ECEB37027784BC7A58A4029F883D048E84F416CAC7BB91/0/3133312e3130382e34312e302f32342d3234203d3e203532343338.roa
Signing time:             Tue 05 Mar 2024 17:40:34 +0000
ROA not before:           Tue 05 Mar 2024 17:35:34 +0000
ROA not after:            Tue 04 Mar 2025 17:40:34 +0000
asID:                     52438
IP address blocks:        131.108.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Jul 2024 15:15:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:30:f3:3a:98:45:a9:04:74:3a:c0:91:34:7c:c0:86:99:d7:79:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A537F8449EAA5150B4958CB0F49E0C2358347988
        Validity
            Not Before: Mar  5 17:35:34 2024 GMT
            Not After : Mar  4 17:40:34 2025 GMT
        Subject: CN=887D4C10F1E0DFFA28E8C47461911DCD1FC48703
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b1:c7:32:eb:3d:9a:d1:30:d4:4e:06:c7:9a:
                    83:d2:92:f5:ef:3c:6e:23:81:de:8f:6e:99:c6:0b:
                    94:2a:f2:0f:9b:10:f3:d7:54:23:5a:d5:9c:90:20:
                    f0:dd:b1:0f:8e:8c:3b:b4:b8:5b:d6:b2:1e:dc:52:
                    74:ed:97:b2:50:be:33:7a:06:d5:f2:ed:8b:14:54:
                    70:31:47:4d:3b:08:d0:42:c7:d3:d0:d3:d9:13:37:
                    be:5e:46:b3:18:d6:96:aa:ff:b6:c3:1d:5b:75:cd:
                    2b:42:ca:9e:ec:28:27:19:b5:65:ef:5b:a1:c3:da:
                    a7:f3:2d:e1:e3:ba:ee:de:aa:bb:2a:0e:a6:dc:39:
                    b7:58:48:7f:9d:a5:c7:23:a3:ba:12:14:57:77:97:
                    03:ac:01:6f:6d:f3:49:15:bd:7c:ec:a6:73:fa:77:
                    6b:4d:76:82:13:73:6a:1f:27:cb:a5:be:88:37:01:
                    e1:fa:bf:4d:eb:ea:99:65:e7:0a:78:22:a2:3f:cd:
                    cf:d9:d3:cf:11:ab:31:a9:6b:28:c1:1b:c3:c3:53:
                    6a:e0:61:8d:71:f6:fb:4f:47:77:54:23:02:01:a6:
                    c4:77:6f:e6:58:84:2a:a3:e1:1d:89:9e:31:23:b5:
                    f2:3f:bd:6f:d9:45:26:e9:8f:7b:38:e8:7e:57:40:
                    1f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:7D:4C:10:F1:E0:DF:FA:28:E8:C4:74:61:91:1D:CD:1F:C4:87:03
            X509v3 Authority Key Identifier:
                keyid:A5:37:F8:44:9E:AA:51:50:B4:95:8C:B0:F4:9E:0C:23:58:34:79:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/53436176F4917FAF54ECEB37027784BC7A58A4029F883D048E84F416CAC7BB91/0/A537F8449EAA5150B4958CB0F49E0C2358347988.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A537F8449EAA5150B4958CB0F49E0C2358347988.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/53436176F4917FAF54ECEB37027784BC7A58A4029F883D048E84F416CAC7BB91/0/3133312e3130382e34312e302f32342d3234203d3e203532343338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.108.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:b2:c4:e7:8d:ae:3c:c9:89:4a:e3:3d:89:d9:b2:a6:a3:2a:
         a4:fe:b7:52:5b:b2:a2:91:1d:e5:c4:f2:e1:3b:d7:c5:c2:d0:
         c4:f3:0a:8f:13:f6:c8:76:0b:ce:4f:83:af:f4:6b:21:32:77:
         6f:d4:a5:34:ce:82:ce:c8:04:8a:64:75:69:b6:7c:ff:36:5b:
         64:d5:62:d6:c2:31:26:72:14:44:6f:99:73:7b:af:86:52:80:
         f6:6f:39:c9:4d:01:e1:d2:62:79:42:b5:0f:47:5e:5b:20:34:
         08:5e:8f:c6:a6:af:73:74:ee:70:aa:f7:d3:1b:c1:5f:e1:61:
         4b:8e:82:26:c3:b6:49:3a:77:10:64:6f:29:b2:1d:fb:5d:c3:
         ee:49:88:0b:28:cd:64:29:ae:08:2c:79:a4:d5:28:05:07:7f:
         d0:af:74:2a:41:16:eb:ea:72:ba:55:4f:8b:38:49:b6:ac:58:
         a8:bd:56:d7:85:14:30:a9:94:69:5d:ec:ed:ee:b3:52:f8:e1:
         aa:42:3f:9b:0e:93:44:ff:e6:d3:5a:e5:2a:fc:85:34:ae:8f:
         79:1d:72:0c:3d:7f:1f:a3:6c:36:5b:c2:df:fb:12:2a:7a:73:
         cd:fb:85:f3:05:5e:81:d0:f2:6b:b6:cf:22:13:93:48:ba:48:
         a8:73:ef:3e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUKzDzOphFqQR0OsCRNHzAhpnXeXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTUzN0Y4NDQ5RUFBNTE1MEI0OTU4Q0IwRjQ5RTBDMjM1
ODM0Nzk4ODAeFw0yNDAzMDUxNzM1MzRaFw0yNTAzMDQxNzQwMzRaMDMxMTAvBgNV
BAMTKDg4N0Q0QzEwRjFFMERGRkEyOEU4QzQ3NDYxOTExRENEMUZDNDg3MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEsccy6z2a0TDUTgbHmoPSkvXv
PG4jgd6PbpnGC5Qq8g+bEPPXVCNa1ZyQIPDdsQ+OjDu0uFvWsh7cUnTtl7JQvjN6
BtXy7YsUVHAxR007CNBCx9PQ09kTN75eRrMY1paq/7bDHVt1zStCyp7sKCcZtWXv
W6HD2qfzLeHjuu7eqrsqDqbcObdYSH+dpccjo7oSFFd3lwOsAW9t80kVvXzspnP6
d2tNdoITc2ofJ8ulvog3AeH6v03r6pll5wp4IqI/zc/Z088RqzGpayjBG8PDU2rg
YY1x9vtPR3dUIwIBpsR3b+ZYhCqj4R2JnjEjtfI/vW/ZRSbpj3s46H5XQB+ZAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUiH1MEPHg3/oo6MR0YZEdzR/EhwMwHwYDVR0j
BBgwFoAUpTf4RJ6qUVC0lYyw9J4MI1g0eYgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MzQzNjE3NkY0OTE3RkFGNTRFQ0VCMzcwMjc3ODRCQzdB
NThBNDAyOUY4ODNEMDQ4RTg0RjQxNkNBQzdCQjkxLzAvQTUzN0Y4NDQ5RUFBNTE1
MEI0OTU4Q0IwRjQ5RTBDMjM1ODM0Nzk4OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNTM3Rjg0NDlFQUE1MTUwQjQ5
NThDQjBGNDlFMEMyMzU4MzQ3OTg4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTM0MzYxNzZGNDkxN0ZBRjU0RUNFQjM3MDI3Nzg0QkM3QTU4QTQwMjlG
ODgzRDA0OEU4NEY0MTZDQUM3QkI5MS8wLzMxMzMzMTJlMzEzMDM4MmUzNDMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjM0MzMzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAINsKTAN
BgkqhkiG9w0BAQsFAAOCAQEApLLE542uPMmJSuM9idmypqMqpP63UluyopEd5cTy
4TvXxcLQxPMKjxP2yHYLzk+Dr/RrITJ3b9SlNM6CzsgEimR1abZ8/zZbZNVi1sIx
JnIURG+Zc3uvhlKA9m85yU0B4dJieUK1D0deWyA0CF6Pxqavc3TucKr30xvBX+Fh
S46CJsO2STp3EGRvKbId+13D7kmICyjNZCmuCCx5pNUoBQd/0K90KkEW6+pyulVP
izhJtqxYqL1W14UUMKmUaV3s7e6zUvjhqkI/mw6TRP/m01rlKvyFNK6PeR1yDD1/
H6NsNlvC3/sSKnpzzfuF8wVegdDya7bPIhOTSLpIqHPvPg==
-----END CERTIFICATE-----
Generated at Sun Jul 7 16:54:12 2024 by rpki-client on console-ams.rpki-client.org